11
Configuring PAM for MySQL
12
=========================
14
You will need to configure PAM on your system for how it should authenticate for MySQL. A simple setup can be to use the standard UNIX authentication method.
16
*NOTE:* Using pam_unix means the MySQL Server needs to read the `/etc/shadow` file, which usually means it has to be run as `root` - usually not a recommended configuration.
18
A sample `/etc/pam.d/mysqld` file: ::
20
auth required pam_unix.so
21
account required pam_unix.so
23
For added information in the system log, you can expand it to be: ::
25
auth required pam_warn.so
26
auth required pam_unix.so audit
27
account required pam_unix.so audit
33
You will need to execute `CREATE USER` with specifying the PAM plugin. For example: ::
35
CREATE USER 'username'@'host' IDENTIFIED WITH auth_pam_server;
37
This creates a user `username` that can connect from `host` and will be authenticated using the PAM plugin. If you are using the `pam_unix` method in PAM (or similar) you will need to have an account for `username` existing on the system.