How To Change a MariaDB Data Directory to a New Location on CentOS
How To Change a MariaDB Data Directory to a New Location on CentOS
1 — Moving the MariaDB Data Directory
To prepare for moving MariaDB’s data directory, let’s verify the current location by starting an interactive session using the administrative credentials.
#mysql -u root -p
When prompted, supply the MariaDB root password. Then from the mysql
prompt, select the data directory:
> select @@datadir;
/var/lib/mysql/
This output confirms that MariaDB is configured to use the default data directory, /var/lib/mysql/,
so that’s the directory we need to move.
To ensure the integrity of the data, we’ll stop service - MariaDB before we actually make changes to the data directory:
# systemctl stop mariadb
to check if the service is stopped use the command:
#systemctl status mariadb
Sep 11 12:21:04 mysql systemd[1]: Stopped MariaDB database server.
Now that the server is shut down, we’ll copy the existing database directory to the new location with rsync
. Using the -a
flag preserves the permissions and other directory properties, while-v
provides verbose output so you can follow the progress.
Note: Be sure there is no trailing slash on the directory, which may be added if you use tab completion. When there’s a trailing slash, rsync
will dump the contents of the directory into the mount point instead of transferring it into a containing mysql
directory:
#rsync -av /var/lib/mysql /mnt/volume-mariadb
Once the rsync
is complete, rename the current folder with a .bak extension and keep it until we’ve confirmed the move was successful. By re-naming it, we’ll avoid confusion that could arise from files in both the new and the old location:
#mv /var/lib/mysql /var/lib/mysql.bak
Step 2 — Pointing to the New Data Location
MySQL has several ways to override configuration values. By default, the datadir
is set to /var/lib/mysql
in the /etc/my.cnf
file. Edit this file to reflect the new data directory:
#vi /etc/my.cnf
SQL. Search for any text or integer in the database
SQL. Search for any text or integer in the database
Small queries to search for any number or text in the desired MS SQL database.
Find an integer.
- set nocount on
- declare @name varchar(128), @substr bigint, @column varchar(128)
- set @substr = 462083 -- ИСКОМОЕ ЦЕЛОЕ ЧИСЛОВОЕ ЗНАЧЕНИЕ
- /* Create a table for output */
- create table #rslt2
- (table_name varchar(128), field_name varchar(128), value bigint)
- /* Populate the created table with the found data */
- declare s cursor for select table_name as table_name from information_schema.tables where table_type = 'BASE TABLE' order by table_name
- open s
- fetch next from s into @name
- while @@fetch_status = 0
- begin
- declare c cursor for
- select quotename(column_name) as column_name from information_schema.columns
- where data_type in ('int', 'bigint') and table_name = @name
- set @name = quotename(@name)
- open c
- fetch next from c into @column
- while @@fetch_status = 0
- begin
- print 'Processing table - ' + @name + ', column - ' + @column
- exec('insert into #rslt2 select ''' + @name + ''' as Table_name, ''' + @column + ''', ' + @column +
- ' from' + @name + ' where ' + @column + ' = ' + @substr )
- fetch next from c into @column
- end
- close c
- deallocate c
- fetch next from s into @name
- end
- select table_name as [Table Name], field_name as [Field Name], count(*) as [Found Mathes] from #rslt2
- group by table_name, field_name
- order by table_name, field_name
- /* Display found values if needed (uncomment next line) */
- -- select * from #rslt2 order by table_name, field_name
- drop table #rslt2
- close s
- deallocate s
Wyszukaj ciąg znaków.
- set nocount on
- declare @name varchar(128), @substr nvarchar(4000), @column varchar(128)
- set @substr = '%Пружинкин%' -- ФРАГМЕНТ ИСКОМОЙ СТРОКИ
- /* Create a table for output */
- create table #rslt
- (table_name varchar(128), field_name varchar(128), value ntext)
- /* Populate the created table with the found data */
- declare s cursor for select table_name as table_name from information_schema.tables where table_type = 'BASE TABLE' order by table_name
- open s
- fetch next from s into @name
- while @@fetch_status = 0
- begin
- declare c cursor for
- select quotename(column_name) as column_name from information_schema.columns
- where data_type in ('text', 'ntext', 'varchar', 'char', 'nvarchar', 'char', 'sysname') and table_name = @name
- set @name = quotename(@name)
- open c
- fetch next from c into @column
- while @@fetch_status = 0
- begin
- print 'Processing table - ' + @name + ', column - ' + @column
- exec('insert into #rslt select ''' + @name + ''' as Table_name, ''' + @column + ''', ' + @column +
- ' from' + @name + ' where ' + @column + ' like ''' + @substr + '''')
- fetch next from c into @column
- end
- close c
- deallocate c
- fetch next from s into @name
- end
- select table_name as [Table Name], field_name as [Field Name], count(*) as [Found Mathes] from #rslt
- group by table_name, field_name
- order by table_name, field_name
- /* Display found values if needed (uncomment next line) */
- --select * from #rslt order by table_name, field_name
- drop table #rslt
- close s
- deallocate s
RDCMan manages multiple remote desktop connections
RDCMan manages multiple remote desktop connections
Microsoft has found a vulnerability in the Remote Desktop Connection Manager (RDCMan) application after detecting the CVE-2020-0765 vulnerability. If you are using this program, it is worth updating it to the latest version released on January 27, 2022 - v2.90
RDCMan manages multiple remote desktop connections. It is useful for managing server labs where you need regular access to each machine such as automated checkin systems and data centers.
The Menu
There are several top-level menus in RDCMan:
- File - load, save, and close RDCMan file groups
- Edit - add, remove, and edit the properties of servers and groups.
- Session - connect, disconnect and log off sessions
- View - options to control the visibility of the server tree, virtual groups and size of the client area
- Remote Desktops - allows access to the groups and servers in a hierarchical fashion, similar to the server tree; primarily useful when the Server Tree is hidden
- Tools - change application properties
- Help - learn about RDCMan (you probably already found this)
The Tree
Most work, such as adding, removing, and editing servers and groups, can be accomplished via right-clicking on a tree node. Servers and groups can be moved using drag-and-drop.
Keyboard shortcuts:
- Enter: Connect to selected server.
- Shift+Enter: Connect to the selected server using the Connect As feature.
- Delete: Remove selected server or group.
- Shift+Delete: Remove selected server or group without question.
- Alt+Enter: Open properties dialog for selected server or group.
- Tab: If a connected server is selected, give it focus.
Use the [View.Server tree location] menu option to locate the tree at the left or right edge of the window.
Full Screen Mode
To work with a server in full screen mode, select the server to give it focus and press Ctrl+Alt+Break (this key is configurable, see Shortcut Keys.) To leave full screen mode, press Ctrl+Alt+Break again or use the minimize/restore buttons in the connection title bar. Multiple monitors can be spanned if enabled by the monitor spanning option.
Download
Download Remote Desktop Connection Manager (519 KB)
Run now from Sysinternals Live.
Runs on:
- Client: Windows 8.1 and higher.
- Server: Windows Server 2012 and higher.
Policies
RDCMan retrieves policy information from the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\RDCMan
registry key.
DisableLogOff
- Create thisDWORD
value as non-zero to disable the log off command throughout RDCMan.
Windows patch KB5014692 breaks WMI for User-ID
Environment:
- Microsoft Windows Server 2019 with patch KB5014692 applied
Note: WMI (Windows Management Instrumentation) is configured under GUI: Device > User Identification > User Mapping > Server Monitoring > Transport Protocol: 'WMI'
Cause
On June 14, 2022, Microsoft released patch KB5004442 for Windows Server to address the vulnerability described in CVE-2021-26414. This patch enables new 'hardened security' for WMI and is having an impact on all vendors.
Info from Microsoft: KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)
Resolution
- The permanent solution is to switch to WinRM as the transport protocol instead of WMI.
- A temporary workaround is available until March 14, 2023. On the Windows Server, follow Microsoft's instructions to disable the hardening change. Modify the following registry value and set it to disabled:
Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat Value Name: "RequireIntegrityActivationAuthenticationLevel" Type: dword Value Data: 0x00000000 means disabled. 0x00000001 means enabled. Note: You must enter Value Data in hexadecimal format. Important: You must restart your device after setting this registry key for it to take effect.
KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)
Summary
The Distributed Component Object Model (DCOM) Remote Protocol is a protocol for exposing application objects using remote procedure calls (RPCs). DCOM is used for communication between the software components of networked devices.
Hardening changes in DCOM were required for CVE-2021-26414. Therefore, we recommended that you verify if client or server applications in your environment that use DCOM or RPC work as expected with the hardening changes enabled.
To address the vulnerability described in CVE-2021-26414, you must install updates released September 14, 2021 or later on client and server computers. If you have not installed the June 14, 2022 or later update, you must also enable the registry key described below in your environment for servers. We recommended that you complete testing in your environment and enable these hardening changes as soon as possible. If you find issues during testing, you must contact the vendor for the affected client or server software for an update or workaround before early 2022.
Note We recommend that you update your devices to the latest security update available to take advantage of the advanced protections from the latest security threats.
Timeline
Update release |
Behavior change |
June 8, 2021 |
Hardening changes disabled by default but with the ability to enable them using a registry key. |
June 14, 2022 |
Hardening changes enabled by default but with the ability to disable them using a registry key. |
November 8, 2022 |
This update will automatically raise authentication level for all non-anonymous activation requests from DCOM clients to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY if it is below Packet Integrity. With this change, most Windows DCOM client applications will automatically work with DCOM hardening change on server side without any modification to the DCOM client applications. |
March 14, 2023 |
Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment. |
Registry setting to enable or disable the hardening changes
During the timeline phases in which you can enable or disable the hardening changes for CVE-2021-26414, you can use the following registry key:
-
Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
-
Value Name: "RequireIntegrityActivationAuthenticationLevel"
-
Type: dword
-
Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to enabled.
Note You must enter Value Data in hexadecimal format.
Important You must restart your device after setting this registry key for it to take effect.
Note Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.
Note This registry value does not exist by default; you must create it. Windows will read it if it exists and will not overwrite it.
Registry settings to raise the activation authentication level
You can use the following registry key to raise the activation authentication level.
-
Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
-
Value Name: "RaiseActivationAuthenticationLevel"
-
Type: dword
-
Value Data: 1 means raise default authentication level to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
Two (2) means raise authentication level for all non-anonymous activation requests to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY if it is below Packet Integrity. This includes the explicitly set authentication level in activation functions, such as CoCreateInstanceEx. If this value is not defined, it will default to 1 (before November 8, 2022) and 2 (after November 8, 2022).
Note You must enter Value Data in hexadecimal format.
Important You must restart your device after setting this registry key for it to take effect.
Note This registry value does not exist by default; you must create it. Windows will read it if it exists and will not overwrite it.
New DCOM error events
To help you identify the applications that might have compatibility issues after we enable DCOM security hardening changes, we added new DCOM error events in the System log; see the tables below. The system will log these events if it detects that a DCOM client application is trying to activate a DCOM server using an authentication level that is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. You can trace to the client device from the server-side event log and use client-side event logs to find the application.
Server events
Event ID |
Message |
---|---|
10036 |
"The server-side authentication level policy does not allow the user %1\%2 SID (%3) from address %4 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application." (%1 – domain, %2 – user name, %3 – User SID, %4 – Client IP Address) |
Client events
Event ID |
Message |
---|---|
10037 |
"Application %1 with PID %2 is requesting to activate CLSID %3 on computer %4 with explicitly set authentication level at %5. The lowest activation authentication level required by DCOM is 5(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY). To raise the activation authentication level, please contact the application vendor." |
10038 |
"Application %1 with PID %2 is requesting to activate CLSID %3 on computer %4 with default activation authentication level at %5. The lowest activation authentication level required by DCOM is 5(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY). To raise the activation authentication level, please contact the application vendor." (%1 – Application Path, %2 – Application PID, %3 – CLSID of the COM class the application is requesting to activate, %4 – Computer Name, %5 – Value of Authentication Level) |
Availability
These error events are only available for a subset of Windows versions; see the table below.
Windows version |
Available on or after these dates |
---|---|
Windows Server 2022 |
September 27, 2021 |
Windows 10, version 2004, Windows 10, version 20H2, Windows 10, version 21H1 |
September 1, 2021 |
Windows 10, version 1909 |
August 26, 2021 |
Windows Server 2019, Windows 10, version 1809 |
August 26, 2021 |
Windows Server 2016, Windows 10, version 1607 |
September 14, 2021 |
Windows Server 2012 R2 and Windows 8.1 |
October 12, 2021 |