I want to run
mysqldump -u aUser -p P4SSw0rd --all-databases > backup.sql
in a cron job. How can I do so securely?
I know I could put the command right there, but anyone with access to the machine would see it straight away via crontab. Is there a better way to do it?
Best Answer
As stated in
man mysqldump
: see 6.1.2.1. End-User Guidelines for Password Security in the MySQL reference manual.An option file is the safest bet, not least according to the above reference. Giving it in plaintext in crontab is not good, not least since the process command line by default is visible through
ps
for other users. The same actually applies for environment variables as explained in the reference.Relevant portion of the MySQL reference manual:
Also see https://stackoverflow.com/q/10725209.