Default Database User Accounts for MariaDB Xpand
This page is part of MariaDB's Documentation.
The parent of this page is: Database User Accounts for MariaDB Xpand
Topics on this page:
Overview
MariaDB Xpand relies on several database user accounts which are automatically created during the installation process.
Default Database Users
MariaDB Xpand creates the following database user accounts by default during the installation process:
Database User | Description |
---|---|
| Intended for database administration. |
| Used by the |
| Used by the |
| Use by the Replication slave process. Login is not possible for this user regardless of whether a password is set. |
| Used by MariaDB Support and internal processes. |
| Used by MariaDB Support and internal processes. |
These users must not be removed.
Secure Default Database Users
Xpand creates an initial 'root'@'127.0.0.1' account. This is a superuser and if there is no password, any user can connect with no password and perform all operations. Xpand strongly recommends setting a root password.
To see which users may not have passwords:
sql> SELECT username, host, hex(password) from system.users;
Custom Management User
Xpand requires a management user for certain tasks, such as for running the clx command. The xpandm
user account is the default management user. However, you can also create a custom management user.
To create a custom management user:
Create the OS user account with the custom name.
Create a database user account for the custom management user (see below).
Configure SSH for the custom management user.
Create a Database User
If you want to use a custom management user, you need to create a database user account for it. The database user should have sufficient privileges to connect to Xpand via Unix domain socket.
This action is performed on one Xpand node.
To create a database user account if your custom management user is named xpand_dba
:
Connect to Xpand:
$ mysql --user=root --password
Create the
xpand_dba
database user account:CREATE USER xpand_dba@localhost IDENTIFIED BY 'xpand_user_passwd';
Passwords should meet your organization's password policies.
Grant the
xpand_dba
database user account the proper privileges:GRANT ALL ON *.* TO xpand_dba@localhost;