Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

MYSQL Security for HDP service components

avatar
author-rank pbalasundaram
Expert Contributor

Created on ‎12-13-2016 11:02 PM - edited ‎09-16-2022 01:36 AM

1. Install MySQL data Directories on a Non-root partition (Not /var/lib)

2. Create a dedicated least privileged account for Mysql deamon

3. Disable MySQL Command History, Command History may contain passwords which is viewable by other users

4. Disable interactive Login

5. Disable login from nodes other than the those used by hive services

6. Provide only hive user permission to the Hive metadata database within MySQL

7. During installation do not specifify passwords in command line

8. Ensure Data Directories for Mysql has appropriate permissions and ownerships

9. Ensure only DBA administrators have full database access

10. Ensure that database logging is enabled for error logs and log files are maintained on a non system partition

11. Ensure that old passwords is not set to 1

12. Ensure secure_auth is set to ON

13. Consider if your Component can work with the MYSQL "Connect using SSL" option

686 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
Version history
Last update:
‎09-16-2022 01:36 AM
Updated by:
Expert Contributor
Contributors