This chapter covers topics that deal with administering a MySQL installation, such as configuring the server, managing user accounts, and performing backups.
The MySQL server, mysqld
, is the main program that does most of the work in a MySQL installation. The server is accompanied by several related scripts that perform setup operations when you install MySQL or that are helper programs to assist you in starting and stopping the server.
This section provides an overview of the server and related programs, and information about server startup scripts. Information about configuring the server itself is given in Section 4.2, “Configuring the MySQL Server.”
All MySQL programs take many different options. However, every MySQL program provides a --help
option that you can use to get a description of the program’s options. For example, try mysqld --help
.
You can override default options for all standard programs by specifying options on the command line or in an option file. See Section 3.3, “Specifying Program Options.”
The following list briefly describes the MySQL server and server-related programs:
mysqld
The SQL daemon (that is, the MySQL server). To use client programs, this program must be running, because clients gain access to databases by connecting to the server. See Section 4.2, “Configuring the MySQL Server.”
mysqld-max
A version of the server that includes additional features. See Section 4.1.2, “The mysqld-max
Extended MySQL Server.”
A server startup script. mysqld_safe
attempts to start mysqld-max
if it exists, and mysqld
otherwise. See Section 4.1.3, “The mysqld_safe
Server Startup Script.”
mysql.server
A server startup script. This script is used on systems that use run directories containing scripts that start system services for particular run levels. It invokes mysqld_safe
to start the MySQL server. See Section 4.1.4, “The mysql
.server Server Startup Script.”
mysqld_multi
A server startup script that can start or stop multiple servers installed on the system. See Section 4.1.5, “The mysqld_multi
Program for Managing Multiple MySQL Servers.”
mysql_install_db
This script creates the MySQL grant tables with default privileges. It is usually executed only once, when first installing MySQL on a system.
mysql_fix_privilege_tables
This script is used after an upgrade install operation, to update the grant tables with any changes that have been made in newer versions of MySQL.
There are several other programs that also are run on the server host:
myisamchk
A utility to describe, check, optimize, and repair MyISAM
tables. myisamchk
is described in Section 4.6.2, “Table Maintenance and Crash Recovery.”
make_binary_distribution
This program makes a binary release of a compiled MySQL. This could be sent by FTP to /pub/mysql/upload
on ftp.mysql.com
for the convenience of other MySQL users.
mysqlbug
The MySQL bug reporting script. It can be used to send a bug report to the MySQL mailing list. (You can also visit http://bugs.mysql.com/ to file a bug report online.)
A MySQL-Max server is a version of the mysqld
MySQL server that has been built to include additional features.
The distribution to use depends on your platform:
For Windows, MySQL binary distributions include both the standard server (mysqld.exe)
and the MySQL-Max server (mysqld-max.exe
), so you need not get a special distribution. Just use a regular Windows distribution, available at http://dev.mysql.com/downloads/mysql-4.0.html. See Section 2.2.1, “Installing MySQL on Windows.”
For Linux, if you install MySQL using RPM distributions, use the regular MySQL-server
RPM first to install a standard server named mysqld
. Then use the MySQL-Max
RPM to install a server named mysqld-max
. The MySQL-Max
RPM presupposes that you have already installed the regular server RPM. See Section 2.2.2, “Installing MySQL on Linux,” for more information on the Linux RPM packages.
All other MySQL-Max distributions contain a single server that is named mysqld
but that has the additional features included.
You can find the MySQL-Max binaries on the MySQL AB Web site at http://dev.mysql.com/downloads/mysql-max-4.0.html.
MySQL AB builds the MySQL-Max servers by using the following configure
options:
--with-server-suffix=-max
This option adds a -max
suffix to the mysqld
version string.
--with-innodb
This option enables support for the InnoDB
storage engine. MySQL-Max servers always include InnoDB
support, but this option actually is needed only for MySQL 3.23. From MySQL 4 on, InnoDB
is included by default in binary distributions, so you do not need a MySQL-Max server to obtain InnoDB
support.
--with-bdb
This option enables support for the Berkeley DB (BDB
) storage engine.
CFLAGS=-DUSE_SYMDIR
This define enables symbolic link support for Windows.
MySQL-Max binary distributions are a convenience for those who wish to install precompiled programs. If you build MySQL using a source distribution, you can build your own Max-like server by enabling the same features at configuration time that the MySQL-Max binary distributions are built with.
MySQL-Max servers include the BerkeleyDB (BDB
) storage engine whenever possible, but not all platforms support BDB
. The following table shows which platforms allow MySQL-Max binaries to include BDB
:
|
|
AIX 4.3 |
N |
HP-UX 11.0 |
N |
Linux-Alpha |
N |
Linux-IA-64 |
N |
Linux-Intel |
Y |
Mac OS X |
N |
NetWare |
N |
SCO OSR5 |
Y |
Solaris-Intel |
N |
Solaris-SPARC |
Y |
UnixWare |
Y |
Windows/NT |
Y |
To find out which storage engines your server supports, issue the following statement:
mysql> SHOW ENGINES;
Before MySQL 4.1.2, SHOW ENGINES
is unavailable. Use the following statement instead and check the value of the variable for the storage engine in which you are interested:
The values in the second column indicate the server’s level of support for each feature:
Value |
Meaning |
|
The feature is supported and is active. |
|
The feature is not supported. |
|
The feature is supported but has been disabled. |
A value of NO
means that the server was compiled without support for the feature, so it cannot be activated at runtime.
A value of DISABLED
occurs either because the server was started with an option that disables the feature, or because not all options required to enable it were given. In the latter case, the host_name
.err
error log file should contain a reason indicating why the option is disabled.
One situation in which you might see DISABLED
occurs with MySQL 3.23 when the InnoDB
storage engine is compiled in. In MySQL 3.23, you must supply at least the innodb_data_file_path
option at runtime to set up the InnoDB
tablespace. Without this option, InnoDB
disables itself. See Section 8.4.3, “BDB
Startup Options.”
You might also see DISABLED
for the InnoDB
, BDB
, or ISAM
storage engines if the server was compiled to support them, but was started with the --skip-innodb
, --skip-bdb
, or --skip-isam
options at runtime.
As of Version 3.23, all MySQL servers support MyISAM
tables, because MyISAM
is the default storage engine.
mysqld_safe
is the recommended way to start a mysqld
server on Unix and NetWare. mysqld_safe
adds some safety features such as restarting the server when an error occurs and logging runtime information to an error log file. NetWare-specific behaviors are listed later in this section.
Note: Before MySQL 4.0, mysqld_safe
is named safe_mysqld
. To preserve backward compatibility, MySQL binary distributions for some time will include safe_mysqld
as a symbolic link to mysqld_safe
.
By default, mysqld_safe
tries to start an executable named mysqld-max
if it exists, or mysqld
otherwise. Be aware of the implications of this behavior:
On Linux, the MySQL-Max
RPM relies on this mysqld_safe
behavior. The RPM installs an executable named mysqld-max
, which causes mysqld_safe
to automatically use that executable from that point on.
If you install a MySQL-Max distribution that includes a server named mysqld-max
, then upgrade later to a non-Max version of MySQL, mysqld_safe
will still attempt to run the old mysqld-max
server. If you perform such an upgrade, you should manually remove the old mysqld-max
server to ensure that mysqld_safe
runs the new mysqld
server.
To override the default behavior and specify explicitly which server you want to run, specify a --mysqld
or --mysqld-version
option to mysqld_safe
.
Many of the options to mysqld_safe
are the same as the options to mysqld
. See Section 4.2.1, “mysqld
Command-Line Options.”
All options specified to mysqld_safe
on the command line are passed to mysqld
. If you want to use any options that are specific to mysqld_safe
and that mysqld
doesn’t support, do not specify them on the command line. Instead, list them in the [mysqld_safe]
group of an option file. See Section 3.3.2, “Using Option Files.”
mysqld_safe
reads all options from the [mysqld]
, [server]
, and [mysqld_safe]
sections in option files. For backward compatibility, it also reads [safe_mysqld]
sections, although you should rename such sections to [mysqld_safe]
when you begin using MySQL 4.0 or later.
mysqld_safe
supports the following options:
--basedir=
path
The path to the MySQL installation directory.
--core-file-size=
size
The size of the core file mysqld
should be able to create. The option value is passed to ulimit -c
.
--datadir=
path
The path to the data directory.
--defaults-extra-file=
path
The name of an option file to be read in addition to the usual option files.
--defaults-file=
path
The name of an option file to be read instead of the usual option files.
--err-log=
path
The old form of the --log-error
option, to be used before MySQL 4.0.
--ledir=
path
The path to the directory containing the mysqld
program. Use this option to explicitly indicate the location of the server.
--log-error=
path
Write the error log to the given file. See Section 4.8.1, “The Error Log.”
--mysqld=
prog_name
The name of the server program (in the ledir
directory) that you want to start.
--mysqld-version=
suffix
This option is similar to the --mysqld
option, but you specify only the suffix for the server program name. The basename is assumed to be mysqld
. For example, if you use --mysqld-version=max
, mysqld_safe
will start the mysqld-max
program in the ledir
directory. If the argument to --mysqld-version
is empty, mysqld_safe
uses mysqld
in the ledir
directory.
--nice=
priority
Use the nice
program to set the server’s scheduling priority to the given value. This option was added in MySQL 4.0.14.
--no-defaults
Do not read any option files.
The number of files mysqld
should be able to open. The option value is passed to ulimit -n
. Note that you need to start mysqld_safe
as root
for this to work properly!
--pid-file=
path
The path to the process ID file.
--port=
port_num
The port number to use when listening for TCP/IP connections.
--socket=
path
The Unix socket file to use for local connections.
--timezone=
zone
Set the TZ
time zone environment variable to the given option value. Consult your operating system documentation for legal time zone specification formats.
--user={
user_name
|
user_id
}
Run the mysqld
server as the user having the name user_name
or the numeric user ID user_id
. (“User” in this context refers to a system login account, not a MySQL user listed in the grant tables.)
The mysqld_safe
script is written so that it normally can start a server that was installed from either a source or a binary distribution of MySQL, even though these types of distributions typically install the server in slightly different locations. (See Section 2.1.5, “Installation Layouts.”) mysqld_safe
expects one of the following conditions to be true:
The server and databases can be found relative to the directory from which mysqld_safe
is invoked. For binary distributions, mysqld_safe
looks under its working directory for bin
and data
directories. For source distributions, it looks for libexec
and var
directories. This condition should be met if you execute mysqld_safe
from your MySQL installation directory (for example, /usr/local/mysql
for a binary distribution).
If the server and databases cannot be found relative to the working directory, mysqld_safe
attempts to locate them by absolute pathnames. Typical locations are /usr/local/libexec
and /usr/local/var
. The actual locations are determined from the values configured into the distribution at the time it was built. They should be correct if MySQL is installed in the location specified at configuration time.
Because mysqld_safe
will try to find the server and databases relative to its own working directory, you can install a binary distribution of MySQL anywhere, as long as you run mysqld_safe
from the MySQL installation directory:
shell> cd mysql_installation_directory
shell> bin/mysqld_safe &
If mysqld_safe
fails, even when invoked from the MySQL installation directory, you can specify the --ledir
and --datadir
options to indicate the directories in which the server and databases are located on your system.
Normally, you should not edit the mysqld_safe
script. Instead, configure mysqld_safe
by using command-line options or options in the [mysqld_safe]
section of a my.cnf
option file. In rare cases, it might be necessary to edit mysqld_safe
to get it to start the server properly. However, if you do this, your modified version of mysqld_safe
might be overwritten if you upgrade MySQL in the future, so you should make a copy of your edited version that you can reinstall.
On NetWare, mysqld_safe
is a NetWare Loadable Module (NLM) that is ported from the original Unix shell script. It does the following:
1. Runs a number of system and option checks.
2. Runs a check on MyISAM
and ISAM
tables.
3. Provides a screen presence for the MySQL server.
4. Starts mysqld
, monitors it, and restarts it if it terminates in error.
5. Sends error messages from mysqld
to the host_name
.err
file in the data directory.
6. Sends mysqld_safe
screen output to the host_name
.safe
file in the data directory.
MySQL distributions on Unix include a script named mysql.server
. It can be used on systems such as Linux and Solaris that use System V-style run directories to start and stop system services. It is also used by the Mac OS X Startup Item for MySQL.
mysql.server
can be found in the support-files
directory under your MySQL installation directory or in a MySQL source tree.
If you use the Linux server RPM package (MySQL-server-
VERSION
.rpm
), the mysql.server
script will already have been installed in the /etc/init.d
directory with the name mysql
. You need not install it manually. See Section 2.2.2, “Installing MySQL on Linux,” for more information on the Linux RPM packages.
Some vendors provide RPM packages that install a startup script under a different name such as mysqld
.
If you install MySQL from a source distribution or use a binary distribution format that does not install mysql.server
automatically, you can install it manually. Instructions are provided in Section 2.4.3, “Starting and Stopping MySQL Automatically.”
mysql.server
reads options from the [mysql.server]
and [mysqld]
sections of option files. For backward compatibility, it also reads [mysql_server]
sections, although you should rename such sections to [mysql.server]
when you begin using MySQL 4.0 or later.
mysqld_multi
is meant for managing several mysqld
processes that listen for connections on different Unix socket files and TCP/IP ports. It can start or stop servers, or report their current status.
The program searches for groups named [mysqld
#
]
in my.cnf
(or in the file named by the --config-file
option). #
can be any positive integer. This number is referred to in the following discussion as the option group number, or GNR. Group numbers distinguish option groups from one another and are used as arguments to mysqld_multi
to specify which servers you want to start, stop, or obtain a status report for. Options listed in these groups are the same that you would use in the [mysqld]
group used for starting mysqld
. (See, for example, Section 2.4.3, “Starting and Stopping MySQL Automatically.”) However, when using multiple servers it is necessary that each one use its own value for options such as the Unix socket file and TCP/IP port number. For more information on which options must be unique per server in a multiple-server environment, see Section 4.9, “Running Multiple MySQL Servers on the Same Machine.”
To invoke mysqld_multi
, use the following syntax:
shell> mysqld_multi [options] {start|stop|report}[GNR[,GNR]...]
start
, stop
, and report
indicate which operation you want to perform. You can perform the designated operation on a single server or multiple servers, depending on the GNR list that follows the option name. If there is no list, mysqld_multi
performs the operation for all servers in the option file.
Each GNR value represents an option group number or range of group numbers. The value should be the number at the end of the group name in the option file. For example, the GNR for a group named [mysqld17]
is 17
. To specify a range of numbers, separate the first and last numbers by a dash. The GNR value 10-13
represents groups [mysqld10]
through [mysqld13]
. Multiple groups or group ranges can be specified on the command line, separated by commas. There must be no whitespace characters (spaces or tabs) in the GNR list; anything after a whitespace character is ignored.
This command starts a single server using option group [mysqld17]
:
shell> mysqld_multi start 17
This command stops several servers, using option groups [mysql8]
and [mysqld10]
through [mysqld13]
:
shell> mysqld_multi start 8,10-13
For an example of how you might set up an option file, use this command:
shell> mysqld_multi --example
mysqld_multi
supports the following options:
--config-file=
name
Specify the name of an alternative option file. This affects where mysqld_multi
looks for [mysqld#]
option groups. Without this option, all options are read from the usual my.cnf
file. The option does not affect where mysqld_multi
reads its own options, which are always taken from the [mysqld_multi]
group in the usual my.cnf
file.
--example
Display a sample option file.
--help
Display a help message and exit.
--log=
name
Specify the name of the log file. If the file exists, log output is appended to it.
--mysqladmin=
prog_name
The mysqladmin
binary to be used to stop servers.
--mysqld=
prog_name
The mysqld
binary to be used. Note that you can specify mysqld_safe
as the value for this option also. The options are passed to mysqld
. Just make sure that you have the directory where mysqld
is located in your PATH
environment variable setting or fix mysqld_safe
.
--no-log
Print log information to stdout
rather than to the log file. By default, output goes to the log file.
--password=
password
The password of the MySQL account to use when invoking mysqladmin
. Note that the password value is not optional for this option, unlike for other MySQL programs.
--tcp-ip
Connect to each MySQL server via the TCP/IP port instead of the Unix socket file. (If a socket file is missing, the server might still be running, but accessible only via the TCP/IP port.) By default, connections are made using the Unix socket file. This option affects stop
and report
operations.
--user=
user_name
The username of the MySQL account to use when invoking mysqladmin
.
--version
Display version information and exit.
Some notes about mysqld_multi
:
Make sure that the MySQL account used for stopping the mysqld
servers (with the mysqladmin
program) has the same username and password for each server. Also, make sure that the account has the SHUTDOWN
privilege. If the servers that you want to manage have many different usernames or passwords for the administrative accounts, you might want to create an account on each server that has the same username and password. For example, you might set up a common multi_admin
account by executing the following commands for each server:
shell> mysql -u root -S /tmp/mysql.sock -proot_password
mysql> GRANT SHUTDOWN ON *.*
-> TO 'multi_admin'@'localhost' IDENTIFIED BY 'multipass';
See Section 4.4.2, “How the Privilege System Works.” You will have to do this for each mysqld
server. Change the connection parameters appropriately when connecting to each one. Note that the host part of the account name must allow you to connect as multi_admin
from the host where you want to run mysqld_multi
.
The --pid-file
option is very important if you are using mysqld_safe
to start mysqld
(for example, --mysqld=mysqld_safe
) Every mysqld
should have its own process ID file. The advantage of using mysqld_safe
instead of mysqld
is that mysqld_safe
“guards” its mysqld
process and will restart it if the process terminates due to a signal sent using kill -9
, or for other reasons, such as a segmentation fault. Please note that the mysqld_safe
script might require that you start it from a certain place. This means that you might have to change location to a certain directory before running mysqld_multi
. If you have problems starting, please see the mysqld_safe
script. Check especially the lines:
----------------------------------------------------------------
MY_PWD=`pwd`
# Check if we are starting this relative (for the binary release)
if test -d $MY_PWD/data/mysql -a -f ./share/mysql/english/errmsg.sys -a
-x ./bin/mysqld
----------------------------------------------------------------
See Section 4.1.3, “The mysqld_safe
Server Startup Script.” The test performed by these lines should be successful, or you might encounter problems.
The Unix socket file and the TCP/IP port number must be different for every mysqld
.
You might want to use the --user
option for mysqld
, but in order to do this you need to run the mysqld_multi
script as the Unix root
user. Having the option in the option file doesn’t matter; you will just get a warning, if you are not the superuser and the mysqld
processes are started under your own Unix account.
Important:Make sure that the data directory is fully accessible to the Unix account that the specific mysqld
process is started as. Do not use the Unix root account for this, unless you know what you are doing.
Most important:Before using mysqld_multi
be sure that you understand the meanings of the options that are passed to the mysqld
servers and why you would want to have separate mysqld
processes. Beware of the dangers of using multiple mysqld
servers with the same data directory. Use separate data directories, unless you know what you are doing. Starting multiple servers with the same data directory will not give you extra performance in a threaded system. See Section 4.9, “Running Multiple MySQL Servers on the Same Machine.”
The following example shows how you might set up an option file for use with mysqld_multi
. The first and fifth [mysqld
#
]
group were intentionally left out from the example to illustrate that you can have “gaps” in the option file. This gives you more flexibility. The order in which the mysqld
programs are started or stopped depends on the order in which they appear in the option file.
# This file should probably be in your home dir (~/.my.cnf)
# or /etc/my.cnf
# Version 2.1 by Jani Tolonen
[mysqld_multi]
mysqld = /usr/local/bin/mysqld_safe
mysqladmin = /usr/local/bin/mysqladmin
user = multi_admin
password = multipass
[mysqld2]
socket = /tmp/mysql.sock2
port = 3307
pid-file = /usr/local/mysql/var2/hostname.pid2
datadir = /usr/local/mysql/var2
language = /usr/local/share/mysql/english
user = john
[mysqld3]
socket = /tmp/mysql.sock3
port = 3308
pid-file = /usr/local/mysql/var3/hostname.pid3
datadir = /usr/local/mysql/var3
language = /usr/local/share/mysql/swedish
user = monty
[mysqld4]
socket = /tmp/mysql.sock4
port = 3309
pid-file = /usr/local/mysql/var4/hostname.pid4
datadir = /usr/local/mysql/var4
language = /usr/local/share/mysql/estonia
user = tonu
[mysqld6]
socket = /tmp/mysql.sock6
port = 3311
pid-file = /usr/local/mysql/var6/hostname.pid6
datadir = /usr/local/mysql/var6
language = /usr/local/share/mysql/japanese
user = jani
See Section 3.3.2, “Using Option Files.”
This section discusses MySQL server configuration topics:
Startup options that the server supports
How to set the server SQL mode
Server system variables
Server status variables
When you start the mysqld
server, you can specify program options using any of the methods described in Section 3.3.2, “Using Option Files.”
mysqld
reads options from the [mysqld]
and [server]
groups. mysqld_safe
reads options from the [mysqld]
, [server]
, [mysqld_safe]
, and [safe_mysqld]
groups. mysql.server
reads options from the [mysqld]
and [mysql.server]
groups. An embedded MySQL server usually reads options from the [server]
, [embedded]
, and [
xxxxx
_SERVER]
groups, where xxxxx
is the name of the application into which the server is embedded.
mysqld
accepts many command-line options. For a list, execute mysqld --help
. Before MySQL 4.1.1, --help
prints the full help message. As of 4.1.1, it prints a brief message; to see the full list, use mysqld --verbose --help
.
The following list shows some of the most common server options. Additional options are described elsewhere:
Options that affect security: See Section 4.3.3, “Startup Options for
.”mysqld
Concerning Security
SSL-related options: See Section 4.5.7.5, “4.5.7.5 SSL Command-Line Options.”
Binary log control options: See Section 4.8.4, “The Binary Log.”
Replication-related options: See Section 5.8, “Replication Startup Options.”
Options specific to particular storage engines: See Section 8.1.1, “MyISAM
Startup Options,” Section 8.4.3, “BDB
Startup Options,” and Section 9.5, “InnoDB
Startup Options.”
You can also set the value of a server system variable by using the variable name as an option, as described later in this section.
--help, -?
Display a short help message and exit. Before MySQL 4.1.1, --help
displays the full help message. As of 4.1.1, it displays an abbreviated message only. Use both the --verbose
and --help
options to see the full message.
--ansi
Use standard SQL syntax instead of MySQL syntax. See Section 1.8.3, “Running MySQL in ANSI Mode.” For more precise control over the server SQL mode, use the --sql-mode
option instead.
--basedir=
path
, -b
path
The path to the MySQL installation directory. All paths are usually resolved relative to this.
--big-tables
Allow large result sets by saving all temporary sets in files. This option prevents most “table full” errors, but also slows down queries for which in-memory tables would suffice. Since MySQL 3.23.2, the server is able to handle large result sets automatically by using memory for small temporary tables and switching to disk tables where necessary.
--bind-address=
IP
The IP address to bind to.
--console
Write the error log messages to stderr/stdout even if --log-error
is specified. On Windows, mysqld
will not close the console screen if this option is used.
--character-sets-dir=
path
The directory where character sets are installed. See Section 4.7.1, “The Character Set Used for Data and Sorting.”
--chroot=
path
Put the mysqld
server in a closed environment during startup by using the chroot()
system call. This is a recommended security measure as of MySQL 4.0. (MySQL 3.23 is not able to provide a chroot()
jail that is 100% closed.) Note that use of this option somewhat limits LOAD DATA INFILE
and SELECT ... INTO OUTFILE
.
--core-file
Write a core file if mysqld
dies. For some systems, you must also specify the --core-file-size
option to mysqld_safe
. See Section 4.1.3, “The mysqld_safe
Server Startup Script.” Note that on some systems, such as Solaris, you will not get a core file if you are also using the --user
option.
The path to the data directory.
--debug[=
debug_options
], -# [
debug_options
]
If MySQL is configured with --with-debug
, you can use this option to get a trace file of what mysqld
is doing. The debug_options
string often is ’d:t:o,
file_name
’
.
--default-character-set=
charset
Use charset
as the default character set. See Section 4.7.1, “The Character Set Used for Data and Sorting.”
--default-collation=
collation
Use collation
as the default collation. This option is available as of MySQL 4.1.1. See Section 4.7.1, “The Character Set Used for Data and Sorting.”
--default-storage-engine=
type
This option is a synonym for --default-table-type
. It is available as of MySQL 4.1.2.
--default-table-type=
type
Set the default table type for tables. See Chapter 8, “MySQL Storage Engines and Table Types.”
--delay-key-write[= OFF | ON | ALL]
How the DELAYED KEYS
option should be used. Delayed key writing causes key buffers not to be flushed between writes for MyISAM
tables. OFF
disables delayed key writes. ON
enables delayed key writes for those tables that were created with the DELAYED KEYS
option. ALL
delays key writes for all MyISAM
tables. Available as of MySQL 4.0.3. See Section 6.5.2, “Tuning Server Parameters.” See Section 8.1.1, “MyISAM
Startup Options.”
Note: If you set this variable to ALL
, you should not use MyISAM
tables from within another program (such as from another MySQL server or with myisamchk
) when the table is in use. Doing so will lead to index corruption.
--delay-key-write-for-all-tables
Old form of --delay-key-write=ALL
for use prior to MySQL 4.0.3. As of 4.0.3, use --delay-key-write
instead.
--des-key-file=
file_name
Read the default keys used by DES_ENCRYPT()
and DES_DECRYPT()
from this file.
--enable-named-pipe
Enable support for named pipes. This option applies only on Windows NT, 2000, and XP systems, and can be used only with the mysqld-nt
and mysqld-max-nt
servers that support named pipe connections.
--external-locking
Enable system locking. Note that if you use this option on a system on which lockd
does not fully work (as on Linux), you will easily get mysqld
to deadlock. This option previously was named --enable-locking
.
Note: If you use this option to enable updates to MyISAM
tables from many MySQL processes, you have to ensure that these conditions are satisfied:
You should not use the query cache for queries that use tables that are updated by another process.
You should not use --delay-key-write=ALL
or DELAY_KEY_WRITE=1
on any shared tables.
The easiest way to ensure this is to always use --external-locking
together with --delay-key-write=OFF --query-cache-size=0
.
(This is not done by default because in many setups it’s useful to have a mixture of the above options.)
--exit-info[=
flags
], -T [
flags
]
This is a bit mask of different flags you can use for debugging the mysqld
server. Do not use this option unless you know exactly what it does!
--flush
Flush all changes to disk after each SQL statement. Normally MySQL does a write of all changes to disk only after each SQL statement and lets the operating system handle the synching to disk. See Section A.4.2, “What to Do If MySQL Keeps Crashing.”
--init-file=
file
Read SQL statements from this file at startup. Each statement must be on a single line and should not include comments.
--language=
lang_name
, -L
lang_name
Client error messages in given language. lang_name
can be given as the language name or as the full pathname to the directory where the language files are installed. See Section 4.7.2, “Setting the Error Message Language.”
--log[=
file
], -l [
file
]
Log connections and queries to this file. See Section 4.8.2, “The General Query Log.” If you don’t specify a filename, MySQL will use host_name
.log
as the filename.
--log-bin=[
file
]
The binary log file. Log all queries that change data to this file. Used for backup and replication. See Section 4.8.4, “The Binary Log.” If you don’t specify a filename, MySQL will use host_name
-bin
as the filename.
--log-bin-index[=
file
]
The index file for binary log filenames. See Section 4.8.4, “The Binary Log.” If you don’t specify a filename, MySQL will use host_name
-bin.index
as the filename.
--log-error[=
file
]
Log errors and startup messages to this file. See Section 4.8.1, “The Error Log.” If you don’t specify a filename, MySQL will use host_name
.err
as the filename.
Log all ISAM
/MyISAM
changes to this file (used only when debugging ISAM
/MyISAM
).
--log-long-format
Log some extra information to the log files (update log, binary update log, and slow queries log, whatever log has been activated). For example, username and timestamp are logged for queries. If you are using --log-slow-queries
and --log-long-format
, then queries that are not using indexes also are logged to the slow query log. Note that --log-long-format
is deprecated as of MySQL version 4.1, when --log-short-format
was introduced (the long log format is the default setting since version 4.1). Also note that starting with MySQL 4.1, the --log-queries-not-using-indexes
option is available for the purpose of logging queries that do not use indexes to the slow query log.
--log-queries-not-using-indexes
If you are using this option with --log-slow-queries
, then queries that are not using indexes also are logged to the slow query log. This option is available as of MySQL 4.1. See Section 4.8.5, ”The Slow Query Log.”
--log-short-format
Log less information to the log files (update log, binary update log, and slow queries log, whatever log has been activated). For example, username and timestamp are not logged for queries. This option was introduced in MySQL 4.1.
--log-slow-queries[=
file
]
Log all queries that have taken more than long_query_time
seconds to execute to file. See Section 4.8.5, “The Slow Query Log.” Note that the default for the amount of information logged has changed in MySQL 4.1. See the --log-long-format
and --log-short-format
options for details.
--log-update[=
file
]
Log updates to file.#
where #
is a unique number if not given. See Section 4.8.3, “The Update Log.” The update log is deprecated and is removed in MySQL 5.0.0; you should use the binary log instead (--log-bin
). See Section 4.8.4, “The Binary Log.” Starting from version 5.0.0, using --log-update
will just turn on the binary log instead.
--log-warnings, -W
Print out warnings such as Aborted connection...
to the error log. Enabling this option is recommended, for example, if you use replication (you will get more information about what is happening, such as messages about network failures and reconnections). This option is enabled by default as of MySQL 4.1.2; to disable it, use --skip-log-warnings
. See Section A.2.10, “Communication Errors and Aborted Connections.”
This option was named --warnings
before MySQL 4.0.
Table-modifying operations (INSERT
, REPLACE
, DELETE
, UPDATE
) will have lower priority than selects. This can also be done via {INSERT | REPLACE | DELETE | UPDATE} LOW_PRIORITY ...
to lower the priority of only one query, or by SET LOW_PRIORITY_UPDATES=1
to change the priority in one thread. See Section 6.3.2, “Table Locking Issues.”
--memlock
Lock the mysqld
process in memory. This works on systems such as Solaris that support the mlockall()
system call. This might help if you have a problem where the operating system is causing mysqld
to swap on disk. Note that use of this option requires that you run the server as root
, which normally is not a good idea for security reasons.
--myisam-recover [=
option
[,
option
...]]]
Set the MyISAM
storage engine recovery mode. The option value is any combination of the values of DEFAULT
, BACKUP
, FORCE
, or QUICK
. If you specify multiple values, separate them by commas. You can also use a value of ""
to disable this option. If this option is used, mysqld
will, when it opens a MyISAM
table, check whether the table is marked as crashed or wasn’t closed properly. (The last option works only if you are running with --skip-external-locking
.) If this is the case, mysqld
will run a check on the table. If the table was corrupted, mysqld
will attempt to repair it.
The following options affect how the repair works:
Option |
Description |
|
The same as not giving any option to |
|
If the data file was changed during recovery, save a backup of the |
|
Run recovery even if you will lose more than one row from the |
|
Don’t check the rows in the table if there aren’t any delete blocks. |
Before a table is automatically repaired, MySQL will add a note about this in the error log. If you want to be able to recover from most problems without user intervention, you should use the options BACKUP,FORCE
. This will force a repair of a table even if some rows would be deleted, but it will keep the old data file as a backup so that you can later examine what happened.
This option is available as of MySQL 3.23.25.
--new
From version 4.0.12, the --new
option can be used to make the server behave as 4.1 in certain respects, easing a 4.0 to 4.1 upgrade:
TIMESTAMP
is returned as a string with the format ’YYYY-MM-DD HH:MM:SS’
.
This option can be used to help you see how your applications will behave in MySQL 4.1, without actually upgrading to 4.1.
The path to the process ID file used by mysqld_safe
.
--port=
port_num
, -P
port_num
The port number to use when listening for TCP/IP connections.
--old-protocol, -o
Use the 3.20 protocol for compatibility with some very old clients. See Section 2.5.6, “Upgrading from Version 3.20 to 3.21.”
--one-thread
Only use one thread (for debugging under Linux). This option is available only if the server is built with debugging enabled.
--open-files-limit=
count
To change the number of file descriptors available to mysqld
. If this is not set or set to 0, then mysqld
will use this value to reserve file descriptors to use with setrlimit()
. If this value is 0, then mysqld
will reserve max_connections*5
or max_connections + table_cache*2
(whichever is larger) number of files. You should try increasing this if mysqld
gives you the error “Too many open files.”
--safe-mode
Skip some optimization stages.
--safe-show-database
With this option, the SHOW DATABASES
statement displays only the names of those databases for which the user has some kind of privilege. As of MySQL 4.0.2, this option is deprecated and doesn’t do anything (it is enabled by default), because there is now a SHOW DATABASES
privilege that can be used to control access to database names on a per-account basis. See Section 4.4.3, “Privileges Provided by MySQL.”
--safe-user-create
If this is enabled, a user can’t create new users with the GRANT
statement, if the user doesn’t have the INSERT
privilege for the mysql.user
table or any column in the table.
--secure-auth
Disallow authentication for accounts that have old (pre-4.1) passwords. This option is available as of MySQL 4.1.1.
--skip-bdb
Disable the BDB
storage engine. This saves memory and might speed up some operations. Do not use this option if you require BDB
tables.
--skip-concurrent-insert
Turn off the ability to select and insert at the same time on MyISAM
tables. (This is to be used only if you think you have found a bug in this feature.)
Ignore the DELAY_KEY_WRITE
option for all tables. As of MySQL 4.0.3, you should use --delay-key-write=OFF
instead. See Section 6.5.2, “Tuning Server Parameters.”
--skip-external-locking
Don’t use system locking. To use isamchk
or myisamchk
, you must shut down the server. See Section 1.2.3, “MySQL Stability.” In MySQL 3.23, you can use CHECK TABLE
and REPAIR TABLE
to check and repair MyISAM
tables. This option previously was named --skip-locking
.
--skip-grant-tables
This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing a mysqladmin flush-privileges
or mysqladmin reload
command, or by issuing a FLUSH PRIVILEGES
statement.)
--skip-host-cache
Do not use the internal hostname cache for faster name-to-IP resolution. Instead, query the DNS server every time a client connects. See Section 6.5.5, “How MySQL Uses DNS.”
--skip-innodb
Disable the InnoDB
storage engine. This saves memory and disk space and might speed up some operations. Do not use this option if you require InnoDB
tables.
--skip-isam
Disable the ISAM
storage engine. As of MySQL 4.1, ISAM
is disabled by default, so this option applies only if the server was configured with support for ISAM
. This option was added in MySQL 4.1.1.
--skip-name-resolve
Do not resolve hostnames when checking client connections. Use only IP numbers. If you use this option, all Host
column values in the grant tables must be IP numbers or localhost
. See Section 6.5.5, “How MySQL Uses DNS.”
--skip-networking
Don’t listen for TCP/IP connections at all. All interaction with mysqld
must be made via named pipes (on Windows) or Unix socket files (on Unix). This option is highly recommended for systems where only local clients are allowed. See Section 6.5.5, “How MySQL Uses DNS.”
--skip-new
Don’t use new, possibly wrong routines.
--skip-symlink
This is the old form of --skip-symbolic-links
, for use before MySQL 4.0.13.
--symbolic-links, --skip-symbolic-links
Enable or disable symbolic link support. This option has different effects on Windows and Unix:
On Windows, enabling symbolic links allows you to establish a symbolic link to a database directory by creating a directory.sym
file that contains the path to the real directory. See Section 6.6.1.3, “Using Symbolic Links for Databases on Windows.”
On Unix, enabling symbolic links means that you can link a MyISAM
index file or data file to another directory with the INDEX DIRECTORY
or DATA DIRECTORY
options of the CREATE TABLE
statement. If you delete or rename the table, the files that its symbolic links point to also are deleted or renamed.
This option was added in MySQL 4.0.13.
--skip-safemalloc
If MySQL is configured with --with-debug=full
, all MySQL programs check for memory overruns during each memory allocation and memory freeing operation. This checking is very slow, so for the server you can avoid it when you don’t need it by using the --skip-safemalloc
option.
--skip-show-database
With this option, the SHOW DATABASES
statement is allowed only to users who have the SHOW DATABASES
privilege, and the statement displays all database names. Without this option, SHOW DATABASES
is allowed to all users, but displays each database name only if the user has the SHOW DATABASES
privilege or some privilege for the database.
--skip-stack-trace
Don’t write stack traces. This option is useful when you are running mysqld
under a debugger. On some systems, you also must use this option to get a core file.
--skip-thread-priority
Disable using thread priorities for faster response time.
--socket=
path
On Unix, this option specifies the Unix socket file to use for local connections. The default value is /tmp/mysql.sock
. On Windows, the option specifies the pipe name to use for local connections that use a named pipe. The default value is MySQL
.
--sql-mode=
value
[,
value
[,
value
...]]
Set the SQL mode for MySQL. See Section 4.2.2, “The Server SQL Mode.” This option was added in 3.23.41.
--temp-pool
This option causes most temporary files created by the server to use a small set of names, rather than a unique name for each new file. This works around a problem in the Linux kernel dealing with creating many new files with different names. With the old behavior, Linux seems to “leak” memory, because it’s being allocated to the directory entry cache rather than to the disk cache.
Sets the default transaction isolation level, which can be READ-UNCOMMITTED
, READ-COMMITTED
, REPEATABLE-READ
, or SERIALIZABLE
.
--tmpdir=
path
, -t
path
The path of the directory to use for creating temporary files. It might be useful if your default /tmp
directory resides on a partition that is too small to hold temporary tables. Starting from MySQL 4.1, this option accepts several paths that are used in round-robin fashion. Paths should be separated by colon characters (‘:
’) on Unix and semicolon characters (‘;
’) on Windows, NetWare, and OS/2. If the MySQL server is acting as a replication slave, you should not set --tmpdir
to point to a directory on a memory-based filesystem or to a directory that is cleared when the server host restarts. A replication slave needs some of its temporary files to survive a machine restart so that it can replicate temporary tables or LOAD DATA INFILE
operations. If files in the temporary file directory are lost when the server restarts, replication will fail.
--user={
user_name
|
user_id
}, -u {
user_name
|
user_id
}
Run the mysqld
server as the user having the name user_name
or the numeric user ID user_id
. (“User” in this context refers to a system login account, not a MySQL user listed in the grant tables.)
This option is mandatory when starting mysqld
as root
. The server will change its user ID during its startup sequence, causing it to run as that particular user rather than as root
. See Section 4.3.1, “General Security Guidelines.”
Starting from MySQL 3.23.56 and 4.0.12: To avoid a possible security hole where a user adds a --user=root
option to some my.cnf
file (thus causing the server to run as root
), mysqld
uses only the first --user
option specified and produces a warning if there are multiple --user
options. Options in /etc/my.cnf
and datadir
/my.cnf
are processed before command-line options, so it is recommended that you put a --user
option in /etc/my.cnf
and specify a value other than root
. The option in /etc/my.cnf
will be found before any other --user
options, which ensures that the server runs as a user other than root
, and that a warning results if any other --user
option is found.
--version, -V
Display version information and exit.
You can assign a value to a server system variable by using an option of the form --
var_name
=
value
. For example, --key_buffer_size=32M
sets the key_buffer_size
variable to a value of 32MB.
Note that when setting a variable to a value, MySQL might automatically correct it to stay within a given range, or adjust the value to the closest allowable value if only certain values are allowed.
It is also possible to set variables by using --set-variable=
var_name
=
value
or -O
var_name
=
value
syntax. However, this syntax is deprecated as of MySQL 4.0.
You can find a full description for all variables in Section 4.2.3, “Server System Variables.” The section on tuning server parameters includes information on how to optimize them. See Section 6.5.2, “Tuning Server Parameters.”
You can change the values of most system variables for a running server with the SET
statement.
If you want to restrict the maximum value to which a system variable can be set with the SET
statement, you can specify this maximum by using an option of the form --maximum-
var_name
at server startup. For example, to prevent the value of query_cache_size
from being increased to more than 32MB at runtime, use the option --maximum-query_cache_size=32M
. This feature is available as of MySQL 4.0.2.
The MySQL server can operate in different SQL modes, and (as of MySQL 4.1) can apply these modes differentially for different clients. This allows applications to tailor server operation to their own requirements.
Modes define what SQL syntax MySQL should support and what kind of data validation checks it should perform. This makes it easier to use MySQL in different environments and to use MySQL together with other database servers.
You can set the default SQL mode by starting mysqld
with the --sql-mode="
modes
"
option. Beginning with MySQL 4.1, you can also change the mode after startup time by setting the sql_mode
variable with a SET [SESSION|GLOBAL] sql_mode=’
modes
’
statement. Setting the GLOBAL
variable affects the operation of all clients that connect from that time on. Setting the SESSION
variable affects only the current client. modes
is a list of different modes separated by comma (‘,
’) characters. You can retrieve the current mode by issuing a SELECT @@sql_mode
statement. The default value is empty (no modes set).
The value also can be empty (--sql-mode=""
) if you want to reset it.
The following list describes the supported modes:
ANSI_QUOTES
Treat ‘"
’ as an identifier quote character (like the ‘`
’ quote character) and not as a string quote character. You can still use ‘`
’ to quote identifers in ANSI mode. With ANSI_QUOTES
enabled, you cannot use double quotes to quote a literal string, because it will be interpreted as an identifier. (New in MySQL 4.0.0.)
IGNORE_SPACE
Allow spaces between a function name and the ‘(
’ character. This forces all function names to be treated as reserved words. As a result, if you want to access any database, table, or column name that is a reserved word, you must quote it. For example, because there is a USER()
function, the name of the user
table in the mysql
database and the User
column in that table become reserved, so you must quote them:
SELECT "User" FROM mysql."user";
(New in MySQL 4.0.0.)
NO_AUTO_VALUE_ON_ZERO
NO_AUTO_VALUE_ON_ZERO
affects handling of AUTO_INCREMENT
columns. Normally, you generate the next sequence number for the column by inserting either NULL
or 0
into it. NO_AUTO_VALUE_ON_ZERO
suppresses this behavior for 0
so that only NULL
generates the next sequence number. This mode can be useful if 0
has been stored in a table’s AUTO_INCREMENT
column. (This is not a recommended practice, by the way.) For example, if you dump the table with mysqldump
and then reload it, normally MySQL generates new sequence numbers when it encounters the 0
values, resulting in a table with different contents than the one that was dumped. Enabling NO_AUTO_VALUE_ON_ZERO
before reloading the dump file solves this problem. As of MySQL 4.1.1, mysqldump
automatically includes statements in the dump output to enable NO_AUTO_VALUE_ON_ZERO
. (New in MySQL 4.1.1.)
NO_DIR_IN_CREATE
When creating a table, ignore all INDEX DIRECTORY
and DATA DIRECTORY
directives. This option is useful on slave replication servers. (New in MySQL 4.0.15.)
NO_FIELD_OPTIONS
Don’t print MySQL -specific column options in the output of SHOW CREATE TABLE
. This mode is used by mysqldump
in portability mode. (New in MySQL 4.1.1.)
NO_KEY_OPTIONS
Don’t print MySQL -specific index options in the output of SHOW CREATE TABLE
. This mode is used by mysqldump
in portability mode. (New in MySQL 4.1.1.)
NO_TABLE_OPTIONS
Don’t print MySQL -specific table options (such as ENGINE
) in the output of SHOW CREATE TABLE
. This mode is used by mysqldump
in portability mode. (New in MySQL 4.1.1.)
NO_UNSIGNED_SUBTRACTION
In subtraction operations, don’t mark the result as UNSIGNED
if one of the operands is unsigned. Note that this makes UNSIGNED BIGINT
not 100% usable in all contexts. (New in MySQL 4.0.2.)
ONLY_FULL_GROUP_BY
Don’t allow queries that in the GROUP BY
part refer to a not selected column. (New in MySQL 4.0.0.)
PIPES_AS_CONCAT
Treat ||
as a string concatenation operator (same as CONCAT()
) rather than as a synonym for OR
. (New in MySQL 4.0.0.)
Treat REAL
as a synonym for FLOAT
rather than as a synonym for DOUBLE
. (New in MySQL 4.0.0.)
The following special modes are provided as shorthand for combinations of mode values from the preceding list. They are available as of MySQL 4.1.1.
ANSI
Equivalent to REAL_AS_FLOAT
, PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, ONLY_FULL_GROUP_BY
. See Section 1.8.3, “Running MySQL in ANSI Mode.”
DB2
Equivalent to PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, NO_KEY_OPTIONS
, NO_TABLE_OPTIONS
, NO_FIELD_OPTIONS
.
MAXDB
Equivalent to PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, NO_KEY_OPTIONS
, NO_TABLE_OPTIONS
, NO_FIELD_OPTIONS
.
MSSQL
Equivalent to PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, NO_KEY_OPTIONS
, NO_TABLE_OPTIONS
, NO_FIELD_OPTIONS
.
MYSQL323
Equivalent to NO_FIELD_OPTIONS
.
MYSQL40
Equivalent to NO_FIELD_OPTIONS
.
ORACLE
Equivalent to PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, NO_KEY_OPTIONS
, NO_TABLE_OPTIONS
, NO_FIELD_OPTIONS
.
POSTGRESQL
Equivalent to PIPES_AS_CONCAT
, ANSI_QUOTES
, IGNORE_SPACE
, NO_KEY_OPTIONS
, NO_TABLE_OPTIONS
, NO_FIELD_OPTIONS
.
The server maintains many system variables that indicate how it is configured. All of them have default values. They can be set at server startup using options on the command line or in option files. Most of them can be set at runtime using the SET
statement.
Beginning with MySQL 4.0.3, the mysqld
server maintains two kinds of variables. Global variables affect the overall operation of the server. Session variables affect its operation for individual client connections.
When the server starts, it initializes all global variables to their default values. These defaults can be changed by options specified in option files or on the command line. After the server starts, those global variables that are dynamic can be changed by connecting to the server and issuing a SET GLOBAL
var_name
statement. To change a global variable, you must have the SUPER
privilege.
The server also maintains a set of session variables for each client that connects. The client’s session variables are initialized at connect time using the current values of the corresponding global variables. For those session variables that are dynamic, the client can change them by issuing a SET SESSION
var_name
statement. Setting a session variable requires no special privilege, but a client can change only its own session variables, not those of any other client.
A change to a global variable is visible to any client that accesses that global variable. However, it affects the corresponding session variable that is initialized from the global variable only for clients that connect after the change. It does not affect the session variable for any client that is already connected (not even that of the client that issues the SET GLOBAL
statement).
When setting a variable using a startup option, variable values can be given with a suffix of K
, M
, or G
to indicate kilobytes, megabytes, or gigabytes, respectively. For example, the following command starts the server with a key buffer size of 16 megabytes:
mysqld --key_buffer_size=16M
Before MySQL 4.0, use this syntax instead:
mysqld --set-variable=key_buffer_size=16M
The lettercase of suffix letters does not matter; 16M
and 16m
are equivalent.
At runtime, use the SET
statement to set system variables. In this context, suffix letters cannot be used, but the value can take the form of an expression:
mysql> SET sort_buffer_size = 10 * 1024 * 1024;
To specify explicitly whether to set the global or session variable, use the GLOBAL
or SESSION
options:
mysql> SET GLOBAL sort_buffer_size = 10 * 1024 * 1024;
mysql> SET SESSION sort_buffer_size = 10 * 1024 * 1024;
Without either option, the statement sets the session variable.
The variables that can be set at runtime are listed in Section 4.2.3.1.2, “Dynamic System Variables.”
If you want to restrict the maximum value to which a system variable can be set with the SET
statement, you can specify this maximum by using an option of the form --maximum-
var_name
at server startup. For example, to prevent the value of query_cache_size
from being increased to more than 32MB at runtime, use the option --maximum-query_cache_size=32M
. This feature is available as of MySQL 4.0.2.
You can view system variables and their values by using the SHOW VARIABLES
statement. See Section 4.2.3.1, “System Variables,” for more information.
mysql> SHOW VARIABLES;
Most system variables are described here. Variables with no version indicated have been present since at least MySQL 3.22. InnoDB
system variables are listed in Section 9.5, “InnoDB
Startup Options.”
Values for buffer sizes, lengths, and stack sizes are given in bytes unless otherwise specified.
Information on tuning these variables can be found in Section 6.5.2, “Tuning Server Parameters.”
ansi_mode
This is ON
if mysqld
was started with --ansi
. See Section 1.8.3, “Running MySQL in ANSI Mode.” This variable was added in MySQL 3.23.6 and removed in 3.23.41. See the description for --sql-mode
.
back_log
The number of outstanding connection requests MySQL can have. This comes into play when the main MySQL thread gets very many connection requests in a very short time. It then takes some time (although very little) for the main thread to check the connection and start a new thread. The back_log
value indicates how many requests can be stacked during this short time before MySQL momentarily stops answering new requests. You need to increase this only if you expect a large number of connections in a short period of time.
In other words, this value is the size of the listen queue for incoming TCP/IP connections. Your operating system has its own limit on the size of this queue. The manual page for the Unix listen()
system call should have more details. Check your OS documentation for the maximum value for this variable. Attempting to set back_log
higher than your operating system limit will be ineffective.
basedir
The MySQL installation base directory. This variable can be set with the --basedir
option.
bdb_cache_size
The size of the buffer that is allocated for caching indexes and rows for BDB
tables. If you don’t use BDB
tables, you should start mysqld
with --skip-bdb
to not waste memory for this cache. This variable was added in MySQL 3.23.14.
bdb_home
The base directory for BDB
tables. This should be assigned the same value as the datadir
variable. This variable was added in MySQL 3.23.14.
bdb_log_buffer_size
The size of the buffer that is allocated for caching indexes and rows for BDB
tables. If you don’t use BDB
tables, you should set this to 0 or start mysqld
with --skip-bdb
to not waste memory for this cache. This variable was added in MySQL 3.23.31.
bdb_logdir
The directory where the BDB
storage engine writes its log files. This variable can be set with the --bdb-logdir
option. This variable was added in MySQL 3.23.14.
The maximum number of locks you can have active on a BDB
table (10,000 by default). You should increase this if errors such as the following occur when you perform long transactions or when mysqld
has to examine many rows to calculate a query:
bdb: Lock table is out of available locks
Got error 12 from ...
This variable was added in MySQL 3.23.29.
bdb_shared_data
This is ON
if you are using --bdb-shared-data
. This variable was added in MySQL 3.23.29.
bdb_tmpdir
The value of the --bdb-tmpdir
option. This variable was added in MySQL 3.23.14.
bdb_version
The BDB
storage engine version. This variable was added in MySQL 3.23.31.
binlog_cache_size
The size of the cache to hold the SQL statements for the binary log during a transaction. A binary log cache is allocated for each client if the server supports any transactional storage engines and, starting from MySQL 4.1.2, if the server has binary log enabled (--log-bin
option). If you often use big, multiple-statement transactions, you can increase this to get more performance. The Binlog_cache_use
and Binlog_cache_disk_use
status variables can be useful for tuning the size of this variable. This variable was added in MySQL 3.23.29. See Section 4.8.4, “The Binary Log.”
bulk_insert_buffer_size
MyISAM
uses a special tree-like cache to make bulk inserts faster for INSERT ... SELECT
, INSERT ... VALUES (...), (...), ...
, and LOAD DATA INFILE
. This variable limits the size of the cache tree in bytes per thread. Setting it to 0 disables this optimization.
Note: This cache is used only when adding data to a non-empty table. The default value is 8MB. This variable was added in MySQL 4.0.3. This variable previously was named myisam_bulk_insert_tree_size
.
character_set
The default character set. This variable was added in MySQL 3.23.3, then removed in MySQL 4.1.1 and replaced by the various character_set_
xxx
variables.
character_set_client
The character set for statements that arrive from the client. This variable was added in MySQL 4.1.1.
The character set used for literals that do not have a character set introducer, for some functions, and for number-to-string conversion. This variable was added in MySQL 4.1.1.
character_set_database
The character set used by the default database. The server sets this variable whenever the default database changes. If there is no default database, the variable has the same value as character_set_server
. This variable was added in MySQL 4.1.1.
character_set_results
The character set used for returning query results to the client. This variable was added in MySQL 4.1.1.
character_set_server
The server default character set. This variable was added in MySQL 4.1.1.
character_set_system
The character set used by the server for storing identifiers. The value is always utf8
. This variable was added in MySQL 4.1.1.
character_sets
The supported character sets. This variable was added in MySQL 3.23.15.
collation_connection
The collation of the connection character set. This variable was added in MySQL 4.1.1.
collation_database
The collation used by the default database. The server sets this variable whenever the default database changes. If there is no default database, the variable has the same value as collation_server
. This variable was added in MySQL 4.1.1.
collation_server
The server default collation. This variable was added in MySQL 4.1.1.
concurrent_inserts
If ON
(the default), MySQL allows INSERT
and SELECT
statements to run concurrently for MyISAM
tables that have no free blocks in the middle. You can turn this option off by starting mysqld
with --safe
or --skip-new
. This variable was added in MySQL 3.23.7.
connect_timeout
The number of seconds the mysqld
server waits for a connect packet before responding with Bad handshake
.
datadir
The MySQL data directory. This variable can be set with the --datadir
option.
default_week_format
The default mode value to use for the WEEK()
function. This variable is available as of MySQL 4.0.14.
This option applies only to MyISAM
tables. It can have one of the following values to affect handling of the DELAY_KEY_WRITE
table option that can be used in CREATE TABLE
statements.
Option |
Description |
|
|
|
MySQL honors the |
|
All new opened tables are treated as if they were created with the |
If DELAY_KEY_WRITE
is enabled, this means that the key buffer for tables with this option are not flushed on every index update, but only when a table is closed. This will speed up writes on keys a lot, but if you use this feature, you should add automatic checking of all MyISAM
tables by starting the server with the --myisam-recover
option (for example, --myisam-recover=BACKUP,FORCE
). See Section 4.2.1, “mysqld
Command-Line Options,” and Section 8.1.1, “MyISAM
Startup Options.”
Note that --external-locking
doesn’t offer any protection against index corruption for tables that use delayed key writes.
This variable was added in MySQL 3.23.8.
delayed_insert_limit
After inserting delayed_insert_limit
delayed rows, the INSERT DELAYED
handler thread checks whether there are any SELECT
statements pending. If so, it allows them to execute before continuing to insert delayed rows.
delayed_insert_timeout
How long an INSERT DELAYED
handler thread should wait for INSERT
statements before terminating.
delayed_queue_size
How many rows to queue when handling INSERT DELAYED
statements. If the queue becomes full, any client that issues an INSERT DELAYED
statement will wait until there is room in the queue again.
flush
This is ON
if you have started mysqld
with the --flush
option. This variable was added in MySQL 3.22.9.
flush_time
If this is set to a non-zero value, all tables will be closed every flush_time
seconds to free up resources and sync unflushed data to disk. We recommend this option only on Windows 9x or Me, or on systems with minimal resources available. This variable was added in MySQL 3.22.18.
The list of operators supported by boolean full-text searches performed using IN BOOLEAN MODE
. This variable was added in MySQL 4.0.1.
The default variable value is ’+ -><()~*:""&|’
. The rules for changing the value are as follows:
Operator function is determined by position within the string.
The replacement value must be 14 characters.
Each character must be an ASCII non-alphanumeric character.
Either the first or second character must be a space.
No duplicates are allowed except the phrase quoting operators in positions 11 and 12. These two characters are not required to be the same, but they are the only two that may be.
Positions 10, 13, and 14 (which by default are set to ’:
’, ’&
’, and ’|
’) are reserved for future extensions.
ft_max_word_len
The maximum length of the word to be included in a FULLTEXT
index. This variable was added in MySQL 4.0.0.
Note: FULLTEXT
indexes must be rebuilt after changing this variable. Use REPAIR TABLE
tbl_name
QUICK
.
ft_min_word_len
The minimum length of the word to be included in a FULLTEXT
index. This variable was added in MySQL 4.0.0.
Note: FULLTEXT
indexes must be rebuilt after changing this variable. Use REPAIR TABLE
tbl_name
QUICK
.
ft_query_expansion_limit
The number of top matches to use for full-text searches performed using WITH QUERY EXPANSION
. This variable was added in MySQL 4.1.1.
ft_stopword_file
The file from which to read the list of stopwords for full-text searches. All the words from the file are used; comments are not honored. By default, a built-in list of stopwords is used (as defined in the myisam/ft_static.c
file). Setting this variable to the empty string (’’
) disables stopword filtering. This variable was added in MySQL 4.0.10.
Note: FULLTEXT
indexes must be rebuilt after changing this variable. Use REPAIR TABLE
tbl_name
QUICK
.
group_concat_max_len
The maximum allowed result length for the GROUP_CONCAT()
function. This variable was added in MySQL 4.1.0.
YES
if mysqld
supports BDB
tables. DISABLED
if --skip-bdb
is used. This variable was added in MySQL 3.23.30.
have_innodb
YES
if mysqld
supports InnoDB
tables. DISABLED
if --skip-innodb
is used. This variable was added in MySQL 3.23.37.
have_isam
YES
if mysqld
supports ISAM
tables. DISABLED
if --skip-isam
is used. This variable was added in MySQL 3.23.30.
have_raid
YES
if mysqld
supports the RAID
option. This variable was added in MySQL 3.23.30.
have_openssl
YES
if mysqld
supports SSL (encryption) of the client/server protocol. This variable was added in MySQL 3.23.43.
init_connect
A string to be executed by the server for each client that connects. The string consists of one or more SQL statements. To specify multiple statements, separate them by semicolon characters. For example, each client begins by default with autocommit mode enabled. There is no global server variable to specify that autocommit should be disabled by default, but init_connect
can be used to achieve the same effect:
SET GLOBAL init_connect='SET AUTOCOMMIT=0';
This variable can also be set on the command line or in an option file. To set the variable as just shown using an option file, include these lines:
[mysqld]
init_connect='SET AUTOCOMMIT=0'
This variable was added in MySQL 4.1.2.
init_file
The name of the file specified with the --init-file
option when you start the server. This is a file containing SQL statements that you want the server to execute when it starts. Each statement must be on a single line and should not include comments. This variable was added in MySQL 3.23.2.
init_slave
This variable is similar to init_connect
, but is a string to be executed by a slave server each time the SQL thread starts. The format of the string is the same as for the init_connect
variable. This variable was added in MySQL 4.1.2.
innodb_
xxx
The InnoDB
system variables are listed in Section, “InnoDB
Startup Options Startup Options.”
The number of seconds the server waits for activity on an interactive connection before closing it. An interactive client is defined as a client that uses the CLIENT_INTERACTIVE
option to mysql_real_connect()
. See also wait_timeout
.
join_buffer_size
The size of the buffer that is used for full joins (joins that do not use indexes). The buffer is allocated one time for each full join between two tables. Increase this value to get a faster full join when adding indexes is not possible. (Normally the best way to get fast joins is to add indexes.)
key_buffer_size
Index blocks for MyISAM
and ISAM
tables are buffered and are shared by all threads. key_buffer_size
is the size of the buffer used for index blocks. The key buffer is also known as the key cache.
Increase the value to get better index handling (for all reads and multiple writes) to as much as you can afford. Using a value that is 25% of total memory on a machine that mainly runs MySQL is quite common. However, if you make the value too large (for example, more than 50% of your total memory) your system might start to page and become extremely slow. MySQL relies on the operating system to perform filesystem caching for data reads, so you must leave some room for the filesystem cache.
For even more speed when writing many rows at the same time, use LOCK TABLES
.
You can check the performance of the key buffer by issuing a SHOW STATUS
statement and examining the Key_read_requests
, Key_reads
, Key_write_requests
, and Key_writes
status variables.
The Key_reads/Key_read_requests
ratio should normally be less than 0.01. The Key_writes/Key_write_requests
ratio is usually near 1 if you are using mostly updates and deletes, but might be much smaller if you tend to do updates that affect many rows at the same time or if you are using the DELAY_KEY_WRITE
table option.
The fraction of the key buffer in use can be determined using key_buffer_size
in conjunction with the Key_blocks_used
status variable and the buffer block size. From MySQL 4.1.1 on, the buffer block size is available from the key_cache_block_size
server variable. The fraction of the buffer in use is:
(Key_blocks_used * key_cache_block_size) / key_buffer_size
Before MySQL 4.1.1, key cache blocks are 1024 bytes, so the fraction of the key buffer in use is:
(Key_blocks_used * 1024) / key_buffer_size
See Section 6.4.6, “The MyISAM
Key Cache.”
This value controls the demotion of buffers from the hot sub-chain of a key cache to the warm sub-chain. Lower values cause demotion to happen more quickly. The minimum value is 100. The default value is 300. This variable was added in MySQL 4.1.1. See Section 6.4.6, “The MyISAM
Key Cache.”
key_cache_block_size
The size in bytes of blocks in the key cache. The default value is 1024. This variable was added in MySQL 4.1.1. See Section 6.4.6, “The MyISAM
Key Cache.”
key_cache_division_limit
The division point between the hot and warm sub-chains of the key cache buffer chain. The value is the percentage of the buffer chain to use for the warm sub-chain. Allowable values range from 1 to 100. The default value is 100. This variable was added in MySQL 4.1.1. See Section 6.4.6, “The MyISAM
Key Cache.”
language
The language used for error messages.
large_file_support
Whether mysqld
was compiled with options for large file support. This variable was added in MySQL 3.23.28.
local_infile
Whether LOCAL
is supported for LOAD DATA INFILE
statements. This variable was added in MySQL 4.0.3.
locked_in_memory
Whether mysqld
was locked in memory with --memlock
. This variable was added in MySQL 3.23.25.
log
Whether logging of all queries to the general query log is enabled. See Section 4.8.2, “The General Query Log.”
log_bin
Whether the binary log is enabled. This variable was added in MySQL 3.23.14. See Section 4.8.4, “The Binary Log.”
log_slave_updates
Whether updates received by a slave server from a master server should be logged to the slave’s own binary log. Binary logging must be enabled on the slave for this to have any effect. This variable was added in MySQL 3.23.17. See Section 5.8, “Replication Startup Options.”
log_slow_queries
Whether slow queries should be logged. “Slow” is determined by the value of the long_query_time
variable. This variable was added in MySQL 4.0.2. See Section 4.8.5, “The Slow Query Log.”
Whether the update log is enabled. This variable was added in MySQL 3.22.18. Note that the binary log is preferable to the update log, which is unavailable as of MySQL 5.0. See Section 4.8.3, “The Update Log.”
long_query_time
If a query takes longer than this many seconds, the Slow_queries
status variable is incremented. If you are using the --log-slow-queries
option, the query is logged to the slow query log file. This value is measured in real time, not CPU time, so a query that is under the threshold on a lightly loaded system might be above the threshold on a heavily loaded one. See Section 4.8.5, “The Slow Query Log.”
low_priority_updates
If set to 1
, all INSERT
, UPDATE
, DELETE
, and LOCK TABLE WRITE
statements wait until there is no pending SELECT
or LOCK TABLE READ
on the affected table. This variable previously was named sql_low_priority_updates
. It was added in MySQL 3.22.5.
lower_case_table_names
If set to 1
, table names are stored in lowercase on disk and table name comparisons are not case sensitive. This variable was added in MySQL 3.23.6. If set to 2
(new in 4.0.18), table names are stored as given but compared in lowercase. From MySQL 4.0.2, this option also applies to database names. From 4.1.1, it also applies to table aliases.
You should not set this variable to 0
if you are running MySQL on a system that does not have case-sensitive filenames (such as Windows or Mac OS X). New in 4.0.18: If this variable is 0
and the filesystem on which the data directory is located does not have case-sensitive filenames, MySQL automatically sets lower_case_table_names
to 2
.
max_allowed_packet
The maximum size of one packet. The message buffer is initialized to net_buffer_length
bytes, but can grow up to max_allowed_packet
bytes when needed. This value by default is small, to catch big (possibly wrong) packets. You must increase this value if you are using big BLOB
columns. It should be as big as the biggest BLOB
you want to use. The protocol limit for max_allowed_packet
is 16MB before MySQL 4.0 and 1GB thereafter.
max_binlog_cache_size
If a multiple-statement transaction requires more than this amount of memory, you will get the error Multi-statement transaction required more than ’max_binlog_cache_size’bytes of storage
. This variable was added in MySQL 3.23.29.
max_binlog_size
If a write to the binary log exceeds the given value, rotate the binary logs. You cannot set this variable to more than 1GB or to less than 4096 bytes. (The minimum before MYSQL 4.0.14 is 1024 bytes.) The default value is 1GB. This variable was added in MySQL 3.23.33.
Note if you are using transactions: A transaction is written in one chunk to the binary log, hence it is never split between several binary logs. Therefore, if you have big transactions, you might see binary logs bigger than max_binlog_size
.
If max_relay_log_size
is 0
, the value of max_binlog_size
applies to relay logs as well. max_relay_log_size
was added in MySQL 4.0.14.
max_connect_errors
If there are more than this number of interrupted connections from a host, that host is blocked from further connections. You can unblock blocked hosts with the FLUSH HOSTS
statement.
max_connections
The number of simultaneous client connections allowed. Increasing this value increases the number of file descriptors that mysqld
requires. See Section 6.4.8, “How MySQL Opens and Closes Tables,” for comments on file descriptor limits. Also see Section A.2.6, “Too many connections
.”
max_delayed_threads
Don’t start more than this number of threads to handle INSERT DELAYED
statements. If you try to insert data into a new table after all INSERT DELAYED
threads are in use, the row will be inserted as if the DELAYED
attribute wasn’t specified. If you set this to 0
, MySQL never creates a thread to handle DELAYED
rows; in effect, this disables DELAYED
entirely. This variable was added in MySQL 3.23.0.
max_error_count
The maximum number of error, warning, and note messages to be stored for display by SHOW ERRORS
or SHOW WARNINGS
. This variable was added in MySQL 4.1.0.
max_heap_table_size
This variable sets the maximum size to which MEMORY
(HEAP
) tables are allowed to grow. The value of the variable is used to calculate MEMORY
table MAX_ROWS
values. Setting this variable has no effect on any existing MEMORY
table, unless the table is re-created with a statement such as CREATE TABLE
or TRUNCATE TABLE
, or altered with ALTER TABLE
. This variable was added in MySQL 3.23.0.
max_insert_delayed_threads
This variable is a synonym for max_delayed_threads
. It was added in MySQL 4.0.19.
max_join_size
Don’t allow SELECT
statements that probably will need to examine more than max_join_size
row combinations or are likely to do more than max_join_size
disk seeks. By setting this value, you can catch SELECT
statements where keys are not used properly and that would probably take a long time. Set it if your users tend to perform joins that lack a WHERE
clause, that take a long time, or that return millions of rows.
Setting this variable to a value other than DEFAULT
resets the SQL_BIG_SELECTS
value to 0
. If you set the SQL_BIG_SELECTS
value again, the max_join_size
variable is ignored.
If a query result already is in the query cache, no result size check is performed, because the result has already been computed and it does not burden the server to send it to the client.
This variable previously was named sql_max_join_size
.
max_relay_log_size
If a write by a replication slave to its relay log exceeds the given value, rotate the relay log. This variable enables you to put different size constraints on relay logs and binary logs. However, setting the variable to 0
makes MySQL use max_binlog_size
for both binary logs and relay logs. You must set max_relay_log_size
to between 4096 bytes and 1GB (inclusive), or to 0. The default value is 0. This variable was added in MySQL 4.0.14. See Section 5.3, “Replication Implementation Details.”
max_seeks_for_key
Limit the assumed maximum number of seeks when looking up rows based on a key. The MySQL optimizer will assume that no more than this number of key seeks will be required when searching for matching rows in a table by scanning a key, regardless of the actual cardinality of the key. By setting this to a low value (100?), you can force MySQL to prefer keys instead of table scans. This variable was added in MySQL 4.0.14.
max_sort_length
The number of bytes to use when sorting BLOB
or TEXT
values. Only the first max_sort_length
bytes of each value are used; the rest are ignored.
max_tmp_tables
The maximum number of temporary tables a client can keep open at the same time. (This option doesn’t yet do anything.)
max_user_connections
The maximum number of simultaneous connections allowed to any given MySQL account. A value of 0
means “no limit.” This variable was added in MySQL 3.23.34.
max_write_lock_count
After this many write locks, allow some read locks to run in between. This variable was added in MySQL 3.23.7.
myisam_data_pointer_size
Default pointer size in bytes to be used by CREATE TABLE
for MyISAM
tables when no MAX_ROWS
option is specified. This variable cannot be less than 2
or larger than 8
. The default value is 4. This variable was added in MySQL 4.1.2. See Section A.2.11, “The table is full
.”
myisam_max_extra_sort_file_size
If the temporary file used for fast MyISAM
index creation would be larger than using the key cache by the amount specified here, prefer the key cache method. This is mainly used to force long character keys in large tables to use the slower key cache method to create the index. This variable was added in MySQL 3.23.37. Note: The value is given in megabytes before 4.0.3 and in bytes thereafter.
myisam_max_sort_file_size
The maximum size of the temporary file MySQL is allowed to use while re-creating a MyISAM
index (during REPAIR TABLE
, ALTER TABLE
, or LOAD DATA INFILE
). If the file size would be bigger than this value, the index will be created using the key cache instead, which is slower. This variable was added in MySQL 3.23.37. Note: The value is given in megabytes before 4.0.3 and in bytes thereafter.
myisam_recover_options
The value of the --myisam-recover
option. This variable was added in MySQL 3.23.36.
myisam_repair_threads
If this value is greater than 1, MyISAM
table indexes are created in parallel (each index in its own thread) during the Repair by sorting
process. The default value is 1
. Note: Multi-threaded repair is still alpha quality code. This variable was added in MySQL 4.0.13.
myisam_sort_buffer_size
The buffer that is allocated when sorting MyISAM
indexes during a REPAIR TABLE
or when creating indexes with CREATE INDEX
or ALTER TABLE
. This variable was added in MySQL 3.23.16.
named_pipe
On Windows, indicates whether the server supports connections over named pipes. This variable was added in MySQL 3.23.50.
net_buffer_length
The communication buffer is reset to this size between queries. This should not normally be changed, but if you have very little memory, you can set it to the expected length of SQL statements sent by clients. If statements exceed this length, the buffer is automatically enlarged, up to max_allowed_packet
bytes.
The number of seconds to wait for more data from a connection before aborting the read. When the server is reading from the client, net_read_timeout
is the timeout value controlling when to abort. When the server is writing to the client, net_write_timeout
is the timeout value controlling when to abort. See also slave_net_timeout
. This variable was added in MySQL 3.23.20.
net_retry_count
If a read on a communication port is interrupted, retry this many times before giving up. This value should be set quite high on FreeBSD because internal interrupts are sent to all threads. This variable was added in MySQL 3.23.7.
net_write_timeout
The number of seconds to wait for a block to be written to a connection before aborting the write. See also net_read_timeout
. This variable was added in MySQL 3.23.20.
open_files_limit
The number of files that the operating system allows mysqld
to open. This is the real value allowed by the system and might be different from the value you gave mysqld
as a startup option. The value is 0
on systems where MySQL can’t change the number of open files. This variable was added in MySQL 3.23.20.
pid_file
The pathname of the process ID (PID) file. This variable can be set with the --pid-file
option. This variable was added in MySQL 3.23.23.
port
The port on which the server listens for TCP/IP connections. This variable can be set with the --port
option.
protocol_version
The version of the client/server protocol used by the MySQL server. This variable was added in MySQL 3.23.18.
query_alloc_block_size
The allocation size of memory blocks that are allocated for objects created during query parsing and execution. If you have problems with memory fragmentation, it might help to increase this a bit. This variable was added in MySQL 4.0.16.
query_cache_limit
Don’t cache results that are bigger than this. The default value is 1MB. This variable was added in MySQL 4.0.1.
query_cache_min_res_unit
The minimum size for blocks allocated by the query cache. The default value is 4KB. Tuning information for this variable is given in Section 4.10.3, “Query Cache Configuration.” This variable is present from MySQL 4.1.
query_cache_size
The amount of memory allocated for caching query results. The default value is 0
, which disables the query cache. Note that this amount of memory will be allocated even if query_cache_type
is set to 0
. This variable was added in MySQL 4.0.1.
query_cache_type
Set query cache type. Setting the GLOBAL
value sets the type for all clients that connect thereafter. Individual clients can set the SESSION
value to affect their own use of the query cache.
Description |
|
|
Don’t cache or retrieve results. Note that this will not deallocate the query cache buffer. To do that, you should set |
|
Cache all query results except for those that begin with |
|
Cache results only for queries that begin with |
This variable was added in MySQL 4.0.3.
query_cache_wlock_invalidate
Normally, when one client acquires a WRITE
lock on a MyISAM
table, other clients are not blocked from issuing queries for the table if the query results are present in the query cache. Setting this variable to 1 causes acquisition of a WRITE
lock for a table to invalidate any queries in the query cache that refer to the table. This forces other clients that attempt to access the table to wait while the lock is in effect. This variable was added in MySQL 4.0.19.
query_prealloc_size
The size of the persistent buffer used for query parsing and execution. This buffer is not freed between queries. If you are running complex queries, a larger query_prealloc_size
value might be helpful in improving performance, because it can reduce the need for the server to perform memory allocation during query execution operations.
This variable was added in MySQL 4.0.16.
range_alloc_block_size
The size of blocks that are allocated when doing range optimization. This variable was added in MySQL 4.0.16.
read_buffer_size
Each thread that does a sequential scan allocates a buffer of this size for each table it scans. If you do many sequential scans, you might want to increase this value. This variable was added in MySQL 4.0.3. Previously, it was named record_buffer
.
read_only
When the variable is set to ON
for a replication slave server, it causes the slave to allow no updates except from slave threads or from users with the SUPER
privilege. This can be useful to ensure that a slave server accepts no updates from clients. This variable was added in MySQL 4.0.14.
read_rnd_buffer_size
When reading rows in sorted order after a sort, the rows are read through this buffer to avoid disk seeks. Setting the variable to a large value can improve ORDER BY
performance by a lot. However, this is a buffer allocated for each client, so you should not set the global variable to a large value. Instead, change the session variable only from within those clients that need to run large queries. This variable was added in MySQL 4.0.3. Previously, it was named record_rnd_buffer
.
Don’t show databases for which the user has no database or table privileges. This can improve security if you’re concerned about people being able to see what databases other users have. See also skip_show_database
.
This variable was removed in MySQL 4.0.5. Instead, use the SHOW DATABASES
privilege to control access by MySQL accounts to database names.
secure_auth
If the MySQL server has been started with the --secure-auth
option, it blocks connections from all accounts that have passwords stored in the old (pre-4.1) format. In that case, the value of this variable is ON
, otherwise it is OFF
.
You should enable this option if you want to prevent all usage of passwords in old format (and hence insecure communication over the network). This variable was added in MySQL 4.1.1.
Server startup will fail with an error if this option is enabled and the privilege tables are in pre-4.1 format.
When used as a client-side option, the client refuses to connect to a server if the server requires a password in old format for the client account.
server_id
The value of the --server-id
option. It is used for master and slave replication servers. This variable was added in MySQL 3.23.26.
skip_external_locking
This is OFF
if mysqld
uses external locking. This variable was added in MySQL 4.0.3. Previously, it was named skip_locking
.
skip_networking
This is ON
if the server allows only local (non-TCP/IP) connections. On Unix, local connections use a Unix socket file. On Windows, local connections use a named pipe. On NetWare, only TCP/IP connections are supported, so do not set this variable to ON
. This variable was added in MySQL 3.22.23.
skip_show_database
This prevents people from using the SHOW DATABASES
statement if they don’t have the SHOW DATABASES
privilege. This can improve security if you’re concerned about people being able to see what databases other users have. See also safe_show_database
. This variable was added in MySQL 3.23.4. As of MySQL 4.0.2, its effect also depends on the SHOW DATABASES
privilege: If the variable value is ON
, the SHOW DATABASES
statement is allowed only to users who have the SHOW DATABASES
privilege, and the statement displays all database names. If the value is OFF
, SHOW DATABASES
is allowed to all users, but displays each database name only if the user has the SHOW DATABASES
privilege or some privilege for the database.
The number of seconds to wait for more data from a master/slave connection before aborting the read. This variable was added in MySQL 3.23.40.
slow_launch_time
If creating a thread takes longer than this many seconds, the server increments the Slow_launch_threads
status variable. This variable was added in MySQL 3.23.15.
socket
On Unix, this is the Unix socket file used for local client connections. On Windows, this is the name of the named pipe used for local client connections.
sort_buffer_size
Each thread that needs to do a sort allocates a buffer of this size. Increase this value for faster ORDER BY
or GROUP BY
operations. See Section A.4.4, “Where MySQL Stores Temporary Files.”
sql_mode
The current server SQL mode. This variable was added in MySQL 3.23.41. See Section 4.2.2, “The Server SQL Mode.”
storage_engine
This variable is a synonym for table_type
. It was added in MySQL 4.1.2.
table_cache
The number of open tables for all threads. Increasing this value increases the number of file descriptors that mysqld
requires. You can check whether you need to increase the table cache by checking the Opened_tables
status variable. See Section 4.2.4, “Server Status Variables.” If the value of Opened_tables
is large and you don’t do FLUSH TABLES
a lot (which just forces all tables to be closed and reopened), then you should increase the value of the table_cache
variable.
For more information about the table cache, see Section 6.4.8, “6.4.8 How MySQL Opens and Closes Tables.”
table_type
The default table type (storage engine). To set the table type at server startup, use the --default-table-type
option. This variable was added in MySQL 3.23.0. See Section 4.2.1, “mysqld
Command-Line Options.”
thread_cache_size
How many threads the server should cache for reuse. When a client disconnects, the client’s threads are put in the cache if there aren’t already thread_cache_size
threads there. Requests for threads are satisfied by reusing threads taken from the cache if possible, and only when the cache is empty is a new thread created. This variable can be increased to improve performance if you have a lot of new connections. (Normally this doesn’t give a notable performance improvement if you have a good thread implementation.) By examining the difference between the Connections
and Threads_created
status variables (see Section 4.2.4, “4.2.4 Server Status Variables,” for details) you can see how efficient the thread cache is. This variable was added in MySQL 3.23.16.
thread_concurrency
On Solaris, mysqld
calls thr_setconcurrency()
with this value. This function allows applications to give the threads system a hint about the desired number of threads that should be run at the same time. This variable was added in MySQL 3.23.7.
thread_stack
The stack size for each thread. Many of the limits detected by the crash-me
test are dependent on this value. The default is large enough for normal operation. See Section 6.1.4, “The MySQL Benchmark Suite.”
timezone
The time zone for the server. This is set from the TZ
environment variable when mysqld
is started. The time zone also can be set by giving a --timezone
argument to mysqld_safe
. This variable was added in MySQL 3.23.15. See Section A.4.6, “Time Zone Problems.”
tmp_table_size
If an in-memory temporary table exceeds this size, MySQL automatically converts it to an on-disk MyISAM
table. Increase the value of tmp_table_size
if you do many advanced GROUP BY
queries and you have lots of memory.
tmpdir
The directory used for temporary files and temporary tables. Starting from MySQL 4.1, this variable can be set to a list of several paths that are used in round-robin fashion. Paths should be separated by colon characters (‘:
’) on Unix and semicolon characters (’;
’) on Windows, NetWare, and OS/2.
This feature can be used to spread the load between several physical disks. If the MySQL server is acting as a replication slave, you should not set tmpdir
to point to a directory on a memory-based filesystem or to a directory that is cleared when the server host restarts. A replication slave needs some of its temporary files to survive a machine restart so that it can replicate temporary tables or LOAD DATA INFILE
operations. If files in the temporary file directory are lost when the server restarts, replication will fail.
This variable was added in MySQL 3.22.4.
transaction_alloc_block_size
The allocation size of memory blocks that are allocated for storing queries that are part of a transaction to be stored in the binary log when doing a commit. This variable was added in MySQL 4.0.16.
The size of the persistent buffer for transaction_alloc_blocks
that is not freed between queries. By making this big enough to fit all queries in a common transaction, you can avoid a lot of malloc()
calls. This variable was added in MySQL 4.0.16.
tx_isolation
The default transaction isolation level. This variable was added in MySQL 4.0.3.
version
The version number for the server.
wait_timeout
The number of seconds the server waits for activity on a non-interactive connection before closing it.
On thread startup, the session wait_timeout
value is initialized from the global wait_timeout
value or from the global interactive_timeout
value, depending on the type of client (as defined by the CLIENT_INTERACTIVE
connect option to mysql_real_connect()
). See also interactive_timeout
.
Starting from MySQL 4.0.3, we provide better access to a lot of system and connection variables. Many variables can be changed dynamically while the server is running. This allows you to modify server operation without having to stop and restart it.
The mysqld
server maintains two kinds of variables. Global variables affect the overall operation of the server. Session variables affect its operation for individual client connections.
When the server starts, it initializes all global variables to their default values. These defaults may be changed by options specified in option files or on the command line. After the server starts, those global variables that are dynamic can be changed by connecting to the server and issuing a SET GLOBAL
var_name
statement. To change a global variable, you must have the SUPER
privilege.
The server also maintains a set of session variables for each client that connects. The client’s session variables are initialized at connect time using the current values of the corresponding global variables. For those session variables that are dynamic, the client can change them by issuing a SET SESSION
var_name
statement. Setting a session variable requires no special privilege, but a client can change only its own session variables, not those of any other client.
A change to a global variable is visible to any client that accesses that global variable. However, it affects the corresponding session variable that is intialized from the global variable only for clients that connect after the change. It does not affect the session variable for any client that is already connected (not even that of the client that issues the SET GLOBAL
statement).
Global or session variables may be set or retrieved using several syntax forms. The following examples use sort_buffer_size
as a sample variable name.
To set the value of a GLOBAL
variable, use one of the following syntaxes:
mysql> SET GLOBAL sort_buffer_size=value;
mysql> SET @@global.sort_buffer_size=value;
To set the value of a SESSION
variable, use one of the following syntaxes:
mysql> SET SESSION sort_buffer_size=value;
mysql> SET @@session.sort_buffer_size=value;
mysql> SET sort_buffer_size=value;
LOCAL
is a synonym for SESSION
.
If you don’t specify GLOBAL
, SESSION
, or LOCAL
when setting a variable, SESSION
is the default.
To retrieve the value of a GLOBAL
variable, use one of the following statements:
mysql> SELECT @@global.sort_buffer_size;
mysql> SHOW GLOBAL VARIABLES like 'sort_buffer_size';
To retrieve the value of a SESSION
variable, use one of the following statements:
mysql> SELECT @@sort_buffer_size;
mysql> SELECT @@session.sort_buffer_size;
mysql> SHOW SESSION VARIABLES like 'sort_buffer_size';
Here, too, LOCAL
is a synonym for SESSION
.
When you retrieve a variable with SELECT @@
var_name
(that is, you do not specify global.
, session.
, or local.
, MySQL returns the SESSION
value if it exists and the GLOBAL
value otherwise.
For SHOW VARIABLES
, if you do not specify GLOBAL
, SESSION
, or LOCAL
, MySQL returns the SESSION
value.
The reason for requiring the GLOBAL
keyword when setting GLOBAL
-only variables but not when retrieving them is to prevent problems in the future. If we remove a SESSION
variable with the same name as a SESSION
variable, a client with the SUPER
privilege might accidentally change the GLOBAL
variable rather than just the SESSION
variable for its own connection. If we add a SESSION
variable with the same name as a SESSION
variable, a client that intends to change the GLOBAL
variable might find only its own SESSION
variable changed.
Structured system variables are supported beginning with MySQL 4.1.1. A structured variable differs from a regular system variable in two respects:
Its value is a structure with components that specify server parameters considered to be closely related.
There might be several instances of a given type of structured variable. Each one has a different name and refers to a different resource maintained by the server.
Currently, MySQL supports one structured variable type. It specifies parameters that govern the operation of key caches. A key cache structured variable has these components:
key_buffer_size
key_cache_block_size
key_cache_division_limit
key_cache_age_threshold
The purpose of this section is to describe the syntax for referring to structured variables. Key cache variables are used for syntax examples, but specific details about how key caches operate are found elsewhere, in Section 6.4.6, “The MyISAM
Key Cache.”
To refer to a component of a structured variable instance, you can use a compound name in instance_name.component_name
format. Examples:
hot_cache.key_buffer_size
hot_cache.key_cache_block_size
cold_cache.key_cache_block_size
For each structured system variable, an instance with the name of default
is always predefined. If you refer to a component of a structured variable without any instance name, the default
instance is used. Thus, default.key_buffer_size
and key_buffer_size
both refer to the same system variable.
The naming rules for structured variable instances and components are as follows:
For a given type of structured variable, each instance must have a name that is unique within variables of that type. However, instance names need not be unique across structured variable types. For example, each structured variable will have an instance named default
, so default
is not unique across variable types.
The names of the components of each structured variable type must be unique across all system variable names. If this were not true (that is, if two different types of structured variables could share component member names), it would not be clear which default structured variable to use for references to member names that are not qualified by an instance name.
If a structured variable instance name is not legal as an unquoted identifier, refer to it as a quoted identifier using backticks. For example, hot-cache
is not legal, but `hot-cache`
is.
global
, session
, and local
are not legal instance names. This avoids a conflict with notation such as @@global.
var_name
for referring to non-structured system variables.
At the moment, the first two rules have no possibility of being violated because the only structured variable type is the one for key caches. These rules will assume greater significance if some other type of structured variable is created in the future.
With one exception, it is allowable to refer to structured variable components using compound names in any context where simple variable names can occur. For example, you can assign a value to a structured variable using a command-line option:
shell> mysqld --hot_cache.key_buffer_size=64K
In an option file, do this:
[mysqld]
hot_cache.key_buffer_size=64K
If you start the server with such an option, it creates a key cache named hot_cache
with a size of 64KB in addition to the default key cache that has a default size of 8MB.
Suppose that you start the server as follows:
shell> mysqld --key_buffer_size=256K
--extra_cache.key_buffer_size=128K
--extra_cache.key_cache_block_size=2048
In this case, the server sets the size of the default key cache to 256KB. (You could also have written --default.key_buffer_size=256K
.) In addition, the server creates a second key cache named extra_cache
that has a size of 128KB, with the size of block buffers for caching table index blocks set to 2048 bytes.
The following example starts the server with three different key caches having sizes in a 3:1:1 ratio:
shell> mysqld --key_buffer_size=6M
--hot_cache.key_buffer_size=2M
--cold_cache.key_buffer_size=2M
Structured variable values may be set and retrieved at runtime as well. For example, to set a key cache named hot_cache
to a size of 10MB, use either of these statements:
mysql> SET GLOBAL hot_cache.key_buffer_size = 10*1024*1024;
mysql> SET @@global.hot_cache.key_buffer_size = 10*1024*1024;
To retrieve the cache size, do this:
mysql> SELECT @@global.hot_cache.key_buffer_size;
However, the following statement does not work. The variable is not interpreted as a compound name, but as a simple string for a LIKE
pattern-matching operation:
mysql> SHOW GLOBAL VARIABLES LIKE 'hot_cache.key_buffer_size';
This is the exception to being able to use structured variable names anywhere a simple variable name may occur.
Beginning with MySQL 4.0.3, many server system variables are dynamic and can be set at runtime using SET GLOBAL
or SET SESSION
. You can also select their values using SELECT
. See Section 4.2.3.1, “System Variables.”
The following table shows the full list of all dynamic system variables. The last column indicates for each variable whether GLOBAL
or SESSION
(or both) apply.
Variable Name |
Value Type |
Type |
|
boolean |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
string |
|
|
string |
|
|
string |
|
|
string |
|
|
string |
|
|
string |
|
|
boolean |
|
|
numeric |
|
|
string |
|
|
numeric |
|
|
|
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
|
numeric |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
boolean |
|
|
|
numeric |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
enumeration |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
numeric |
|
|
|
numeric |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
boolean |
|
|
numeric |
|
|
boolean |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
|
boolean |
|
|
enumeration |
|
|
numeric |
|
|
enumeration |
|
|
numeric |
|
|
boolean |
|
|
enumeration |
|
|
numeric |
|
|
numeric |
|
|
enumeration |
|
|
boolean |
|
|
numeric |
|
|
numeric |
|
Variables that are marked as “string” take a string value. Variables that are marked as “numeric” take a numeric value. Variables that are marked as “boolean” can be set to 0
, 1
, ON
or OFF
. Variables that are marked as “enumeration” normally should be set to one of the available values for the variable, but can also be set to the number that corresponds to the desired enumeration value. For enumeration-valued system variables, the first enumeration value corresponds to 0
. This differs from ENUM
columns, for which the first enumeration value corresponds to 1
.
The server maintains many status variables that provide information about its operations. You can view these variables and their values by using the SHOW STATUS
statement:
mysql> SHOW STATUS;
Many status variables are reset to 0
by the FLUSH STATUS
statement.
The status variables have the following meanings. The Com_
xxx
statement counter variables were added beginning with MySQL 3.23.47. The Qcache_
xxx
query cache variables were added beginning with MySQL 4.0.1. Otherwise, variables with no version indicated have been present since at least MySQL 3.22.
Aborted_clients
The number of connections that were aborted because the client died without closing the connection properly. See Section A.2.10, “Communication Errors and Aborted Connections.”
Aborted_connects
The number of tries to connect to the MySQL server that failed. See Section A.2.10, “Communication Errors and Aborted Connections.”
Binlog_cache_use
The number of transactions that used the temporary binary log cache. This variable was added in MySQL 4.1.2.
Binlog_cache_disk_use
The number of transactions that used the temporary binary log cache but that exceeded the value of binlog_cache_size
and used a temporary file to store statements from the transaction. This variable was added in MySQL 4.1.2.
The number of bytes received from all clients. This variable was added in MySQL 3.23.7.
Bytes_sent
The number of bytes sent to all clients. This variable was added in MySQL 3.23.7.
Com_
xxx
The number of times each xxx
statement has been executed. There is one status variable for each type of statement. For example, Com_delete
and Com_insert
count DELETE
and INSERT
statements.
Connections
The number of connection attempts (successful or not) to the MySQL server.
Created_tmp_disk_tables
The number of temporary tables on disk created automatically by the server while executing statements. This variable was added in MySQL 3.23.24.
Created_tmp_files
How many temporary files mysqld
has created. This variable was added in MySQL 3.23.28.
Created_tmp_tables
The number of in-memory temporary tables created automatically by the server while executing statements. If Created_tmp_disk_tables
is big, you may want to increase the tmp_table_size
value to cause temporary tables to be memory-based instead of disk-based.
Delayed_errors
The number of rows written with INSERT DELAYED
for which some error occurred (probably duplicate key
).
Delayed_insert_threads
The number of INSERT DELAYED
handler threads in use.
Delayed_writes
The number of INSERT DELAYED
rows written.
Flush_commands
The number of executed FLUSH
statements.
Handler_commit
The number of internal COMMIT
statements. This variable was added in MySQL 4.0.2.
Handler_delete
The number of times a row was deleted from a table.
The number of times the first entry was read from an index. If this is high, it suggests that the server is doing a lot of full index scans; for example, SELECT col1 FROM foo
, assuming that col1
is indexed.
Handler_read_key
The number of requests to read a row based on a key. If this is high, it is a good indication that your queries and tables are properly indexed.
Handler_read_next
The number of requests to read the next row in key order. This will be incremented if you are querying an index column with a range constraint or if you are doing an index scan.
Handler_read_prev
The number of requests to read the previous row in key order. This read method is mainly used to optimize ORDER BY ... DESC
. This variable was added in MySQL 3.23.6.
Handler_read_rnd
The number of requests to read a row based on a fixed position. This will be high if you are doing a lot of queries that require sorting of the result. You probably have a lot of queries that require MySQL to scan whole tables or you have joins that don't use keys properly.
Handler_read_rnd_next
The number of requests to read the next row in the data file. This will be high if you are doing a lot of table scans. Generally this suggests that your tables are not properly indexed or that your queries are not written to take advantage of the indexes you have.
Handler_rollback
The number of internal ROLLBACK
statements. This variable was added in MySQL 4.0.2.
Handler_update
The number of requests to update a row in a table.
Handler_write
The number of requests to insert a row in a table.
Key_blocks_used
The number of used blocks in the key cache. You can use this value to determine how much of the key cache is in use; see the discussion of key_buffer_size
in Section 4.2.3, “Server System Variables.”
Key_read_requests
The number of requests to read a key block from the cache.
The number of physical reads of a key block from disk. If Key_reads
is big, then your key_buffer_size
value is probably too small. The cache miss rate can be calculated as Key_reads
/Key_read_requests
.
Key_write_requests
The number of requests to write a key block to the cache.
Key_writes
The number of physical writes of a key block to disk.
Max_used_connections
The maximum number of connections that have been in use simultaneously since the server started.
Not_flushed_delayed_rows
The number of rows waiting to be written in INSERT DELAY
queues.
Not_flushed_key_blocks
The number of key blocks in the key cache that have changed but haven’t yet been flushed to disk.
Open_files
The number of files that are open.
Open_streams
The number of streams that are open (used mainly for logging).
Open_tables
The number of tables that are open.
Opened_tables
The number of tables that have been opened. If Opened_tables
is big, your table_cache
value is probably too small.
Qcache_free_blocks
The number of free memory blocks in query cache.
Qcache_free_memory
The amount of free memory for query cache.
Qcache_hits
The number of cache hits.
Qcache_inserts
The number of queries added to the cache.
Qcache_lowmem_prunes
The number of queries that were deleted from the cache because of low memory.
The number of non-cached queries (not cachable, or due to query_cache_type
).
Qcache_queries_in_cache
The number of queries registered in the cache.
Qcache_total_blocks
The total number of blocks in the query cache.
Questions
The number of queries that have been sent to the server.
Rpl_status
The status of failsafe replication (not yet implemented).
Select_full_join
The number of joins that do not use indexes. If this value is not 0
, you should carefully check the indexes of your tables. This variable was added in MySQL 3.23.25.
Select_full_range_join
The number of joins that used a range search on a reference table. This variable was added in MySQL 3.23.25.
Select_range
The number of joins that used ranges on the first table. (It’s normally not critical even if this is big.) This variable was added in MySQL 3.23.25.
Select_range_check
The number of joins without keys that check for key usage after each row. (If this is not 0
, you should carefully check the indexes of your tables.) This variable was added in MySQL 3.23.25.
Select_scan
The number of joins that did a full scan of the first table. This variable was added in MySQL 3.23.25.
Slave_open_temp_tables
The number of temporary tables currently open by the slave SQL thread. This variable was added in MySQL 3.23.29.
Slave_running
This is ON
if the server is a slave that is connected to a master. This variable was added in MySQL 3.23.16.
Slow_launch_threads
The number of threads that have taken more than slow_launch_time
seconds to create. This variable was added in MySQL 3.23.15.
Slow_queries
The number of queries that have taken more than long_query_time
seconds. See Section 4.8.5, “The Slow Query Log.”
Sort_merge_passes
The number of merge passes the sort algorithm has had to do. If this value is large, you should consider increasing the value of the sort_buffer_size
system variable. This variable was added in MySQL 3.23.28.
Sort_range
The number of sorts that were done with ranges. This variable was added in MySQL 3.23.25.
Sort_rows
The number of sorted rows. This variable was added in MySQL 3.23.25.
Sort_scan
The number of sorts that were done by scanning the table. This variable was added in MySQL 3.23.25.
Ssl_
xxx
Variables used for SSL connections. These variables were added in MySQL 4.0.0.
Table_locks_immediate
The number of times that a table lock was acquired immediately. This variable was added as of MySQL 3.23.33.
Table_locks_waited
The number of times that a table lock could not be acquired immediately and a wait was needed. If this is high, and you have performance problems, you should first optimize your queries, and then either split your table or tables or use replication. This variable was added as of MySQL 3.23.33.
Threads_cached
The number of threads in the thread cache. This variable was added in MySQL 3.23.17.
Threads_connected
The number of currently open connections.
Threads_created
The number of threads created to handle connections. If Threads_created
is big, you may want to increase the thread_cache_size
value. The cache hit rate can be calculated as Threads_created
/Connections
. This variable was added in MySQL 3.23.31.
Threads_running
The number of threads that are not sleeping.
Uptime
The number of seconds the server has been up.
This section describes some general security issues to be aware of and what you can do to make your MySQL installation more secure against attack or misuse. For information specifically about the access control system that MySQL uses for setting up user accounts and checking database access, see Section 4.4, “The MySQL Access Privilege System.”
Anyone using MySQL on a computer connected to the Internet should read this section to avoid the most common security mistakes.
In discussing security, we emphasize the necessity of fully protecting the entire server host (not just the MySQL server) against all types of applicable attacks: eavesdropping, altering, playback, and denial of service. We do not cover all aspects of availability and fault tolerance here.
MySQL uses security based on Access Control Lists (ACLs) for all connections, queries, and other operations that users can attempt to perform. There is also some support for SSL-encrypted connections between MySQL clients and servers. Many of the concepts discussed here are not specific to MySQL at all; the same general ideas apply to almost all applications.
When running MySQL, follow these guidelines whenever possible:
Do not ever give anyone (except MySQL root
accounts) access to the user
table in the mysql
database! This is critical. The encrypted password is the real password in MySQL. Anyone who knows the password that is listed in the user
table and has access to the host listed for the account can easily log in as that user.
Learn the MySQL access privilege system. The GRANT
and REVOKE
statements are used for controlling access to MySQL. Do not grant any more privileges than necessary. Never grant privileges to all hosts.
Checklist:
Try mysql -u root
. If you are able to connect successfully to the server without being asked for a password, you have problems. Anyone can connect to your MySQL server as the MySQL root
user with full privileges! Review the MySQL installation instructions, paying particular attention to the information about setting a root
password. See Section 2.4.5, “Securing the Initial MySQL Accounts.”
Use the SHOW GRANTS
statement and check to see who has access to what. Then use the REVOKE
statement to remove those privileges that are not necessary.
Do not store any plain-text passwords in your database. If your computer becomes compromised, the intruder can take the full list of passwords and use them. Instead, use MD5()
, SHA1()
, or some other one-way hashing function.
Do not choose passwords from dictionaries. There are special programs to break them. Even passwords like “xfish98” are very bad. Much better is “duag98” which contains the same word “fish” but typed one key to the left on a standard QWERTY keyboard. Another method is to use “Mhall” which is taken from the first characters of each word in the sentence “Mary had a little lamb.” This is easy to remember and type, but difficult to guess for someone who does not know it.
Invest in a firewall. This protects you from at least 50% of all types of exploits in any software. Put MySQL behind the firewall or in a demilitarized zone (DMZ).
Checklist:
Try to scan your ports from the Internet using a tool such as nmap
. MySQL uses port 3306 by default. This port should not be accessible from untrusted hosts. Another simple way to check whether or not your MySQL port is open is to try the following command from some remote machine, where server_host
is the host on which your MySQL server runs:
shell> telnet server_host 3306
If you get a connection and some garbage characters, the port is open, and should be closed on your firewall or router, unless you really have a good reason to keep it open. If telnet
just hangs or the connection is refused, everything is OK; the port is blocked.
Do not trust any data entered by users of your applications. They can try to trick your code by entering special or escaped character sequences in Web forms, URLs, or whatever application you have built. Be sure that your application remains secure if a user enters something like “; DROP DATABASE mysql;
”. This is an extreme example, but large security leaks and data loss might occur as a result of hackers using similar techniques, if you do not prepare for them.
A common mistake is to protect only string data values. Remember to check numeric data as well. If an application generates a query such as SELECT * FROM table WHERE ID=234
when a user enters the value 234
, the user can enter the value 234 OR 1=1
to cause the application to generate the query SELECT * FROM table WHERE ID=234 OR 1=1
. As a result, the server retrieves every record in the table. This exposes every record and causes excessive server load. The simplest way to protect from this type of attack is to use apostrophes around the numeric constants: SELECT * FROM table WHERE ID=’234’
. If the user enters extra information, it all becomes part of the string. In numeric context, MySQL automatically converts this string to a number and strips any trailing non-numeric characters from it.
Sometimes people think that if a database contains only publicly available data, it need not be protected. This is incorrect. Even if it is allowable to display any record in the database, you should still protect against denial of service attacks (for example, those that are based on the technique in the preceding paragraph that causes the server to waste resources). Otherwise, your server becomes unresponsive to legitimate users.
Try to enter ’’
’ and ’"
’ in all your Web forms. If you get any kind of MySQL error, investigate the problem right away.
Try to modify any dynamic URLs by adding %22
(’"
’), %23
(’#
’), and %27
(’'
’) in the URL.
Try to modify data types in dynamic URLs from numeric ones to character ones containing characters from previous examples. Your application should be safe against this and similar attacks.
Try to enter characters, spaces, and special symbols rather than numbers in numeric fields. Your application should remove them before passing them to MySQL or else generate an error. Passing unchecked values to MySQL is very dangerous!
Check data sizes before passing them to MySQL.
Consider having your application connect to the database using a different username than the one you use for administrative purposes. Do not give your applications any access privileges they do not need.
Many application programming interfaces provide a means of escaping special characters in data values. Properly used, this prevents application users from entering values that cause the application to generate statements that have a different effect than you intend:
MySQL C API: Use the mysql_real_escape_string()
API call.
MySQL++: Use the escape
and quote
modifiers for query streams.
PHP: Use the mysql_escape_string()
function, which is based on the function of the same name in the MySQL C API. Prior to PHP 4.0.3, use addslashes()
instead.
Perl DBI: Use the quote()
method or use placeholders.
Java JDBC: Use a PreparedStatement
object and placeholders.
Other programming interfaces might have similar capabilities.
Do not transmit plain (unencrypted) data over the Internet. This information is accessible to everyone who has the time and ability to intercept it and use it for their own purposes. Instead, use an encrypted protocol such as SSL or SSH. MySQL supports internal SSL connections as of Version 4.0.0. SSH port-forwarding can be used to create an encrypted (and compressed) tunnel for the communication.
Learn to use the tcpdump
and strings
utilities. For most cases, you can check whether MySQL data streams are unencrypted by issuing a command like the following:
shell> tcpdump -l -i eth0 -w - src or dst port 3306 | strings
(This works under Linux and should work with small modifications under other systems.) Warning: If you do not see plaintext data, this doesn’t always mean that the information actually is encrypted. If you need high security, you should consult with a security expert.
When you connect to a MySQL server, you should use a password. The password is not transmitted in clear text over the connection. Password handling during the client connection sequence was upgraded in MySQL 4.1.1 to be very secure. If you are using an older version of MySQL, or are still using pre-4.1.1-style passwords, the encryption algorithm is less strong and with some effort a clever attacker who can sniff the traffic between the client and the server can crack the password. (See Section 4.4.9, “Password Hashing in MySQL 4.1,” for a discussion of the different password handling methods.) If the connection between the client and the server goes through an untrusted network, you should use an SSH tunnel to encrypt the communication.
All other information is transferred as text that can be read by anyone who is able to watch the connection. If you are concerned about this, you can use the compressed protocol (in MySQL 3.22 and above) to make traffic much more difficult to decipher. To make the connection even more secure, you should use SSH to get an encrypted TCP/IP connection between a MySQL server and a MySQL client. You can find an Open Source SSH client at http://www.openssh.org/, and a commercial SSH client at http://www.ssh.com/.
If you are using MySQL 4.0 or newer, you can also use internal OpenSSL support. See Section 4.5.7, “Using Secure Connections.”
To make a MySQL system secure, you should strongly consider the following suggestions:
Use passwords for all MySQL users. A client program does not necessarily know the identity of the person running it. It is common for client/server applications that the user can specify any username to the client program. For example, anyone can use the mysql
program to connect as any other person simply by invoking it as mysql -u
other_user db_name
if other_user
has no password. If all users have a password, connecting using another user’s account becomes much more difficult.
To change the password for a user, use the SET PASSWORD
statement. It is also possible to update the user
table in the mysql
database directly. For example, to change the password of all MySQL accounts that have a username of root
, do this:
shell> mysql -u root
mysql> UPDATE mysql.user SET Password=PASSWORD('newpwd')
-> WHERE User='root';
mysql> FLUSH PRIVILEGES;
Don't run the MySQL server as the Unix root
user. This is very dangerous, because any user with the FILE
privilege will be able to create files as root
(for example, ~root/.bashrc
). To prevent this, mysqld
refuses to run as root
unless that is specified explicitly using a --user=root
option.
mysqld
can be run as an ordinary unprivileged user instead. You can also create a separate Unix account named mysql
to make everything even more secure. Use the account only for administering MySQL. To start mysqld
as another Unix user, add a user
option that specifies the username to the [mysqld]
group of the /etc/my.cnf
option file or the my.cnf
option file in the server’s data directory. For example:
[mysqld]
user=mysql
This causes the server to start as the designated user whether you start it manually or by using mysqld_safe
or mysql.server
. For more details, see Section A.3.2, “How to Run MySQL as a Normal User.”
Running mysql
as a Unix user other than root
does not mean that you need to change the root
username in the user
table. Usernames for MySQL accounts have nothing to do with usernames for Unix accounts.
Don’t allow the use of symlinks to tables. (This can be disabled with the --skip- symbolic-links
option.) This is especially important if you run mysqld
as root
, because anyone that has write access to the server’s data directory then could delete any file in the system! See Section 6.6.1.2, “Using Symbolic Links for Tables on Unix.”
Make sure that the only Unix user with read or write privileges in the database directories is the user that mysqld
runs as.
Don’t grant the PROCESS
or SUPER
privilege to non-administrative users. The output of mysqladmin processlist
shows the text of the currently executing queries, so any user who is allowed to execute that command might be able to see if another user issues an UPDATE user SET password=PASSWORD(’not_secure’)
query.
mysqld
reserves an extra connection for users who have the SUPER
privilege (PROCESS
before MySQL 4.0.2), so that a MySQL root
user can log in and check server activity even if all normal connections are in use.
The SUPER
privilege can be used to terminate client connections, change server operation by changing the value of system variables, and control replication servers.
Don’t grant the FILE
privilege to non-administrative users. Any user that has this privilege can write a file anywhere in the filesystem with the privileges of the mysqld
daemon! To make this a bit safer, files generated with SELECT ... INTO OUTFILE
will not overwrite existing files and are writable by everyone.
The FILE
privilege may also be used to read any file that is world-readable or accessible to the Unix user that the server runs as. With this privilege, you can read any file into a database table. This could be abused, for example, by using LOAD DATA
to load /etc/passwd
into a table, which then can be displayed with SELECT
.
If you don’t trust your DNS, you should use IP numbers rather than hostnames in the grant tables. In any case, you should be very careful about creating grant table entries using hostname values that contain wildcards!
If you want to restrict the number of connections allowed to a single account, you can do so by setting the max_user_connections
variable in mysqld
. The GRANT
statement also supports resource control options for limiting the extent of server use allowed to an account.
The following mysqld
options affect security:
--local-infile[={0|1}]
If you start the server with --local-infile=0
, clients cannot use LOCAL
in LOAD DATA
statements. See Section 4.3.4, “Security Issues with LOAD DATA LOCAL
.”
--safe-show-database
With this option, the SHOW DATABASES
statement displays the names of only those databases for which the user has some kind of privilege. As of MySQL 4.0.2, this option is deprecated and doesn’t do anything (it is enabled by default), because there is now a SHOW DATABASES
privilege that can be used to control access to database names on a per-account basis.
--safe-user-create
If this is enabled, a user cannot create new users with the GRANT
statement unless the user has the INSERT
privilege for the mysql.user
table. If you want a user to have the ability to create new users with those privileges that the user has right to grant, you should grant the user the following privilege:
mysql> GRANT INSERT(user) ON mysql.user TO 'user_name'@'host_name';
This will ensure that the user can’t change any privilege columns directly, but has to use the GRANT
statement to give privileges to other users.
--secure-auth
Disallow authentication for accounts that have old (pre-4.1) passwords. This option is available as of MySQL 4.1.1.
--skip-grant-tables
This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing a mysqladmin flush-privileges
or mysqladmin reload
command, or by issuing a FLUSH PRIVILEGES
statement.)
--skip-name-resolve
Hostnames are not resolved. All Host
column values in the grant tables must be IP numbers or localhost
.
--skip-networking
Don’t allow TCP/IP connections over the network. All connections to mysqld
must be made via Unix socket files. This option is unsuitable when using a MySQL version prior to 3.23.27 with the MIT-pthreads package, because Unix socket files were not supported by MIT-pthreads at that time.
With this option, the SHOW DATABASES
statement is allowed only to users who have the SHOW DATABASES
privilege, and the statement displays all database names. Without this option, SHOW DATABASES
is allowed to all users, but displays each database name only if the user has the SHOW DATABASES
privilege or some privilege for the database.
The LOAD DATA
statement can load a file that is located on the server host, or it can load a file that is located on the client host when the LOCAL
keyword is specified.
There are two potential security issues with supporting the LOCAL
version of LOAD DATA
statements:
The transfer of the file from the client host to the server host is initiated by the MySQL server. In theory, a patched server could be built that would tell the client program to transfer a file of the server’s choosing rather than the file named by the client in the LOAD DATA
statement. Such a server could access any file on the client host to which the client user has read access.
In a Web environment where the clients are connecting from a Web server, a user could use LOAD DATA LOCAL
to read any files that the Web server process has read access to (assuming that a user could run any command against the SQL server). In this environment, the client with respect to the MySQL server actually is the Web server, not the program being run by the user connecting to the Web server.
To deal with these problems, we changed how LOAD DATA LOCAL
is handled as of MySQL 3.23.49 and MySQL 4.0.2 (4.0.13 on Windows):
By default, all MySQL clients and libraries in binary distributions are compiled with the --enable-local-infile
option, to be compatible with MySQL 3.23.48 and before.
If you build MySQL from source but don’t use the --enable-local-infile
option to configure
, LOAD DATA LOCAL
cannot be used by any client unless it is written explicitly to invoke mysql_options(... MYSQL_OPT_LOCAL_INFILE, 0)
.
You can disable all LOAD DATA LOCAL
commands from the server side by starting mysqld
with the --local-infile=0
option.
For the mysql
command-line client, LOAD DATA LOCAL
can be enabled by specifying the --local-infile[=1]
option, or disabled with the --local-infile=0
option. Similarly, for mysqlimport
, the --local
or -L
option enables local data file loading. In any case, successful use of a local loading operation requires that the server is enabled to allow it.
If LOAD DATA LOCAL INFILE
is disabled, either in the server or the client, a client that attempts to issue such a statement receives the following error message:
ERROR 1148: The used command is not allowed with this MySQL version
13.59.231.155