Comments - How to access MariaDB from a Linux systemd service without password

1 month ago Daniel Black

The systemd service has ProtectHome=yes by default making the /root/.my.cnf file inaccessible to the systemd service.

While disabling with ProtectHome=false may seem like the easy option, consider the alternative:

ALTER USER root@localhost IDENTIFIED VIA unix_socket

Ref: unix socket authentication.

With this the /root/.my.cnf file is no longer needed, and the root unix user is the only one that can access the root@localhost MariaDB user account.

If your systemd service runs under a different user, say xyzservice, then;

CREATE USER xyservice@localhost IDENTIFIED VIA unix_socket

And then provide the sufficient grants to that user based on what the service needs.

 
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.