Hi Bastien, Please make sure to cc the galaxy-user and galaxy-dev lists as they help your questions reach a wider audience. In fact, I'm sure there are people on these lists that have more DB knowledge than myself. That said, you're spot on in your thinking. Galaxy uses a single database (galaxy, in your case), so you can setup a "Galaxy" mysql user to have rights only on that DB; specifying localhost provides another layer of security as well. Best, J. On May 3, 2010, at 11:08 AM, Chevreux, Bastien wrote:
From: Jeremy Goecks [mailto:jgoecks@gmail.com] On Behalf Of Jeremy Goecks You can specify a MySQL username and password in the MySQL URL, e.g. mysql://username:password@localhost:3306/galaxy?unix_socket=/var/run/ mysqld/mysqld.sock
Hello Jeremy,
thank you very much for that, works like a charm.
Coming to my next question: how should I setup the user / user rights / databases / tables etc. in MySQL?
Yes, I could create a user and then do a
grant all privileges on *.* to someusr@localhost
and I think that that Galaxy will then create everything by itself. However, on the long term I feel that this might be ... um ... a security risk should MySQL also host other things than just a Galaxy DB.
Is there a recommended way to setup things? Like perhaps, e.g., having the mysql admin just create needed databases and giving all rights just to these DBs to galaxy like in:
create database somedb; grant all privileges on somedb.* to someusr@"localhost" identified by 'passwrd';
and then have Galaxy work with that? But for that I'd need to know which DBs Galaxy uses and I have to set up.
If not, I'll do the all privileges on *.*, but I don't really like that.
Regards, Bastien
PS: sorry for nagging, but I'd really like to have a basic security level PPS: if the above looks like straight from some manual, yes it is. I'm no MySQL expert, but a good Google search brings most of what I need to know.
-- DSM Nutritional Products AG R&D Human Nutrition & Health Bioinformatics - Bldg. 203 / 115 P.O. Box 2676 CH-4002 Basel / Switzerland Tel. +41 61 815 8264
DISCLAIMER : This e-mail is for the intended recipient only If you have received it by mistake please let us know by reply and then delete it from your system; access, disclosure, copying, distribution or reliance on any of it by anyone else is prohibited. If you as intended recipient have received this e-mail incorrectly, please notify the sender (via e-mail) immediately.