You can log on to a database host to upload, download, and install software.

Prerequisites

Create a bastion host and use the bastion host to access the database host. For more information, see Create a bastion host, Access a Linux host from a bastion host, and Access a Windows host from a bastion host.

Background information

ApsaraDB for MyBase allows you to obtain more autonomous and controllable permissions by enabling operating system (OS) permissions. This helps database administrators (DBAs) to make full use of their skills, and also helps to solve database problems in a timely manner.

Database hosts and bastion hosts are used together in the following typical application scenarios:

  • Financial and insurance enterprises must establish reliable audit mechanisms to meet the strict security regulatory requirements of the industry.
  • Internet enterprises require efficient and stable audit systems because the number of employees and servers in Internet enterprises is rapidly increasing.

Host permissions of MySQL and PostgreSQL

  • Directory permissions:

    The following directory permissions for the OS are available:

    r-x  boot
    r-x  dev
    r-x  disk12930121
    r-x disk12930121/mysql/12930121/data/mysql #The read and execute permission for the storage capacity of a database instance
    r-x etc
    r-- grub_file
    --- home
    r-x  host
    r-x  media
    r-x  mnt
    r-x  opt
    r-x  proc
    ---  root
    r-x  run
    r-x srv
    r-x  sys
    rwt tmp
    r-x u01 #The read and execute permission for the service data directory
    r-x u02 #The read and execute permission for the service log directory
    r-x  userdata
    rwx  userdata/data1   #The read, write, and execute permission for the directory to which a user data disk is mounted
    r-x  usr
    r-x  var
  • Software package and system command permissions
    Command Supported
    ps Yes
    ss Yes
    lsof No
    iftop No
    iotop No
    yum Yes
    make Yes
    cmake No
    netstat Yes
    kill Yes
    pkill Yes
    iptables No
    service No
    systemctl No
    Percona Toolkit commands Yes
    mysql-client No
    vim Yes
    wget Yes
    unzip No
    curl Yes
    telnet Yes
    tree No
    gcc Yes
    g++ No
    screen No
    sysstat Yes
    nmap No
    tcpdump No
    psmisc Yes
    sendmail No
    bind-utils Yes
    lrzsz No
    rsync Yes
    gzip Yes
    traseroute No
    bc Yes
    net-tools Yes
    Note Use YUM to install other software as a non-root user.

SQL Server host permissions

Account type Description
Normal Account You can log on to a Windows host by using a standard account that has the permissions of the Remote Desktop Users group.
Administrator The privileged account admin has the administrator permission of the local group in Windows.