HiveBrain v1.2.0
Get Started
← Back to all entries
patternsqlMinor

enable logging of password-like patterns in mysql client history

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
loggingenablehistorypatternslikepasswordmysqlclient

Problem

From MySQL 5.6.8 onwards, statements containing the pattern PASSWORD or IDENTIFIED are not logged in the mysql command line client history. I know I can add to this list with --histignore or MYSQL_HIST_IGNORE, but how do I defeat this filtering altogether? I'm working on a development server, never storing cleartext passwords and above all, I did not ask for this behaviour. It's my server, and I want to be able to cursor-up and get a previous query without cutting and pasting.

I posted a previous question on this topic when I couldn't work out why some queries were not being logged, but now we're on 5.6.22 and I'm wondering if anyone has found a solution.

Solution

Working on a project with db columns like "password_hash", this behavior was at first very confusing and then over time, simply maddening. There appears to be no way to disable this.

Here's an evil hack that I only resorted to out of desperation after other workarounds failed:

cp /usr/bin/mysql ~/bin     # copy to local bin dir
vim ~/bin/mysql             # vim can edit binary files
/PASSWORD                   # search for the offending string
RPWXUK4FD [ESC]             # overtype w/ string unlikely to ever match
:wq                         # save & quit


This assumes that you already have a ~/bin directory and it is listed before /usr/bin in your $PATH

Code Snippets

cp /usr/bin/mysql ~/bin     # copy to local bin dir
vim ~/bin/mysql             # vim can edit binary files
/PASSWORD                   # search for the offending string
RPWXUK4FD [ESC]             # overtype w/ string unlikely to ever match
:wq                         # save & quit

Context

StackExchange Database Administrators Q#89590, answer score: 4

Revisions (0)

No revisions yet.