mysqld

The SQL daemon (that is, the MySQL server). To use client programs, this program must be running, because clients gain access to databases by connecting to the server. See Section 5.3, “mysqld — The MySQL Server”.

mysqld-max

A version of the server that includes additional features. See Section 5.1.2, “The mysqld-max Extended MySQL Server”.

mysqld_safe

A server startup script. mysqld_safe attempts to start mysqld-max if it exists, and mysqld otherwise. See Section 5.1.3, “mysqld_safe — MySQL Server Startup Script”.

mysql.server

A server startup script. This script is used on systems that use run directories containing scripts that start system services for particular run levels. It invokes mysqld_safe to start the MySQL server. See Section 5.1.4, “mysql.server — MySQL Server Startup Script”.

mysqld_multi

A server startup script that can start or stop multiple servers installed on the system. See Section 5.1.5, “mysqld_multi — Program for Managing Multiple MySQL Servers”.

mysql_install_db

This script creates the MySQL grant tables with default privileges. It is usually executed only once, when first installing MySQL on a system. See Section 2.9.2, “Unix Post-Installation Procedures”.

mysql_fix_privilege_tables

This script is used after an upgrade install operation, to update the grant tables with any changes that have been made in newer versions of MySQL. See Section 2.10.2, “Upgrading the Grant Tables”.

myisamchk

A utility to describe, check, optimize, and repair MyISAM tables. myisamchk is described in Section 5.9.5, “myisamchk — MyISAM Table-Maintenance Utility”.

make_binary_distribution

This program makes a binary release of a compiled MySQL. This could be sent by FTP to /pub/mysql/upload/ on ftp.mysql.com for the convenience of other MySQL users.

mysqlbug

The MySQL bug reporting script. It can be used to send a bug report to the MySQL mailing list. (You can also visit http://bugs.mysql.com/ to file a bug report online. See Section 1.7.1.3, “How to Report Bugs or Problems”.)

For Windows, MySQL binary distributions include both the standard server (mysqld.exe) and the MySQL-Max server (mysqld-max.exe), so you need not get a special distribution. Just use a regular Windows distribution, available at http://dev.mysql.com/downloads/. See Section 2.3, “Installing MySQL on Windows”.

For Linux, if you install MySQL using RPM distributions, use the regular MySQL-server RPM first to install a standard server named mysqld. Then use the MySQL-Max RPM to install a server named mysqld-max. The MySQL-Max RPM presupposes that you have installed the regular server RPM. See Section 2.4, “Installing MySQL on Linux” for more information on the Linux RPM packages.

All other MySQL-Max distributions contain a single server that is named mysqld but that has the additional features included.

--with-server-suffix=-max

This option adds a -max suffix to the mysqld version string.

--with-innodb

This option enables support for the InnoDB storage engine. MySQL-Max servers always include InnoDB support. From MySQL 4.0 onwards, InnoDB is included by default in all binary distributions, so you do not need a MySQL-Max server merely to obtain InnoDB support.

--with-bdb

This option enables support for the Berkeley DB (BDB) storage engine.

--with-blackhole-storage-engine

This option enables support for the BLACKHOLE storage engine.

USE_SYMDIR

This define is enabled to turn on database symbolic link support for Windows. Symbolic link support is available for all Windows servers, so a Max server is not needed to take advantage of this feature.

--with-ndbcluster

This option enables support for the NDB Cluster storage engine. Currently (as of 5.1.2-alpha), Cluster is supported on Linux, Solaris, and Mac OS X only. Some users have reported success in using MySQL Cluster built from source on BSD operating systems, but these are not officially supported at this time.

On Linux, the MySQL-Max RPM relies on this mysqld_safe behavior. The RPM installs an executable named mysqld-max, which causes mysqld_safe to automatically use that executable from that point on.

If you install a MySQL-Max distribution that includes a server named mysqld-max, then upgrade later to a non-Max version of MySQL, mysqld_safe still attempts to run the old mysqld-max server. If you perform such an upgrade, you should manually remove the old mysqld-max server to ensure that mysqld_safe runs the new mysqld server.

--help

Display a help message and exit.

--autoclose

(NetWare only) On NetWare, mysqld_safe provides a screen presence. When you unload (shut down) the mysqld_safe NLM, the screen does not by default go away. Instead, it prompts for user input:

*<NLM has terminated; Press any key to close the screen>*

If you want NetWare to close the screen automatically instead, use the --autoclose option to mysqld_safe.

--basedir=path

The path to the MySQL installation directory.

--core-file-size=size

The size of the core file mysqld should be able to create. The option value is passed to ulimit -c.

--datadir=path

The path to the data directory.

--defaults-extra-file=path

The name of an option file to be read in addition to the usual option files. If given, this option must be first.

--defaults-file=path

The name of an option file to be read instead of the usual option files. If given, this option must be first.

--ledir=path

The path to the directory containing the mysqld program. Use this option to explicitly indicate the location of the server.

--log-error=path

Write the error log to the given file. See Section 5.11.1, “The Error Log”.

--mysqld=prog_name

The name of the server program (in the ledir directory) that you want to start. This option is needed if you use the MySQL binary distribution but have the data directory outside of the binary distribution.

--mysqld-version=suffix

This option is similar to the --mysqld option, but you specify only the suffix for the server program name. The basename is assumed to be mysqld. For example, if you use --mysqld-version=max, mysqld_safe starts the mysqld-max program in the ledir directory. If the argument to --mysqld-version is empty, mysqld_safe uses mysqld in the ledir directory.

--nice=priority

Use the nice program to set the server's scheduling priority to the given value.

--no-defaults

Do not read any option files. If given, this option must be first.

--open-files-limit=count

The number of files mysqld should be able to open. The option value is passed to ulimit -n. Note that you need to start mysqld_safe as root for this to work properly!

--pid-file=path

The path to the process ID file.

--port=port_num

The port number to use when listening for TCP/IP connections. The port number must be 1024 or higher unless MySQL is run as the root system user.

--skip-character-set-client-handshake

Ignore character set information sent by the client and use the default server character set. (This option makes MySQL behave like MySQL 4.0.)

--socket=path

The Unix socket file to use for local connections.

--timezone=zone

Set the TZ time zone environment variable to the given option value. Consult your operating system documentation for legal time zone specification formats.

--user={user_name | user_id}

Run the mysqld server as the user having the name user_name or the numeric user ID user_id. (“User” in this context refers to a system login account, not a MySQL user listed in the grant tables.)

The server and databases can be found relative to the directory from which mysqld_safe is invoked. For binary distributions, mysqld_safe looks under its working directory for bin and data directories. For source distributions, it looks for libexec and var directories. This condition should be met if you execute mysqld_safe from your MySQL installation directory (for example, /usr/local/mysql for a binary distribution).

If the server and databases cannot be found relative to the working directory, mysqld_safe attempts to locate them by absolute pathnames. Typical locations are /usr/local/libexec and /usr/local/var. The actual locations are determined from the values configured into the distribution at the time it was built. They should be correct if MySQL is installed in the location specified at configuration time.

--config-file=name

Specify the name of an alternative option file. This affects where mysqld_multi looks for [mysqldN] option groups. Without this option, all options are read from the usual my.cnf file. The option does not affect where mysqld_multi reads its own options, which are always taken from the [mysqld_multi] group in the usual my.cnf file.

--example

Display a sample option file.

--help

Display a help message and exit.

--log=name

Specify the name of the log file. If the file exists, log output is appended to it.

--mysqladmin=prog_name

The mysqladmin binary to be used to stop servers.

--mysqld=prog_name

The mysqld binary to be used. Note that you can specify mysqld_safe as the value for this option also. The options are passed to mysqld. Just make sure that you have the directory where mysqld is located in your PATH environment variable setting or fix mysqld_safe.

--no-log

Print log information to stdout rather than to the log file. By default, output goes to the log file.

--password=password

The password of the MySQL account to use when invoking mysqladmin. Note that the password value is not optional for this option, unlike for other MySQL programs.

--silent

Disable warnings.

--tcp-ip

Connect to each MySQL server via the TCP/IP port instead of the Unix socket file. (If a socket file is missing, the server might still be running, but accessible only via the TCP/IP port.) By default, connections are made using the Unix socket file. This option affects stop and report operations.

--user=user_name

The username of the MySQL account to use when invoking mysqladmin.

--verbose

Be more verbose.

--version

Display version information and exit.

Make sure that the MySQL account used for stopping the mysqld servers (with the mysqladmin program) has the same username and password for each server. Also, make sure that the account has the SHUTDOWN privilege. If the servers that you want to manage have many different usernames or passwords for the administrative accounts, you might want to create an account on each server that has the same username and password. For example, you might set up a common multi_admin account by executing the following commands for each server:

shell> mysql -u root -S /tmp/mysql.sock -proot_password
mysql> GRANT SHUTDOWN ON *.*
    -> TO 'multi_admin'@'localhost' IDENTIFIED BY 'multipass';

See Section 5.7.2, “How the Privilege System Works”. You have to do this for each mysqld server. Change the connection parameters appropriately when connecting to each one. Note that the host part of the account name must allow you to connect as multi_admin from the host where you want to run mysqld_multi.

The --pid-file option is very important if you are using mysqld_safe to start mysqld (for example, --mysqld=mysqld_safe) Every mysqld should have its own process ID file. The advantage of using mysqld_safe instead of mysqld is that mysqld_safe “guards” its mysqld process and restarts it if the process terminates due to a signal sent using kill -9 or for other reasons, such as a segmentation fault. Please note that the mysqld_safe script might require that you start it from a certain place. This means that you might have to change location to a certain directory before running mysqld_multi. If you have problems starting, please see the mysqld_safe script. Check especially the lines:

----------------------------------------------------------------
MY_PWD=`pwd`
# Check if we are starting this relative (for the binary release)
if test -d $MY_PWD/data/mysql -a -f ./share/mysql/english/errmsg.sys -a \
 -x ./bin/mysqld
----------------------------------------------------------------

See Section 5.1.3, “mysqld_safe — MySQL Server Startup Script”. The test performed by these lines should be successful, or you might encounter problems.

The Unix socket file and the TCP/IP port number must be different for every mysqld.

You might want to use the --user option for mysqld, but in order to do this you need to run the mysqld_multi script as the Unix root user. Having the option in the option file doesn't matter; you just get a warning if you are not the superuser and the mysqld processes are started under your own Unix account.

Important: Make sure that the data directory is fully accessible to the Unix account that the specific mysqld process is started as. Do not use the Unix root account for this, unless you know what you are doing.

Most important: Before using mysqld_multi be sure that you understand the meanings of the options that are passed to the mysqld servers and why you would want to have separate mysqld processes. Beware of the dangers of using multiple mysqld servers with the same data directory. Use separate data directories, unless you know what you are doing. Starting multiple servers with the same data directory does not give you extra performance in a threaded system. See Section 5.12, “Running Multiple MySQL Servers on the Same Machine”.

The MySQL Instance Manager is started with /etc/init.d/mysql script.

The MySQL Instance Manager starts all instances and monitors them.

If a server instance fails the MySQL Instance Manager restarts it.

If the MySQL Instance Manager is shut down (for instance with the /etc/init.d/mysql stop command), all instances are shut down by the MySQL Instance Manager.

--help, -?

Display the help message and exit.

--bind-address=name

Bind address to use for connections.

--default-mysqld-path=name

On Unix, where to look for the MySQL Server binary, if no path was provided in the instance section. Example: default-mysqld-path = /usr/sbin/mysqld

--defaults-file=file_name

Read Instance Manager and MySQL Server settings from the given file. All configuration changes by the Instance Manager will be made to this file. This should be used only as the first option to Instance Manager.

--install

On Windows, install Instance Manager as a Windows service.

--log=name

The path to the IM log file. This is used with the --run-as-service option.

--monitoring-interval=seconds

Interval to monitor instances in seconds. Instance manager will try to connect to each of monitored instances to check whether they are alive/not hanging. In the case of a failure IM will perform several (in fact many) attempts to restart the instance. One can disable this behavior for particular instances with the nonguarded option in the appropriate instance section. If no value was given, the default of 20 seconds will be used.

--passwd, -P

Prepare entry for passwd file and exit.

--password-file=name

Look for the Instance Manager users and passwords in this file. The default file is /etc/mysqlmanager.passwd.

--pid-file=name

The process ID file to use. By default, this file is named mysqlmanager.pid.

--port=port_num

The port number to use for connections. (The default port number, assigned by IANA, is 2273).

--print-defaults

Print the current defaults and exit. This should be used only as the first option to Instance Manager.

--remove

On Windows, removes Instance Manager as a Windows service. This assumes that Instance Manager has been run with --install previously.

--run-as-service

Daemonize and start the angel process. The angel process is simple and unlikely to crash. It will restart the IM itself in case of a failure.

--socket=name

On Unix, the socket file to use for the connection. By default, the file is named /tmp/mysqlmanager.sock.

--standalone

On Windows, run Instance Manager in standalone mode.

--user=name

Username to start and run the mysqlmanager under. It is recommended to run mysqlmanager under the same user account used to run the mysqld server.

--version, -V

Output version information and exit.

mysqld-path = <path-to-mysqld-binary>

The path to the mysqld server binary.

shutdown-delay = seconds

The number of seconds IM should wait for the instance to shut down. The default is 35 seconds. After the delay expires, the IM assumes that the instance is hanging and attempts to kill -9 it. If you use InnoDB with large tables, you should increase this value.

nonguarded

This option should be set if you want to disable IM monitoring functionality for a certain instance.

START INSTANCE <instance_name>

This command will attempt to start an instance:

mysql> START INSTANCE mysqld4;
Query OK, 0 rows affected (0,00 sec)

STOP INSTANCE <instance_name>

This will attempt to stop an instance:

mysql> STOP INSTANCE mysqld4;
Query OK, 0 rows affected (0,00 sec)

SHOW INSTANCES

Show the names of all loaded instances:

mysql> show instances;
+---------------+---------+
| instance_name | status  |
+---------------+---------+
| mysqld3       | offline |
| mysqld4       | online  |
| mysqld2       | offline |
+---------------+---------+
3 rows in set (0,04 sec)

SHOW INSTANCE STATUS <instance_name>

Show the status and the version info of selected instance:

mysql> SHOW INSTANCE STATUS mysqld3;
+---------------+--------+---------+
| instance_name | status | version |
+---------------+--------+---------+
| mysqld3       | online | unknown |
+---------------+--------+---------+
1 row in set (0.00 sec)

SHOW INSTANCE OPTIONS <instance_name>

Show options used by an instance:

mysql> SHOW INSTANCE OPTIONS mysqld3;
+---------------+---------------------------------------------------+
| option_name   | value                                             |
+---------------+---------------------------------------------------+
| instance_name | mysqld3                                           |
| mysqld-path   | /home/cps/mysql/trees/mysql-4.1/sql/mysqld        |
| port          | 3309                                              |
| socket        | /tmp/mysql.sock3                                  |
| pid-file      | hostname.pid3                                     |
| datadir       | /home/cps/mysql_data/data_dir1/                   |
| language      | /home/cps/mysql/trees/mysql-4.1/sql/share/english |
+---------------+---------------------------------------------------+
7 rows in set (0.01 sec)

SHOW <instance_name> LOG FILES

The command provides a listing of all log files used by the instance. The result set contains the path to the log file and the log file size. If no log file path is specified in the configuration file (i.e. log=/var/mysql.log), the IM tries to guess its placement. If the IM is unable to guess the logfile placement you should specify the log file location explicitly.

mysql> SHOW mysqld LOG FILES;
+-------------+------------------------------------+----------+
| Logfile     | Path                               | Filesize |
+-------------+------------------------------------+----------+
| ERROR LOG   | /home/cps/var/mysql/owlet.err      | 9186     |
| GENERAL LOG | /home/cps/var/mysql/owlet.log      | 471503   |
| SLOW LOG    | /home/cps/var/mysql/owlet-slow.log | 4463     |
+-------------+------------------------------------+----------+
3 rows in set (0.01 sec)

SHOW <instance_name> LOG {ERROR | SLOW | GENERAL} size[,offset_from_end]

This command retrieves a portion of the specified log file. Because most users are interested in the latest log messages, the size parameter defines the number of bytes you would like to retrieve starting from the log end. You can retrieve data from the middle of the log file by specifying the optional offset_from_end parameter. The following example retrieves 21 bytes of data, starting 23 bytes from the end of the log file and ending 2 bytes from the end of the log file:

mysql> SHOW mysqld LOG GENERAL 21, 2;
+---------------------+
| Log                 |
+---------------------+
| using password: YES |
+---------------------+
1 row in set (0.00 sec)

SET instance_name.option_name=option_value

This commands edits the specified instance's configuration file to change/add instance options. The IM assumes that the configuration file is located at /etc/my.cnf. You should check that the file exists and has appropriate permissions.

mysql> SET mysqld2.port=3322;
Query OK, 0 rows affected (0.00 sec)

Changes made to the configuration file will not take effect until the MySQL server is restarted. In addition, these changes are not stored in the instance manager's local cache of instance settings until a FLUSH INSTANCES command is executed.

UNSET instance_name.option_name

This command removes an option from an instance's configuration file.

mysql> UNSET mysqld2.port;
Query OK, 0 rows affected (0.00 sec)

Changes made to the configuration file will not take effect until the MySQL server is restarted. In addition, these changes are not stored in the instance manager's local cache of instance settings until a FLUSH INSTANCES command is executed.

FLUSH INSTANCES

This command forces IM to reread the configuration file and to refresh internal structures. This command should be performed after editing the configuration file. This command does not restart instances:

mysql> FLUSH INSTANCES;
Query OK, 0 rows affected (0.04 sec)

Options that affect security: See Section 5.6.3, “Startup Options for mysqld Concerning Security”.

SSL-related options: See Section 5.8.7.6, “SSL Command-Line Options”.

Binary log control options: See Section 5.11.3, “The Binary Log”.

Replication-related options: See Section 6.8, “Replication Startup Options”.

Options specific to particular storage engines: See Section 15.1.1, “MyISAM Startup Options”, Section 15.5.3, “BDB Startup Options”, and Section 15.2.4, “InnoDB Startup Options”.

--help, -?

Display a short help message and exit. Use both the --verbose and --help options to see the full message.

--allow-suspicious-udfs

This option controls whether user-defined functions that have only an xxx symbol for the main function can be loaded. By default, the option is off and only UDFs that have at least one auxiliary symbol can be loaded. This prevents attempts at loading functions from shared object files other than those containing legitimate UDFs. See Section 27.2.3.6, “User-Defined Function Security Precautions”.

--ansi

Use standard (ANSI) SQL syntax instead of MySQL syntax. See Section 1.8.3, “Running MySQL in ANSI Mode”. For more precise control over the server SQL mode, use the --sql-mode option instead.

--basedir=path, -b path

The path to the MySQL installation directory. All paths are usually resolved relative to this.

--bind-address=IP

The IP address to bind to.

--bootstrap

This option is used by the mysql_install_db script to create the MySQL privilege tables without having to start a full MySQL server.

--console

Write error log messages to stderr and stdout even if --log-error is specified. On Windows, mysqld does not close the console screen if this option is used.

--character-sets-dir=path

The directory where character sets are installed. See Section 5.10.1, “The Character Set Used for Data and Sorting”.

--chroot=path

Put the mysqld server in a closed environment during startup by using the chroot() system call. This is a recommended security measure. Note that use of this option somewhat limits LOAD DATA INFILE and SELECT ... INTO OUTFILE.

--character-set-server=charset

Use charset as the default server character set. See Section 5.10.1, “The Character Set Used for Data and Sorting”.

--core-file

Write a core file if mysqld dies. For some systems, you must also specify the --core-file-size option to mysqld_safe. See Section 5.1.3, “mysqld_safe — MySQL Server Startup Script”. Note that on some systems, such as Solaris, you do not get a core file if you are also using the --user option.

--collation-server=collation

Use collation as the default server collation. See Section 5.10.1, “The Character Set Used for Data and Sorting”.

--datadir=path, -h path

The path to the data directory.

--debug[=debug_options], -# [debug_options]

If MySQL is configured with --with-debug, you can use this option to get a trace file of what mysqld is doing. The debug_options string often is 'd:t:o,file_name'. See Section E.1.2, “Creating Trace Files”.

(DEPRECATED) --default-character-set=charset

Use charset as the default character set. This option is deprecated in favor of --character-set-server. See Section 5.10.1, “The Character Set Used for Data and Sorting”.

--default-collation=collation

Use collation as the default collation. This option is deprecated in favor of --collation-server. See Section 5.10.1, “The Character Set Used for Data and Sorting”.

--default-storage-engine=type

This option is a synonym for --default-table-type.

--default-table-type=type

Set the default table type for tables. See Chapter 15, Storage Engines and Table Types.

--default-time-zone=type

Set the default server time zone. This option sets the global time_zone system variable. If this option is not given, the default time zone is the same as the system time zone (given by the value of the system_time_zone system variable.

--delay-key-write[= OFF | ON | ALL]

How the DELAYED KEYS option should be used. Delayed key writing causes key buffers not to be flushed between writes for MyISAM tables. OFF disables delayed key writes. ON enables delayed key writes for those tables that were created with the DELAYED KEYS option. ALL delays key writes for all MyISAM tables. See Section 7.5.2, “Tuning Server Parameters”. See Section 15.1.1, “MyISAM Startup Options”.

Note: If you set this variable to ALL, you should not use MyISAM tables from within another program (such as from another MySQL server or with myisamchk) when the table is in use. Doing so leads to index corruption.

--des-key-file=file_name

Read the default keys used by DES_ENCRYPT() and DES_DECRYPT() from this file.

--enable-named-pipe

Enable support for named pipes. This option applies only on Windows NT, 2000, XP, and 2003 systems, and can be used only with the mysqld-nt and mysqld-max-nt servers that support named pipe connections.

--exit-info[=flags], -T [flags]

This is a bit mask of different flags you can use for debugging the mysqld server. Do not use this option unless you know exactly what it does!

--external-locking

Enable system locking. Note that if you use this option on a system on which lockd does not fully work (as on Linux), it is easy for mysqld to deadlock. This option previously was named --enable-locking.

Note: If you use this option to enable updates to MyISAM tables from many MySQL processes, you have to ensure that these conditions are satisfied:

The easiest way to ensure this is to always use --external-locking together with --delay-key-write=OFF --query-cache-size=0.

(This is not done by default because in many setups it's useful to have a mixture of the above options.)

--flush

Flush all changes to disk after each SQL statement. Normally MySQL does a write of all changes to disk only after each SQL statement and lets the operating system handle the synching to disk. See Section A.4.2, “What to Do If MySQL Keeps Crashing”.

--init-file=file

Read SQL statements from this file at startup. Each statement must be on a single line and should not include comments.

--language=lang_name, -L lang_name

Client error messages in given language. lang_name can be given as the language name or as the full pathname to the directory where the language files are installed. See Section 5.10.2, “Setting the Error Message Language”.

--large-pages

Some hardware/operating system architectures support memory pages greater than the default (usually 4 KB). The actual implementation of this support depends on the underlying hardware and OS. Applications that perform a lot of memory access may obtain performance improvements by using large pages due to reduced Translation Lookaside Buffer (TLB) misses.

Currently, MySQL supports only the Linux implementation of large pages support (which is called HugeTLB in Linux). We have plans to extend this support to FreeBSD, Solaris and possibly other platforms.

Before large pages can be used on Linux, it is necessary to configure the HugeTLB memory pool. For reference, consult the hugetlbpage.txt file in the Linux kernel source.

This option is disabled by default.

--log[=file], -l [file]

Log connections and queries to this file. See Section 5.11.2, “The General Query Log”. If you don't specify a filename, MySQL uses host_name.log as the filename.

--log-bin=[file]

The binary log file. Log all queries that change data to this file. Used for backup and replication. See Section 5.11.3, “The Binary Log”. It is recommended to specify a filename (see Section A.8.1, “Open Issues in MySQL” for the reason) otherwise MySQL uses host_name-bin as the log file basename.

--log-bin-index[=file]

The index file for binary log filenames. See Section 5.11.3, “The Binary Log”. If you don't specify a filename, and if you didn't specify one in --log-bin, MySQL uses host_name-bin.index as the filename.

--log-bin-trust-routine-creators[={0|1}]

With no argument or an argument of 1, this option sets the log_bin_trust_routine_creators system variable to 1. With an argument of 0, this option sets the system variable to 0. log_bin_trust_routine_creators affects how MySQL enforces restrictions on stored routine creation. See Section 20.4, “Binary Logging of Stored Routines and Triggers”.

--log-error[=file]

Log errors and startup messages to this file. See Section 5.11.1, “The Error Log”. If you don't specify a filename, MySQL uses host_name.err as the filename. If the filename has no extension, an extension of .err is added to the name.

--log-isam[=file]

Log all MyISAM changes to this file (used only when debugging MyISAM).

(DEPRECATED) --log-long-format

Log extra information to whichever of the update log, binary update log, and slow queries log that have been activated. For example, username and timestamp are logged for all queries. This option is deprecated, as it now represents the default logging behavior. (See the description for --log-short-format.) The --log-queries-not-using-indexes option is available for the purpose of logging queries that do not use indexes to the slow query log.

--log-queries-not-using-indexes

If you are using this option with --log-slow-queries, then queries that are not using indexes also are logged to the slow query log. See Section 5.11.4, “The Slow Query Log”.

--log-short-format

Log less information to whichever of the update log, binary update log, and slow queries log that have been activated. For example, the username and timestamp are not logged for queries.

--log-slow-admin-statements

Log slow administrative statements such as OPTIMIZE TABLE, ANALYZE TABLE, and ALTER TABLE to the slow query log.

--log-slow-queries[=file]

Log all queries that have taken more than long_query_time seconds to execute to this file. See Section 5.11.4, “The Slow Query Log”. See the descriptions of the --log-long-format and --log-short-format options for details.

--log-warnings, -W

Print out warnings such as Aborted connection... to the error log. Enabling this option is recommended, for example, if you use replication (you get more information about what is happening, such as messages about network failures and reconnections). This option is enabled by default; to disable it, use --skip-log-warnings. Aborted connections are not logged to the error log unless the value is greater than 1. See Section A.2.10, “Communication Errors and Aborted Connections”.

--low-priority-updates

Table-modifying operations (INSERT, REPLACE, DELETE, UPDATE) have lower priority than selects. This can also be done via {INSERT | REPLACE | DELETE | UPDATE} LOW_PRIORITY ... to lower the priority of only one query, or by SET LOW_PRIORITY_UPDATES=1 to change the priority in one thread. See Section 7.3.2, “Table Locking Issues”.

--memlock

Lock the mysqld process in memory. This works on systems such as Solaris that support the mlockall() system call. This might help if you have a problem where the operating system is causing mysqld to swap on disk. Note that use of this option requires that you run the server as root, which is normally not a good idea for security reasons.

--myisam-recover [=option[,option...]]]

Set the MyISAM storage engine recovery mode. The option value is any combination of the values of DEFAULT, BACKUP, FORCE, or QUICK. If you specify multiple values, separate them by commas. You can also use a value of "" to disable this option. If this option is used, mysqld, when it opens a MyISAM table, checks whether the table is marked as crashed or wasn't closed properly. (The last option works only if you are running with --skip-external-locking.) If this is the case, mysqld runs a check on the table. If the table was corrupted, mysqld attempts to repair it.

The following options affect how the repair works:

Before a table is automatically repaired, MySQL adds a note about this in the error log. If you want to be able to recover from most problems without user intervention, you should use the options BACKUP,FORCE. This forces a repair of a table even if some rows would be deleted, but it keeps the old data file as a backup so that you can later examine what happened.

--ndb-connectstring=connect_string

When using the NDB storage engine, it is possible to point out the management server that distributes the cluster configuration by setting the connect string option. See Section 17.4.4.2, “The MySQL Cluster connectstring” for syntax.

--ndbcluster

If the binary includes support for the NDB Cluster storage engine, the default disabling of support for MySQL Cluster can be overruled by using this option. See Chapter 17, MySQL Cluster.

--old-passwords

Force the server to generate short (pre-4.1) password hashes for new passwords. This is useful for compatibility when the server must support older client programs. See Section 5.7.9, “Password Hashing in MySQL 4.1”.

--one-thread

Only use one thread (for debugging under Linux). This option is available only if the server is built with debugging enabled. See Section E.1, “Debugging a MySQL Server”.

--open-files-limit=count

To change the number of file descriptors available to mysqld. If this is not set or set to 0, then mysqld uses this value to reserve file descriptors to use with setrlimit(). If this value is 0 then mysqld reserves max_connections*5 or max_connections + table_cache*2 (whichever is larger) number of files. You should try increasing this if mysqld gives you the error "Too many open files."

--pid-file=path

The path to the process ID file used by mysqld_safe.

--port=port_num, -P port_num

The port number to use when listening for TCP/IP connections.

--safe-mode

Skip some optimization stages.

(DEPRECATED) --safe-show-database

See Section 5.7.3, “Privileges Provided by MySQL”.

--safe-user-create

If this is enabled, a user can't create new users with the GRANT statement, if the user doesn't have the INSERT privilege for the mysql.user table or any column in the table.

--secure-auth

Disallow authentication for accounts that have old (pre-4.1) passwords.

--shared-memory

Enable shared-memory connections by local clients. This option is available only on Windows.

--shared-memory-base-name=name

The name to use for shared-memory connections. This option is available only on Windows.

--skip-bdb

Disable the BDB storage engine. This saves memory and might speed up some operations. Do not use this option if you require BDB tables.

--skip-concurrent-insert

Turn off the ability to select and insert at the same time on MyISAM tables. (This is to be used only if you think you have found a bug in this feature.)

--skip-external-locking

Don't use system locking. To use myisamchk, you must shut down the server. (See Section 1.4.3, “MySQL Stability”.) To avoid this requirement, use CHECK TABLE and REPAIR TABLE from the MySQL Monitor to check and repair MyISAM tables.

--skip-grant-tables

This option causes the server not to use the privilege system at all. This gives anyone with access to the server unrestricted access to all databases. You can cause a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload command from a system shell, or by issuing a MySQL FLUSH PRIVILEGES statement.

--skip-host-cache

Do not use the internal hostname cache for faster name-to-IP resolution. Instead, query the DNS server every time a client connects. See Section 7.5.6, “How MySQL Uses DNS”.

--skip-innodb

Disable the InnoDB storage engine. This saves memory and disk space and might speed up some operations. Do not use this option if you require InnoDB tables.

--skip-name-resolve

Do not resolve hostnames when checking client connections. Use only IP numbers. If you use this option, all Host column values in the grant tables must be IP numbers or localhost. See Section 7.5.6, “How MySQL Uses DNS”.

--skip-ndbcluster

Disable the NDB Cluster storage engine. This is the default for binaries that were built with NDB Cluster storage engine support, this means that the system allocates memory and other resources for this storage engine only if --skip-ndbcluster is explicitly overridden using the --ndbcluster option. See Section 17.4.3, “Quick Test Setup of MySQL Cluster” for an example of usage.

--skip-networking

Don't listen for TCP/IP connections at all. All interaction with mysqld must be made via named pipes or shared memory (on Windows) or Unix socket files (on Unix). This option is highly recommended for systems where only local clients are allowed. See Section 7.5.6, “How MySQL Uses DNS”.

--standalone

Windows-NT based systems only; instructs the MySQL server not to run as a service.

--symbolic-links, --skip-symbolic-links

Enable or disable symbolic link support. This option has different effects on Windows and Unix:

--skip-safemalloc

If MySQL is configured with --with-debug=full, all MySQL programs check for memory overruns during each memory allocation and memory freeing operation. This checking is very slow, so for the server you can avoid it when you don't need it by using the --skip-safemalloc option.

--skip-show-database

With this option, the SHOW DATABASES statement is allowed only to users who have the SHOW DATABASES privilege, and the statement displays all database names. Without this option, SHOW DATABASES is allowed to all users, but displays each database name only if the user has the SHOW DATABASES privilege or some privilege for the database. Note that any global privilege is a privilege for the database.

--skip-stack-trace

Don't write stack traces. This option is useful when you are running mysqld under a debugger. On some systems, you also must use this option to get a core file. See Section E.1, “Debugging a MySQL Server”.

--skip-thread-priority

Disable using thread priorities for faster response time.

--socket=path

On Unix, this option specifies the Unix socket file to use for local connections. The default value is /tmp/mysql.sock. On Windows, the option specifies the pipe name to use for local connections that use a named pipe. The default value is MySQL.

--sql-mode=value[,value[,value...]]

Set the SQL mode for MySQL. See Section 5.3.2, “The Server SQL Mode”.

--temp-pool

This option causes most temporary files created by the server to use a small set of names, rather than a unique name for each new file. This works around a problem in the Linux kernel dealing with creating many new files with different names. With the old behavior, Linux seems to “leak” memory, because it's being allocated to the directory entry cache rather than to the disk cache.

--transaction-isolation=level

Sets the default transaction isolation level, which can be READ-UNCOMMITTED, READ-COMMITTED, REPEATABLE-READ, or SERIALIZABLE. See Section 13.4.6, “SET TRANSACTION Syntax”.

--tmpdir=path, -t path

The path of the directory to use for creating temporary files. It might be useful if your default /tmp directory resides on a partition that is too small to hold temporary tables. This option accepts several paths that are used in round-robin fashion. Paths should be separated by colon characters (‘:’) on Unix and semicolon characters (‘;’) on Windows, NetWare, and OS/2. If the MySQL server is acting as a replication slave, you should not set --tmpdir to point to a directory on a memory-based filesystem or to a directory that is cleared when the server host restarts. A replication slave needs some of its temporary files to survive a machine restart so that it can replicate temporary tables or LOAD DATA INFILE operations. If files in the temporary file directory are lost when the server restarts, replication fails.

--user={user_name | user_id}, -u {user_name | user_id}

Run the mysqld server as the user having the name user_name or the numeric user ID user_id. (“User” in this context refers to a system login account, not a MySQL user listed in the grant tables.)

This option is mandatory when starting mysqld as root. The server changes its user ID during its startup sequence, causing it to run as that particular user rather than as root. See Section 5.6.1, “General Security Guidelines”.

To avoid a possible security hole where a user adds a --user=root option to a my.cnf file (thus causing the server to run as root), mysqld uses only the first --user option specified and produces a warning if there are multiple --user options. Options in /etc/my.cnf and $MYSQL_HOME/my.cnf are processed before command-line options, so it is recommended that you put a --user option in /etc/my.cnf and specify a value other than root. The option in /etc/my.cnf is found before any other --user options, which ensures that the server runs as a user other than root, and that a warning results if any other --user option is found.

--version, -V

Display version information and exit.

ANSI

Change syntax and behavior to be more conformant to standard SQL.

STRICT_TRANS_TABLES

If a value could not be inserted as given into a transactional table, abort the statement. For a non-transactional table, abort the statement if the value occurs in a single-row statement or the first row of a multiple-row statement. More detail is given later in this section.

TRADITIONAL

Make MySQL behave like a “traditional” SQL database system. A simple description of this mode is “give an error instead of a warning” when inserting an incorrect value into a column. Note: The INSERT/UPDATE aborts as soon as the error is noticed. This may not be what you want if you are using a non-transactional storage engine, because data changes made prior to the error are not be rolled back, resulting in a “partially done” update.

ALLOW_INVALID_DATES

Don't do full checking of dates in strict mode. Check only that the month is in the range from 1 to 12 and the day is in the range from 1 to 31. This is very convenient for Web applications where you obtain year, month, and day in three different fields and you want to store exactly what the user inserted (without date validation). This mode applies to DATE and DATETIME columns. It does not apply TIMESTAMP columns, which always require a valid date.

Enabling strict mode causes the server to require that month and day values be legal, and not merely in the range 1 to 12 and 1 to 31, respectively. For example, '2004-04-31' is legal with strict mode disabled, but illegal with strict mode enabled. To allow such dates in strict mode, enable ALLOW_INVALID_DATES as well.

ANSI_QUOTES

Treat ‘"’ as an identifier quote character (like the ‘`’ quote character) and not as a string quote character. You can still use ‘`’ to quote identifiers in ANSI mode. With ANSI_QUOTES enabled, you cannot use double quotes to quote a literal string, because it is interpreted as an identifier.

ERROR_FOR_DIVISION_BY_ZERO

Produce an error in strict mode (otherwise a warning) when we encounter a division by zero (or MOD(X,0)) during an INSERT or UPDATE. If this mode is not given, MySQL instead returns NULL for divisions by zero. If used in INSERT IGNORE or UPDATE IGNORE, MySQL generates a warning for divisions by zero, but the result of the operation is NULL.

HIGH_NOT_PRECEDENCE

The precedence of the NOT operator is such that expressions such as NOT a BETWEEN b AND c are parsed as NOT (a BETWEEN b AND c). In some older versions of MySQL, the expression was parsed as (NOT a) BETWEEN b AND c. The old higher-precedence behavior can be obtained by enabling the HIGH_NOT_PRECEDENCE SQL mode.

mysql> SET sql_mode = '';
mysql> SELECT NOT 1 BETWEEN -5 AND 5;
        -> 0
mysql> SET sql_mode = 'broken_not';
mysql> SELECT NOT 1 BETWEEN -5 AND 5;
        -> 1

IGNORE_SPACE

Allow spaces between a function name and the ‘(’ character. This forces all function names to be treated as reserved words. As a result, if you want to access any database, table, or column name that is a reserved word, you must quote it. For example, because there is a USER() function, the name of the user table in the mysql database and the User column in that table become reserved, so you must quote them:

SELECT "User" FROM mysql."user";

NO_AUTO_CREATE_USER

Prevent GRANT from automatically creating new users if it would otherwise do so, unless a password also is specified.

NO_AUTO_VALUE_ON_ZERO

NO_AUTO_VALUE_ON_ZERO affects handling of AUTO_INCREMENT columns. Normally, you generate the next sequence number for the column by inserting either NULL or 0 into it. NO_AUTO_VALUE_ON_ZERO suppresses this behavior for 0 so that only NULL generates the next sequence number.

This mode can be useful if 0 has been stored in a table's AUTO_INCREMENT column. (This is not a recommended practice, by the way.) For example, if you dump the table with mysqldump and then reload it, MySQL normally generates new sequence numbers when it encounters the 0 values, resulting in a table with different contents than the one that was dumped. Enabling NO_AUTO_VALUE_ON_ZERO before reloading the dump file solves this problem. mysqldump automatically includes in its output a statement enabling NO_AUTO_VALUE_ON_ZERO.

NO_BACKSLASH_ESCAPES

Disable the use of the backslash character (‘\’) as an escape character within strings. With this mode enabled, backslash becomes any ordinary character like any other.

NO_DIR_IN_CREATE

When creating a table, ignore all INDEX DIRECTORY and DATA DIRECTORY directives. This option is useful on slave replication servers.

NO_ENGINE_SUBSTITUTION

Prevents automatic substitution of storage engine when the requested storage engine is disabled or not compiled in.

NO_FIELD_OPTIONS

Don't print MySQL-specific column options in the output of SHOW CREATE TABLE. This mode is used by mysqldump in portability mode.

NO_KEY_OPTIONS

Don't print MySQL-specific index options in the output of SHOW CREATE TABLE. This mode is used by mysqldump in portability mode.

NO_TABLE_OPTIONS

Don't print MySQL-specific table options (such as ENGINE) in the output of SHOW CREATE TABLE. This mode is used by mysqldump in portability mode.

NO_UNSIGNED_SUBTRACTION

In subtraction operations, don't mark the result as UNSIGNED if one of the operands is unsigned. Note that this makes UNSIGNED BIGINT not 100% usable in all contexts. See Section 12.8, “Cast Functions and Operators”.

NO_ZERO_DATE

In strict mode, don't allow '0000-00-00' as a valid date. You can still insert zero dates with the IGNORE option. When not in strict mode, the date is accepted but a warning is generated.

NO_ZERO_IN_DATE

In strict mode, don't accept dates where the month or day part is 0. If used with the IGNORE option, we insert a '0000-00-00' date for any such date. When not in strict mode, the date is accepted but a warning is generated.

ONLY_FULL_GROUP_BY

Do not allow queries that in the GROUP BY part refer to a column that is not selected.

PIPES_AS_CONCAT

Treat || as a string concatenation operator (same as CONCAT()) rather than as a synonym for OR.

REAL_AS_FLOAT

Treat REAL as a synonym for FLOAT rather than as a synonym for DOUBLE.

STRICT_ALL_TABLES

Enable strict mode for all storage engines. Invalid data values are rejected. Additional detail follows.

STRICT_TRANS_TABLES

Enable strict mode for transactional storage engines, and when possible for non-transactional storage engines. Additional details follow.

For STRICT_ALL_TABLES, MySQL returns an error and ignores the rest of the rows. However, in this case, the earlier rows still have been inserted or updated. This means that you might get a partial update, which might not be what you want. To avoid this, it's best to use single-row statements because these can be aborted without changing the table.

For STRICT_TRANS_TABLES, MySQL converts an invalid value to the closest valid value for the column and insert the adjusted value. If a value is missing, MySQL inserts the implicit default value for the column data type. In either case, MySQL generates a warning rather than an error and continues processing the statement. Implicit defaults are described in Section 13.1.5, “CREATE TABLE Syntax”.

ANSI

Equivalent to REAL_AS_FLOAT, PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE. See Section 1.8.3, “Running MySQL in ANSI Mode”.

DB2

Equivalent to PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE, NO_KEY_OPTIONS, NO_TABLE_OPTIONS, NO_FIELD_OPTIONS.

MAXDB

Equivalent to PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE, NO_KEY_OPTIONS, NO_TABLE_OPTIONS, NO_FIELD_OPTIONS, NO_AUTO_CREATE_USER.

MSSQL

Equivalent to PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE, NO_KEY_OPTIONS, NO_TABLE_OPTIONS, NO_FIELD_OPTIONS.

MYSQL323

Equivalent to NO_FIELD_OPTIONS, HIGH_NOT_PRECEDENCE.

MYSQL40

Equivalent to NO_FIELD_OPTIONS, HIGH_NOT_PRECEDENCE.

ORACLE

Equivalent to PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE, NO_KEY_OPTIONS, NO_TABLE_OPTIONS, NO_FIELD_OPTIONS, NO_AUTO_CREATE_USER.

POSTGRESQL

Equivalent to PIPES_AS_CONCAT, ANSI_QUOTES, IGNORE_SPACE, NO_KEY_OPTIONS, NO_TABLE_OPTIONS, NO_FIELD_OPTIONS.

TRADITIONAL

Equivalent to STRICT_TRANS_TABLES, STRICT_ALL_TABLES, NO_ZERO_IN_DATE, NO_ZERO_DATE, ERROR_FOR_DIVISION_BY_ZERO, NO_AUTO_CREATE_USER.

auto_increment_increment

auto_increment_increment and auto_increment_offset are intended for use with master-to-master replication, and can be used to control the operation of AUTO_INCREMENT columns. Both variables can be set globally or locally, and each can assume an integer value between 1 and 65,535 inclusive. Setting the value of either of these two variables to 0 will cause its value to be set to 1 instead. Attempting to set the value of either of these two variables to an integer greater than 65,535 or less than 0 will cause its value to be set to 65,535 instead. Attempting to set the value of auto_increment_increment or of auto_increment_offset to a non-integer value gives rise to an error, and the actual value of the variable remains unchanged in such a case.

These two variables effect AUTO_INCREMENT column behavior as follows:

Should one or both of these variables be changed and then new rows inserted into a table containing an AUTO_INCREMENT column, the results may seem counterintuitive, as the series of AUTO_INCREMENT values is calculated without regard to any values already present in the column, and the next value inserted is the least value in the series that is greater than the maximum existing value in the AUTO_INCREMENT column. In other words, the series is calculated like so:

auto_increment_offset + N * auto_increment_increment

where N is a positive integer value in the series [1, 2, 3, ...]. For example:

mysql> SHOW VARIABLES LIKE 'auto_inc%';
+--------------------------+-------+
| Variable_name            | Value |
+--------------------------+-------+
| auto_increment_increment | 10    |
| auto_increment_offset    | 5     |
+--------------------------+-------+
2 rows in set (0.00 sec)

mysql> SELECT col FROM autoinc1;
+-----+
| col |
+-----+
|   1 |
|  11 |
|  21 |
|  31 |
+-----+
4 rows in set (0.00 sec)

mysql> INSERT INTO autoinc1 VALUES (NULL), (NULL), (NULL), (NULL);
Query OK, 4 rows affected (0.00 sec)
Records: 4  Duplicates: 0  Warnings: 0

mysql> SELECT col FROM autoinc1;
+-----+
| col |
+-----+
|   1 |
|  11 |
|  21 |
|  31 |
|  35 |
|  45 |
|  55 |
|  65 |
+-----+
8 rows in set (0.00 sec)

The values shown for auto_increment_increment and auto_increment_offset generate the series 5 + N * 10, that is, [5, 15, 25, 35, 45, ...]. The greatest value present in the col column prior to the INSERT is 31, and the next available value in the AUTO_INCREMENT series is 35, so the inserted values for col begin at that point and the results are as shown for the SELECT query.

It is important to remember that it is not possible to confine the effects of these two variables to a single table, and thus they do not take the place of the sequences offered by some other database management systems; these variables control the behavior of all AUTO_INCREMENT columns in all tables on the MySQL server. If one of these variables is set globally, then its effects persist until the global value is changed or overridden by setting them locally, or until mysqld is restarted; if set locally, then the new value affects AUTO_INCREMENT columns for all tables into which new rows are inserted by the current user for the duration of the session, unless the values are changed during that session.

The default value of auto_increment_increment is 1. See Section 6.12, “Auto-Increment in Multi-Master Replication”.

auto_increment_offset

This variable has a default value of 1. For particulars, see the description for auto_increment_increment.

back_log

The number of outstanding connection requests MySQL can have. This comes into play when the main MySQL thread gets very many connection requests in a very short time. It then takes some time (although very little) for the main thread to check the connection and start a new thread. The back_log value indicates how many requests can be stacked during this short time before MySQL momentarily stops answering new requests. You need to increase this only if you expect a large number of connections in a short period of time.

In other words, this value is the size of the listen queue for incoming TCP/IP connections. Your operating system has its own limit on the size of this queue. The manual page for the Unix listen() system call should have more details. Check your OS documentation for the maximum value for this variable. Attempting to set back_log higher than your operating system limit is ineffective.

basedir

The MySQL installation base directory. This variable can be set with the --basedir option.

bdb_cache_size

The size of the buffer that is allocated for caching indexes and rows for BDB tables. If you don't use BDB tables, you should start mysqld with --skip-bdb to not waste memory for this cache.

bdb_home

The base directory for BDB tables. This should be assigned the same value as the datadir variable.

bdb_log_buffer_size

The size of the buffer that is allocated for caching indexes and rows for BDB tables. If you don't use BDB tables, you should set this to 0 or start mysqld with --skip-bdb to not waste memory for this cache.

bdb_logdir

The directory where the BDB storage engine writes its log files. This variable can be set with the --bdb-logdir option.

bdb_max_lock

The maximum number of locks you can have active on a BDB table (10,000 by default). You should increase this if errors such as the following occur when you perform long transactions or when mysqld has to examine many rows to calculate a query:

bdb: Lock table is out of available locks
Got error 12 from ...

bdb_shared_data

This is ON if you are using --bdb-shared-data.

bdb_tmpdir

The value of the --bdb-tmpdir option.

binlog_cache_size

The size of the cache to hold the SQL statements for the binary log during a transaction. A binary log cache is allocated for each client if the server supports any transactional storage engines and if the server has binary log enabled (--log-bin option). If you often use big, multiple-statement transactions, you can increase this to get more performance. The Binlog_cache_use and Binlog_cache_disk_use status variables can be useful for tuning the size of this variable. See Section 5.11.3, “The Binary Log”.

bulk_insert_buffer_size

MyISAM uses a special tree-like cache to make bulk inserts faster for INSERT ... SELECT, INSERT ... VALUES (...), (...), ..., and LOAD DATA INFILE. This variable limits the size of the cache tree in bytes per thread. Setting it to 0 disables this optimization. Note: This cache is used only when adding data to a non-empty table. The default value is 8MB.

character_set_client

The character set for statements that arrive from the client.

character_set_connection

The character set used for literals that do not have a character set introducer and for number-to-string conversion.

character_set_database

The character set used by the default database. The server sets this variable whenever the default database changes. If there is no default database, the variable has the same value as character_set_server.

character_set_results

The character set used for returning query results to the client.

character_set_server

The server's default character set.

character_set_system

The character set used by the server for storing identifiers. The value is always utf8.

character_sets_dir

The directory where character sets are installed.

collation_connection

The collation of the connection character set.

collation_database

The collation used by the default database. The server sets this variable whenever the default database changes. If there is no default database, the variable has the same value as collation_server.

collation_server

The server's default collation.

completion_type

The transaction completion type:

concurrent_insert

If ON (the default), MySQL allows INSERT and SELECT statements to run concurrently for MyISAM tables that have no free blocks in the middle. You can turn this option off by starting mysqld with --safe or --skip-new.

This variable is an integer that takes 3 values:

connect_timeout

The number of seconds the mysqld server waits for a connect packet before responding with Bad handshake.

datadir

The MySQL data directory. This variable can be set with the --datadir option.

date_format

This variable is not implemented.

datetime_format

This variable is not implemented.

default_week_format

The default mode value to use for the WEEK() function.

delay_key_write

This option applies only to MyISAM tables. It can have one of the following values to affect handling of the DELAY_KEY_WRITE table option that can be used in CREATE TABLE statements.

If DELAY_KEY_WRITE is enabled, this means that the key buffer for tables with this option are not flushed on every index update, but only when a table is closed. This speeds up writes on keys a lot, but if you use this feature, you should add automatic checking of all MyISAM tables by starting the server with the --myisam-recover option (for example, --myisam-recover=BACKUP,FORCE). See Section 5.3.1, “mysqld Command-Line Options” and Section 15.1.1, “MyISAM Startup Options”.

Note that --external-locking doesn't offer any protection against index corruption for tables that use delayed key writes.

delayed_insert_limit

After inserting delayed_insert_limit delayed rows, the INSERT DELAYED handler thread checks whether there are any SELECT statements pending. If so, it allows them to execute before continuing to insert delayed rows.

delayed_insert_timeout

How long an INSERT DELAYED handler thread should wait for INSERT statements before terminating.

delayed_queue_size

This is a per-table limit on the number of rows to queue when handling INSERT DELAYED statements. If the queue becomes full, any client that issues an INSERT DELAYED statement waits until there is room in the queue again.

div_precision_increment

This variable indicates the number of digits of precision by which to increase the result of division operations performed with the / operator. The default value is 4. The minimum and maximum values are 0 and 30, respectively. The following example illustrates the effect of increasing the default value.

mysql> SELECT 1/7;
+--------+
| 1/7    |
+--------+
| 0.1429 |
+--------+
mysql> SET div_precision_increment = 12;
mysql> SELECT 1/7;
+----------------+
| 1/7            |
+----------------+
| 0.142857142857 |
+----------------+

engine_condition_pushdown

This variable applies to NDB. By default it is 0 (OFF): If you execute a query such as SELECT * FROM t WHERE mycol = 42, where mycol is an unindexed column, the query is executed as a full table scan on every NDB node. Each node sends every row to the MySQL server, which applies the WHERE condition. If engine_condition_pushdown is set to 1 (ON), the condition is “pushed down” to the storage engine and sent to the NDB nodes. Each node performs the scan, and only sends back to the MySQL server the rows that match the condition.

expire_logs_days

The number of days for automatic binary log removal. The default is 0, which means “no automatic removal”. Possible removals happen at startup and at binary log rotation.

flush

This is ON if you have started mysqld with the --flush option.

flush_time

If this is set to a non-zero value, all tables are closed every flush_time seconds to free up resources and sync unflushed data to disk. We recommend that this option be used only on Windows 9x or Me, or on systems with minimal resources.

ft_boolean_syntax

The list of operators supported by boolean full-text searches performed using IN BOOLEAN MODE. See Section 12.7.1, “Boolean Full-Text Searches”.

The default variable value is '+ -><()~*:""&|'. The rules for changing the value are as follows:

ft_max_word_len

The maximum length of the word to be included in a FULLTEXT index.

Note: FULLTEXT indexes must be rebuilt after changing this variable. Use REPAIR TABLE tbl_name QUICK.

ft_min_word_len

The minimum length of the word to be included in a FULLTEXT index.

Note: FULLTEXT indexes must be rebuilt after changing this variable. Use REPAIR TABLE tbl_name QUICK.

ft_query_expansion_limit

The number of top matches to use for full-text searches performed using WITH QUERY EXPANSION.

ft_stopword_file

The file from which to read the list of stopwords for full-text searches. All the words from the file are used; comments are not honored. By default, a built-in list of stopwords is used (as defined in the myisam/ft_static.c file). Setting this variable to the empty string ('') disables stopword filtering.

Note: FULLTEXT indexes must be rebuilt after changing this variable or the contents of the stopword file. Use REPAIR TABLE tbl_name QUICK.

group_concat_max_len

The maximum allowed result length for the GROUP_CONCAT() function.

have_archive

YES if mysqld supports ARCHIVE tables, NO if not.

have_bdb

YES if mysqld supports BDB tables. DISABLED if --skip-bdb is used.

have_blackhole_engine

YES if mysqld supports BLACKHOLE tables, NO if not.

have_compress

Whether the zlib compression library is available to the server. If not, the COMPRESS() and UNCOMPRESS() functions cannot be used.

have_crypt

Whether the crypt() system call is available to the server. If not, the CRYPT() function cannot be used.

have_csv

YES if mysqld supports ARCHIVE tables, NO if not.

have_example_engine

YES if mysqld supports EXAMPLE tables, NO if not.

have_federated_engine

YES if mysqld supports FEDERATED tables, NO if not.

have_geometry

Whether the server supports spatial data types.

have_innodb

YES if mysqld supports InnoDB tables. DISABLED if --skip-innodb is used.

have_isam

In MySQL 5.1, this appears only for reasons of backwards compatibility, and is always NO, as ISAM tables are no longer supported.

have_ndbcluster

YES if mysqld supports NDB Cluster tables. DISABLED if --skip-ndbcluster is used.

have_partition_engine

YES if mysqld supports partitioning. Added in MySQL 5.1.1.

have_openssl

YES if mysqld supports SSL (encryption) of the client/server protocol.

have_query_cache

YES if mysqld supports the query cache.

have_raid

YES if mysqld supports the RAID option.

have_rtree_keys

Whether RTREE indexes are available. (These are used for spatial indexes in MyISAM tables.)

have_symlink

Whether symbolic link support is enabled. This is required on Unix for support of the DATA DIRECTORY and INDEX DIRECTORY table options.

init_connect

A string to be executed by the server for each client that connects. The string consists of one or more SQL statements. To specify multiple statements, separate them by semicolon characters. For example, each client begins by default with autocommit mode enabled. There is no global server variable to specify that autocommit should be disabled by default, but init_connect can be used to achieve the same effect:

SET GLOBAL init_connect='SET AUTOCOMMIT=0';

This variable can also be set on the command line or in an option file. To set the variable as just shown using an option file, include these lines:

[mysqld]
init_connect='SET AUTOCOMMIT=0'

Note that the content of init_connect is not executed for users having the SUPER privilege; this is in case that content has been wrongly set (contains a wrong query, for example with a syntax error), thus making all connections fail. Not executing it for SUPER users enables those to open a connection and fix init_connect.

init_file

The name of the file specified with the --init-file option when you start the server. This is a file containing SQL statements that you want the server to execute when it starts. Each statement must be on a single line and should not include comments.

init_slave

This variable is similar to init_connect, but is a string to be executed by a slave server each time the SQL thread starts. The format of the string is the same as for the init_connect variable.

innodb_xxx

The InnoDB system variables are listed at Section 15.2.4, “InnoDB Startup Options”.

interactive_timeout

The number of seconds the server waits for activity on an interactive connection before closing it. An interactive client is defined as a client that uses the CLIENT_INTERACTIVE option to mysql_real_connect(). See also wait_timeout.

join_buffer_size

The size of the buffer that is used for full joins (joins that do not use indexes). Normally the best way to get fast joins is to add indexes. Increase the value of join_buffer_size to get a faster full join when adding indexes is not possible. One join buffer is allocated for each full join between two tables. For a complex join between several tables for which indexes are not used, multiple join buffers might be necessary.

key_buffer_size

Index blocks for MyISAM tables are buffered and are shared by all threads. key_buffer_size is the size of the buffer used for index blocks. The key buffer is also known as the key cache.

The maximum allowable setting for key_buffer_size is 4GB. The effective maximum size might be less, depending on your available physical RAM and per-process RAM limits imposed by your operating system or hardware platform.

Increase the value to get better index handling (for all reads and multiple writes) to as much as you can afford. Using a value that is 25% of total memory on a machine that mainly runs MySQL is quite common. However, if you make the value too large (for example, more than 50% of your total memory) your system might start to page and become extremely slow. MySQL relies on the operating system to perform filesystem caching for data reads, so you must leave some room for the filesystem cache.

For even more speed when writing many rows at the same time, use LOCK TABLES. See Section 13.4.5, “LOCK TABLES and UNLOCK TABLES Syntax”.

You can check the performance of the key buffer by issuing a SHOW STATUS statement and examining the Key_read_requests, Key_reads, Key_write_requests, and Key_writes status variables. See Section 13.5.4, “SHOW Syntax”.

The Key_reads/Key_read_requests ratio should normally be less than 0.01. The Key_writes/Key_write_requests ratio is usually near 1 if you are using mostly updates and deletes, but might be much smaller if you tend to do updates that affect many rows at the same time or if you are using the DELAY_KEY_WRITE table option.

The fraction of the key buffer in use can be determined using key_buffer_size in conjunction with the Key_blocks_unused status variable and the buffer block size. The buffer block size is available from the key_cache_block_size server variable. The fraction of the buffer in use is:

1 - ((Key_blocks_unused * key_cache_block_size) / key_buffer_size)

This value is an approximation because some space in the key buffer may be allocated internally for administrative structures.

It is possible to create multiple MyISAM key caches. The size limit of 4GB applies to each cache individually, not as a group. See Section 7.4.6, “The MyISAM Key Cache”.

key_cache_age_threshold

This value controls the demotion of buffers from the hot sub-chain of a key cache to the warm sub-chain. Lower values cause demotion to happen more quickly. The minimum value is 100. The default value is 300. See Section 7.4.6, “The MyISAM Key Cache”.

key_cache_block_size

The size in bytes of blocks in the key cache. The default value is 1024. See Section 7.4.6, “The MyISAM Key Cache”.

key_cache_division_limit

The division point between the hot and warm sub-chains of the key cache buffer chain. The value is the percentage of the buffer chain to use for the warm sub-chain. Allowable values range from 1 to 100. The default value is 100. See Section 7.4.6, “The MyISAM Key Cache”.

language

The language used for error messages.

large_file_support

Whether mysqld was compiled with options for large file support.

large_pages

Indicates whether large page support is enabled.

license

The type of license the server has.

local_infile

Whether LOCAL is supported for LOAD DATA INFILE statements.

locked_in_memory

Whether mysqld was locked in memory with --memlock.

log

Whether logging of all queries to the general query log is enabled. See Section 5.11.2, “The General Query Log”.

log_bin

Whether the binary log is enabled. See Section 5.11.3, “The Binary Log”.

log_bin_trust_routine_creators

This variable applies when binary logging is enabled. It controls whether stored routine creators can be trusted not to create stored routines that will cause unsafe events to be written to the binary log. If set to 0 (the default), users are not allowed to create or alter stored routines unless they have the SUPER privilege in addition to the CREATE ROUTINE or ALTER ROUTINE privilege.

A setting of 0 also enforces the restriction that a routine must be declared with the DETERMINISTIC characteristic, or with the READS SQL DATA or NO SQL characteristic. If the variable is set to 1, MySQL does not enforce these restrictions on stored routine creation.

See Section 20.4, “Binary Logging of Stored Routines and Triggers”.

log_error

The location of the error log.

log_slave_updates

Whether updates received by a slave server from a master server should be logged to the slave's own binary log. Binary logging must be enabled on the slave for this to have any effect. See Section 6.8, “Replication Startup Options”.

log_slow_queries

Whether slow queries should be logged. “Slow” is determined by the value of the long_query_time variable. See Section 5.11.4, “The Slow Query Log”.

log_warnings

Whether to produce additional warning messages. It is enabled by default. Aborted connections are not logged to the error log unless the value is greater than 1.

long_query_time

If a query takes longer than this many seconds, the Slow_queries status variable is incremented. If you are using the --log-slow-queries option, the query is logged to the slow query log file. This value is measured in real time, not CPU time, so a query that is under the threshold on a lightly loaded system might be above the threshold on a heavily loaded one. See Section 5.11.4, “The Slow Query Log”.

low_priority_updates

If set to 1, all INSERT, UPDATE, DELETE, and LOCK TABLE WRITE statements wait until there is no pending SELECT or LOCK TABLE READ on the affected table. This variable previously was named sql_low_priority_updates.

lower_case_file_system

This variable indicates whether the filesystem where the data directory is located has case insensitive filenames. ON means filenames are case insensitive, OFF means they are case sensitive.

lower_case_table_names

If set to 1, table names are stored in lowercase on disk and table name comparisons are not case sensitive. If set to 2 table names are stored as given but compared in lowercase. This option also applies to database names and table aliases. See Section 9.2.2, “Identifier Case Sensitivity”.

If you are using InnoDB tables, you should set this variable to 1 on all platforms to force names to be converted to lowercase.

You should not set this variable to 0 if you are running MySQL on a system that does not have case-sensitive filenames (such as Windows or Mac OS X). If this variable is not set at startup and the filesystem on which the data directory is located does not have case-sensitive filenames, MySQL automatically sets lower_case_table_names to 2.

max_allowed_packet

The maximum size of one packet or any generated/intermediate string.

The packet message buffer is initialized to net_buffer_length bytes, but can grow up to max_allowed_packet bytes when needed. This value by default is small, to catch big (possibly wrong) packets.

You must increase this value if you are using big BLOB columns or long strings. It should be as big as the biggest BLOB you want to use. The protocol limit for max_allowed_packet is 1GB.

max_binlog_cache_size

If a multiple-statement transaction requires more than this amount of memory, you get the error Multi-statement transaction required more than 'max_binlog_cache_size' bytes of storage.

max_binlog_size

If a write to the binary log exceeds the given value, rotate the binary logs. You cannot set this variable to more than 1GB or to less than 4096 bytes. The default value is 1GB.

Note if you are using transactions: A transaction is written in one chunk to the binary log, hence it is never split between several binary logs. Therefore, if you have big transactions, you might see binary logs bigger than max_binlog_size.

If max_relay_log_size is 0, the value of max_binlog_size applies to relay logs as well.

max_connect_errors

If there are more than this number of interrupted connections from a host, that host is blocked from further connections. You can unblock blocked hosts with the FLUSH HOSTS statement.

max_connections

The number of simultaneous client connections allowed. Increasing this value increases the number of file descriptors that mysqld requires. See Section 7.4.9, “How MySQL Opens and Closes Tables” for comments on file descriptor limits. Also see Section A.2.6, “Too many connections”.

max_delayed_threads

Don't start more than this number of threads to handle INSERT DELAYED statements. If you try to insert data into a new table after all INSERT DELAYED threads are in use, the row is inserted as if the DELAYED attribute wasn't specified. If you set this to 0, MySQL never creates a thread to handle DELAYED rows; in effect, this disables DELAYED entirely.

max_error_count

The maximum number of error, warning, and note messages to be stored for display by SHOW ERRORS or SHOW WARNINGS.

max_heap_table_size

This variable sets the maximum size to which MEMORY (HEAP) tables are allowed to grow. The value of the variable is used to calculate MEMORY table MAX_ROWS values. Setting this variable has no effect on any existing MEMORY table, unless the table is re-created with a statement such as CREATE TABLE or TRUNCATE TABLE, or altered with ALTER TABLE.

max_insert_delayed_threads

This variable is a synonym for max_delayed_threads.

max_join_size

Don't allow SELECT statements that probably need to examine more than max_join_size rows (for single-table statements) or row combinations (for multiple-table statements) or that are likely to do more than max_join_size disk seeks. By setting this value, you can catch SELECT statements where keys are not used properly and that would probably take a long time. Set it if your users tend to perform joins that lack a WHERE clause, that take a long time, or that return millions of rows.

Setting this variable to a value other than DEFAULT resets the value of SQL_BIG_SELECTS to 0. If you set the SQL_BIG_SELECTS value again, the max_join_size variable is ignored.

If a query result is in the query cache, no result size check is performed, because the result has previously been computed and it does not burden the server to send it to the client.

This variable previously was named sql_max_join_size.

max_length_for_sort_data

The cutoff on the size of index values that determines which filesort algorithm to use. See Section 7.2.12, “How MySQL Optimizes ORDER BY”.

max_relay_log_size

If a write by a replication slave to its relay log exceeds the given value, rotate the relay log. This variable enables you to put different size constraints on relay logs and binary logs. However, setting the variable to 0 makes MySQL use max_binlog_size for both binary logs and relay logs. You must set max_relay_log_size to between 4096 bytes and 1GB (inclusive), or to 0. The default value is 0. See Section 6.3, “Replication Implementation Details”.

max_seeks_for_key

Limit the assumed maximum number of seeks when looking up rows based on a key. The MySQL optimizer assumes that no more than this number of key seeks are required when searching for matching rows in a table by scanning a key, regardless of the actual cardinality of the key (see Section 13.5.4.11, “SHOW INDEX Syntax”). By setting this to a low value (100?), you can force MySQL to prefer keys instead of table scans.

max_sort_length

The number of bytes to use when sorting BLOB or TEXT values. Only the first max_sort_length bytes of each value are used; the rest are ignored.

max_tmp_tables

The maximum number of temporary tables a client can keep open at the same time. (This option doesn't yet do anything.)

max_user_connections

The maximum number of simultaneous connections allowed to any given MySQL account. A value of 0 means “no limit.”

This variable has both a global scope and a (read-only) session scope. The session variable has the same value as the global variable unless the current account has a non-zero MAX_USER_CONNECTIONS resource limit. In that case, the session value reflects the account limit.

max_write_lock_count

After this many write locks, allow some read locks to run in between.

myisam_data_pointer_size

The default pointer size in bytes, to be used by CREATE TABLE for MyISAM tables when no MAX_ROWS option is specified. This variable cannot be less than 2 or larger than 7. The default value is 6. See Section A.2.11, “The table is full”.

(DEPRECATED) myisam_max_extra_sort_file_size

Note: This variable is not supported in MySQL 5.1. See MySQL 5.0 Reference Manual for more information.

myisam_max_sort_file_size

The maximum size of the temporary file MySQL is allowed to use while re-creating a MyISAM index (during REPAIR TABLE, ALTER TABLE, or LOAD DATA INFILE). If the file size would be bigger than this value, the index is created using the key cache instead, which is slower. The value is given in bytes.

myisam_recover_options

The value of the --myisam-recover option.

myisam_repair_threads

If this value is greater than 1, MyISAM table indexes are created in parallel (each index in its own thread) during the Repair by sorting process. The default value is 1. Note: Multi-threaded repair is still alpha quality code.

myisam_sort_buffer_size

The buffer that is allocated when sorting MyISAM indexes during a REPAIR TABLE or when creating indexes with CREATE INDEX or ALTER TABLE.

myisam_stats_method

How the server treats NULL values when collecting statistics about the distribution of index values for MyISAM tables. This variable has two possible values, nulls_equal and nulls_unequal. For nulls_equal, all NULL index values are considered equal and form a single value group that has a size equal to the number of NULL values. For nulls_unequal, NULL values are considered unequal, and each NULL forms a distinct value group of size 1.

The method that is used for generating table statistics influences how the optimizer chooses indexes for query execution, as described in Section 7.4.7, “MyISAM Index Statistics Collection”.

multi_read_range

Specifies the maximum number of ranges to send to a storage engine during range selects. The default value is 256. Sending multiple ranges to an engine is a feature that can improve the performance of certain selects dramatically, particularly for NDBCLUSTER. This engine needs to send the range requests to all nodes, and sending many of those requests at once reduces the communication costs significantly.

named_pipe

(Windows only.) Indicates whether the server supports connections over named pipes.

net_buffer_length

The communication buffer is reset to this size between queries. This should not normally be changed, but if you have very little memory, you can set it to the expected length of SQL statements sent by clients. If statements exceed this length, the buffer is automatically enlarged, up to max_allowed_packet bytes.

net_read_timeout

The number of seconds to wait for more data from a connection before aborting the read. When the server is reading from the client, net_read_timeout is the timeout value controlling when to abort. When the server is writing to the client, net_write_timeout is the timeout value controlling when to abort. See also slave_net_timeout.

net_retry_count

If a read on a communication port is interrupted, retry this many times before giving up. This value should be set quite high on FreeBSD because internal interrupts are sent to all threads.

net_write_timeout

The number of seconds to wait for a block to be written to a connection before aborting the write. See also net_read_timeout.

new

This variable was used in MySQL 4.0 to turn on some 4.1 behaviors, and is retained for backwards compatibility. In MySQL 5.1, its value is always OFF.

old_passwords

Whether the server should use pre-4.1-style passwords for MySQL user accounts. See Section A.2.3, “Client does not support authentication protocol”.

one_shot

This is not a variable, but it can be used when setting some variables. It's described in Section 13.5.3, “SET Syntax”.

one_shot

This is not a variable, but it can be used when setting some variables. It's described in Section 13.5.3, “SET Syntax”.

open_files_limit

The number of files that the operating system allows mysqld to open. This is the real value allowed by the system and might be different from the value you gave mysqld as a startup option. The value is 0 on systems where MySQL can't change the number of open files.

optimizer_prune_level

Controls the heuristics applied during query optimization to prune less-promising partial plans from the optimizer search space. A value of 0 disables heuristics so that the optimizer performs an exhaustive search. A value of 1 causes the optimizer to prune plans based on the number of rows retrieved by intermediate plans.

optimizer_search_depth

The maximum depth of search performed by the query optimizer. Values larger than the number of relations in a query result in better query plans, but take longer to generate an execution plan for a query. Values smaller than the number of relations in a query return an execution plan quicker, but the resulting plan may be far from being optimal. If set to 0, the system automatically picks a reasonable value. If set to the maximum number of tables used in a query plus 2, the optimizer switches to the algorithm used in MySQL 5.0.0 (and previous versions) for performing searches.

pid_file

The pathname of the process ID (PID) file. This variable can be set with the --pid-file option.

plugin_dir

The path to the plugins directory. This variable was added in MySQL 5.1.2.

port

The port on which the server listens for TCP/IP connections. This variable can be set with the --port option.

preload_buffer_size

The size of the buffer that is allocated when preloading indexes.

protocol_version

The version of the client/server protocol used by the MySQL server.

query_alloc_block_size

The allocation size of memory blocks that are allocated for objects created during query parsing and execution. If you have problems with memory fragmentation, it might help to increase this a bit.

query_cache_limit

Don't cache results that are larger than this number of bytes. The default value is 1048576 (1MB).

query_cache_min_res_unit

The minimum size (in bytes) for blocks allocated by the query cache. The default value is 4096 (4KB). Tuning information for this variable is given in Section 5.13.3, “Query Cache Configuration”.

query_cache_size

The amount of memory allocated for caching query results. The default value is 0, which disables the query cache. Note that this amount of memory is allocated even if query_cache_type is set to 0. See Section 5.13.3, “Query Cache Configuration” for more information.

query_cache_type

Set query cache type. Setting the GLOBAL value sets the type for all clients that connect thereafter. Individual clients can set the SESSION value to affect their own use of the query cache. Possible values are shown in the following table:

This variable defaults to ON.

query_cache_wlock_invalidate

Normally, when one client acquires a WRITE lock on a MyISAM table, other clients are not blocked from issuing queries for the table if the query results are present in the query cache. Setting this variable to 1 causes acquisition of a WRITE lock for a table to invalidate any queries in the query cache that refer to the table. This forces other clients that attempt to access the table to wait while the lock is in effect.

query_prealloc_size

The size of the persistent buffer used for query parsing and execution. This buffer is not freed between queries. If you are running complex queries, a larger query_prealloc_size value might be helpful in improving performance, because it can reduce the need for the server to perform memory allocation during query execution operations.

range_alloc_block_size

The size of blocks that are allocated when doing range optimization.

read_buffer_size

Each thread that does a sequential scan allocates a buffer of this size (in bytes) for each table it scans. If you do many sequential scans, you might want to increase this value, which defaults to 131072.

read_only

When the variable is set to ON for a replication slave server, it causes the slave to allow no updates except from slave threads or from users with the SUPER privilege. This can be useful to ensure that a slave server accepts no updates from clients.

relay_log_purge

Disables or enables automatic purging of relay logs as soon as they are not needed any more. The default value is 1 (enabled).

read_rnd_buffer_size

When reading rows in sorted order after a sort, the rows are read through this buffer to avoid disk seeks. Setting the variable to a large value can improve ORDER BY performance by a lot. However, this is a buffer allocated for each client, so you should not set the global variable to a large value. Instead, change the session variable only from within those clients that need to run large queries.

secure_auth

If the MySQL server has been started with the --secure-auth option, it blocks connections from all accounts that have passwords stored in the old (pre-4.1) format. In that case, the value of this variable is ON, otherwise it is OFF.

You should enable this option if you want to prevent all usage of passwords employing the old format (and hence insecure communication over the network).

Server startup fails with an error if this option is enabled and the privilege tables are in pre-4.1 format. See Section A.2.3, “Client does not support authentication protocol”.

When used as a client-side option, the client refuses to connect to a server if the server requires a password in old format for the client account.

server_id

The value of the --server-id option. It is used for master and slave replication servers.

shared_memory

(Windows only.) Whether or not the server allows shared-memory connections.

shared_memory_base_name

(Windows only.) Indicates whether or not the server allows shared-memory connections, and sets the identifier for the shared memory. This is useful when running multiple MySQL instances on a single physical machine.

skip_external_locking

This is OFF if mysqld uses external locking.

skip_networking

This is ON if the server allows only local (non-TCP/IP) connections. On Unix, local connections use a Unix socket file. On Windows, local connections use a named pipe or shared memory. On NetWare, only TCP/IP connections are supported, so do not set this variable to ON.

skip_show_database

This prevents people from using the SHOW DATABASES statement if they do not have the SHOW DATABASES privilege. This can improve security if you have concerns about users being able to see databases belonging to other users. Its effect depends on the SHOW DATABASES privilege: If the variable value is ON, the SHOW DATABASES statement is allowed only to users who have the SHOW DATABASES privilege, and the statement displays all database names. If the value is OFF, SHOW DATABASES is allowed to all users, but displays the names of only those databases for which the user has the SHOW DATABASES or other privilege.

slave_compressed_protocol

Whether to use compression of the slave/master protocol if both the slave and the master support it.

slave_load_tmpdir

The name of the directory where the slave creates temporary files for replicating LOAD DATA INFILE statement.

slave_net_timeout

The number of seconds to wait for more data from a master/slave connection before aborting the read.

slave_skip_errors

The replication errors that the slave should skip (ignore).

slave_transaction_retries

If a replication slave SQL thread fails to execute a transaction because of an InnoDB deadlock or exceeded InnoDB's innodb_lock_wait_timeout or NDBCluster's TransactionDeadlockDetectionTimeout or TransactionInactiveTimeout, it automatically retries slave_transaction_retries times before stopping with an error. The default value is 10.

slow_launch_time

If creating a thread takes longer than this many seconds, the server increments the Slow_launch_threads status variable.

socket

Unix platforms: The socket file used for local client connections. Defaults to /var/lib/mysql/mysql.sock.

Windows: The name of the named pipe used for local client connections. Defaults to mysql.

sort_buffer_size

Each thread that needs to do a sort allocates a buffer of this size. Increase this value for faster ORDER BY or GROUP BY operations. See Section A.4.4, “Where MySQL Stores Temporary Files”.

sql_mode

The current server SQL mode, which can be set dynamically. See Section 5.3.2, “The Server SQL Mode”.

sql_slave_skip_counter

The number of events from the master that a slave server should skip.

storage_engine

This variable is a synonym for table_type. In MySQL 5.1, storage_engine is the preferred name.

sync_binlog

If positive, the MySQL server synchronizes its binary log to disk (fdatasync()) after every sync_binlog'th write to this binary log. Note that there is one write to the binary log per statement if in autocommit mode, and otherwise one write per transaction. The default value is 0 which does no synchronising to disk. A value of 1 is the safest choice, because in the event of a crash you lose at most one statement/transaction from the binary log; however, it is also the slowest choice (unless the disk has a battery-backed cache, which makes synchronisation very fast).

sync_frm

If this variable is set to 1, then when a non-temporary table is created its .frm file is synchronised to disk (fdatasync()); this is slower but safer in case of a crash. The default is 1.

system_time_zone

The server system time zone. When the server begins executing, it inherits a time zone setting from the machine defaults, possibly modified by the environment of the account used for running the server or the startup script. The value is used to set system_time_zone. Typically the time zone is specified by the TZ environment variable. It also can be specified using the --timezone option of the mysqld_safe script.

table_cache

The number of open tables for all threads. Increasing this value increases the number of file descriptors that mysqld requires. You can check whether you need to increase the table cache by checking the Opened_tables status variable. See Section 5.3.4, “Server Status Variables”. If the value of Opened_tables is large and you don't do FLUSH TABLES a lot (which just forces all tables to be closed and reopened), then you should increase the value of the table_cache variable.

For more information about the table cache, see Section 7.4.9, “How MySQL Opens and Closes Tables”.

table_type

The default table type (storage engine). To set the table type at server startup, use the --default-table-type option. See Section 5.3.1, “mysqld Command-Line Options”.

thread_cache_size

How many threads the server should cache for reuse. When a client disconnects, the client's threads are put in the cache if there are fewer than thread_cache_size threads there. Requests for threads are satisfied by reusing threads taken from the cache if possible, and only when the cache is empty is a new thread created. This variable can be increased to improve performance if you have a lot of new connections. (Normally this doesn't give a notable performance improvement if you have a good thread implementation.) By examining the difference between the Connections and Threads_created status variables (see Section 5.3.4, “Server Status Variables” for details) you can see how efficient the thread cache is.

thread_concurrency

On Solaris, mysqld calls thr_setconcurrency() with this value. This function allows applications to give the threads system a hint about the desired number of threads that should be run at the same time.

thread_stack

The stack size for each thread. Many of the limits detected by the crash-me test are dependent on this value. The default is large enough for normal operation. See Section 7.1.4, “The MySQL Benchmark Suite”.

time_format

This variable is not implemented.

time_zone

The current time zone. The initial value of this is 'SYSTEM' (use the value of system_time_zone), but can be specified explicitly at server startup time with the --default-time-zone option.

tmp_table_size

If an in-memory temporary table exceeds this size, MySQL automatically converts it to an on-disk MyISAM table. Increase the value of tmp_table_size if you do many advanced GROUP BY queries and you have lots of memory.

tmpdir

The directory used for temporary files and temporary tables. This variable can be set to a list of several paths that are used in round-robin fashion. Paths should be separated by colon characters (‘:’) on Unix and semicolon characters (‘;’) on Windows, NetWare, and OS/2.

This feature can be used to spread the load between several physical disks. If the MySQL server is acting as a replication slave, you should not set tmpdir to point to a directory on a memory-based filesystem or to a directory that is cleared when the server host restarts. A replication slave needs some of its temporary files to survive a machine restart so that it can replicate temporary tables or LOAD DATA INFILE operations. If files in the temporary file directory are lost when the server restarts, replication fails. However, if you're using MySQL 4.0.0 or later, you may set the slave's temporary directory using the slave_load_tmpdir variable. In that case, the slave won't use the general tmpdir any more, which means you can set tmpdir to a non-permanent location then.

transaction_alloc_block_size

The allocation size (in bytes) of memory blocks that are allocated for storing queries that are part of a transaction to be stored in the binary log when doing a commit.

transaction_prealloc_size

The size in bytes of the persistent buffer for transaction_alloc_blocks that is not freed between queries. By making this sufficiently large to fit all queries into a single transaction, you can avoid many malloc() calls.

tx_isolation

The default transaction isolation level. Defaults to REPEATABLE-READ.

updatable_views_with_limit

This variable controls whether updates can be made using a view that does not contain a primary key in the underlying table, if the update contains a LIMIT clause. (Such updates often are generated by GUI tools.) An update is an UPDATE or DELETE statement. Primary key here means a PRIMARY KEY, or a UNIQUE index in which no column can contain NULL.

The variable can have two values:

version

The version number for the server.

version_bdb

The BDB storage engine version.

version_comment

The configure script has a --with-comment option that allows a comment to be specified when building MySQL. This variable contains the value of that comment.

version_compile_machine

The type of machine or architecture which MySQL was built on.

version_compile_os

The type of operating system MySQL was built on.

wait_timeout

The number of seconds the server waits for activity on a non-interactive connection before closing it.

On thread startup, the session wait_timeout value is initialized from the global wait_timeout value or from the global interactive_timeout value, depending on the type of client (as defined by the CLIENT_INTERACTIVE connect option to mysql_real_connect()). See also interactive_timeout.

Aborted_clients

The number of connections that were aborted because the client died without closing the connection properly. See Section A.2.10, “Communication Errors and Aborted Connections”.

Aborted_connects

The number of tries to connect to the MySQL server that failed. See Section A.2.10, “Communication Errors and Aborted Connections”.

Binlog_cache_disk_use

The number of transactions that used the temporary binary log cache but that exceeded the value of binlog_cache_size and used a temporary file to store statements from the transaction.

Binlog_cache_use

The number of transactions that used the temporary binary log cache.

Bytes_received

The number of bytes received from all clients.

Bytes_sent

The number of bytes sent to all clients.

Com_xxx

The Com_xxx statement counter variables indicate the number of times each xxx statement has been executed. There is one status variable for each type of statement. For example, Com_delete and Com_insert count DELETE and INSERT statements, respectively.

The Com_stmt_xxx status variables are as follows:

Those variables stand for prepared statements commands. Their names refer to the COM_xxx command set used in the network layer; in other words: Their values are increased whenever prepared statements API calls such as mysql_stmt_prepare(), mysql_stmt_execute(), and so forth are executed. However, Com_stmt_prepare, Com_stmt_execute and Com_stmt_close are also increased when one issues the following SQL statements: PREPARE, EXECUTE, or DEALLOCATE PREPARE respectively. Additionally, the values of the older (available since MySQL 4.1.3) statement counter variables Com_prepare_sql, Com_execute_sql, and Com_dealloc_sql are increased for the PREPARE, EXECUTE, and DEALLOCATE PREPARE statements. Com_stmt_fetch stands for the total number of network round-trips issued when fetching from cursors.

All of the Com_stmt_xxx variables are increased even if a prepared statement argument is unknown or an error occurred during execution. In other words, their values correspond to the number of requests issued, not to the number of requests successfully completed.

Connections

The number of connection attempts (successful or not) to the MySQL server.

Created_tmp_disk_tables

The number of temporary tables on disk created automatically by the server while executing statements.

Created_tmp_files

How many temporary files mysqld has created.

Created_tmp_tables

The number of in-memory temporary tables created automatically by the server while executing statements. If Created_tmp_disk_tables is big, you may want to increase the tmp_table_size value to cause temporary tables to be memory-based instead of disk-based.

Delayed_errors

The number of rows written with INSERT DELAYED for which some error occurred (probably duplicate key).

Delayed_insert_threads

The number of INSERT DELAYED handler threads in use.

Delayed_writes

The number of INSERT DELAYED rows written.

Flush_commands

The number of executed FLUSH statements.

Handler_commit

The number of internal COMMIT statements.

Handler_discover

The MySQL server can ask the NDB Cluster storage engine if it knows about a table with a given name. This is called discovery. Handler_discover indicates the number of times that tables have been discovered via this mechanism.

Handler_delete

The number of times that rows have been deleted from tables.

Handler_read_first

The number of times the first entry was read from an index. If this is high, it suggests that the server is doing a lot of full index scans; for example, SELECT col1 FROM foo, assuming that col1 is indexed.

Handler_read_key

The number of requests to read a row based on a key. If this is high, it is a good indication that your queries and tables are properly indexed.

Handler_read_next

The number of requests to read the next row in key order. This is incremented if you are querying an index column with a range constraint or if you are doing an index scan.

Handler_read_prev

The number of requests to read the previous row in key order. This read method is mainly used to optimize ORDER BY ... DESC.

Handler_read_rnd

The number of requests to read a row based on a fixed position. This is high if you are doing a lot of queries that require sorting of the result. You probably have a lot of queries that require MySQL to scan whole tables or you have joins that don't use keys properly.

Handler_read_rnd_next

The number of requests to read the next row in the data file. This is high if you are doing a lot of table scans. Generally this suggests that your tables are not properly indexed or that your queries are not written to take advantage of the indexes you have.

Handler_rollback

The number of internal ROLLBACK statements.

Handler_update

The number of requests to update a row in a table.

Handler_write

The number of requests to insert a row in a table.

Innodb_buffer_pool_pages_data

The number of pages containing data (dirty or clean).

Innodb_buffer_pool_pages_dirty

The number of pages currently dirty.

Innodb_buffer_pool_pages_flushed

The number of buffer pool pages that have been requested to be flushed.

Innodb_buffer_pool_pages_free

The number of free pages.

Innodb_buffer_pool_pages_latched

The number of latched pages in InnoDB buffer pool. These are pages currently being read or written or that cannot be flushed or removed for some other reason.

Innodb_buffer_pool_pages_misc

The number of pages busy because they have been allocated for administrative overhead such as row locks or the adaptive hash index. This value can also be calculated as Innodb_buffer_pool_pages_total - Innodb_buffer_pool_pages_free - Innodb_buffer_pool_pages_data.

Innodb_buffer_pool_pages_total

Total size of buffer pool, in pages.

Innodb_buffer_pool_read_ahead_rnd

The number of “random” read-aheads InnoDB initiated. This happens when a query is to scan a large portion of a table but in random order.

Innodb_buffer_pool_read_ahead_seq

The number of sequential read-aheads InnoDB initiated. This happens when InnoDB does a sequential full table scan.

Innodb_buffer_pool_read_requests

The number of logical read requests InnoDB has done.

Innodb_buffer_pool_reads

The number of logical reads that InnoDB could not satisfy from the buffer pool and had to do a single-page read.

Innodb_buffer_pool_wait_free

Normally, writes to the InnoDB buffer pool happen in the background. However, if it is necessary to read or create a page and no clean pages are available, then it is also necessary to wait for pages to be flushed first. This counter counts instances of these waits. If the buffer pool size has been set properly, this value should be small.

Innodb_buffer_pool_write_requests

The number writes done to the InnoDB buffer pool.

Innodb_data_fsyncs

The number of fsync() operations so far.

Innodb_data_pending_fsyncs

The current number of pending fsync() operations.

Innodb_data_pending_reads

The current number of pending reads.

Innodb_data_pending_writes

The current number of pending writes.

Innodb_data_read

The amount of data read so far, in bytes.

Innodb_data_reads

The total number of data reads.

Innodb_data_writes

The total number of data writes.

Innodb_data_written

The amount of data written so far, in bytes.

Innodb_dblwr_writes, Innodb_dblwr_pages_written

The number of doublewrite operations that have been performed and the number of pages that have been written for this purpose. See Section 15.2.14.1, “Disk I/O”.

Innodb_log_waits

The number of waits we had because log buffer was too small and we had to wait for it to be flushed before continuing.

Innodb_log_write_requests

The number of log write requests.

Innodb_log_writes

The number of physical writes to the log file.

Innodb_os_log_fsyncs

The number of fsync() writes done to the log file.

Innodb_os_log_pending_fsyncs

The number of pending log file fsync() operations.

Innodb_os_log_pending_writes

Pending log file writes.

Innodb_os_log_written

The number of bytes written to the log file.

Innodb_page_size

The compiled-in InnoDB page size (default 16KB). Many values are counted in pages; the page size allows them to be easily converted to bytes.

Innodb_pages_created

The number of pages created.

Innodb_pages_read

The number of pages read.

Innodb_pages_written

The number of pages written.

Innodb_row_lock_current_waits

The number of row locks currently being waited for.

Innodb_row_lock_time

The total time spent in acquiring row locks, in milliseconds.

Innodb_row_lock_time_avg

The average time to acquire a row lock, in milliseconds.

Innodb_row_lock_time_max

The maximum time to acquire a row lock, in milliseconds.

Innodb_row_lock_waits

The number of times a row lock had to be waited for.

Innodb_rows_deleted

The number of rows deleted from InnoDB tables.

Innodb_rows_inserted

The number of rows inserted into InnoDB tables.

Innodb_rows_read

The number of rows read from InnoDB tables.

Innodb_rows_updated

The number of rows updated in InnoDB tables.

Key_blocks_not_flushed

The number of key blocks in the key cache that have changed but haven't yet been flushed to disk.

Key_blocks_unused

The number of unused blocks in the key cache. You can use this value to determine how much of the key cache is in use; see the discussion of key_buffer_size in Section 5.3.3, “Server System Variables”.

Key_blocks_used

The number of used blocks in the key cache. This value is a high-water mark that indicates the maximum number of blocks that have ever been in use at one time.

Key_read_requests

The number of requests to read a key block from the cache.

Key_reads

The number of physical reads of a key block from disk. If Key_reads is big, then your key_buffer_size value is probably too small. The cache miss rate can be calculated as Key_reads/Key_read_requests.

Key_write_requests

The number of requests to write a key block to the cache.

Key_writes

The number of physical writes of a key block to disk.

Last_query_cost

The total cost of the last compiled query as computed by the query optimizer. Useful for comparing the cost of different query plans for the same query. The default value of 0 means that no query has been compiled yet. The default value is 0. Last_query_cost has session scope.

Max_used_connections

The maximum number of connections that have been in use simultaneously since the server started.

Not_flushed_delayed_rows

The number of rows waiting to be written in INSERT DELAY queues.

Open_files

The number of files that are open.

Open_streams

The number of streams that are open (used mainly for logging).

Open_tables

The number of tables that are currently open.

Opened_tables

The number of tables that have been opened. If Opened_tables is big, your table_cache value is probably too small.

Qcache_free_blocks

The number of free memory blocks in query cache.

Qcache_free_memory

The amount of free memory for query cache.

Qcache_hits

The number of cache hits.

Qcache_inserts

The number of queries added to the cache.

Qcache_lowmem_prunes

The number of queries that were deleted from the cache because of low memory.

Qcache_not_cached

The number of non-cached queries (not cachable, or not cached due to the query_cache_type setting).

Qcache_queries_in_cache

The number of queries registered in the cache.

Qcache_total_blocks

The total number of blocks in the query cache.

Questions

The number of queries that have been sent to the server.

Rpl_status

The status of failsafe replication (not yet implemented).

Select_full_join

The number of joins that do not use indexes. If this value is not 0, you should carefully check the indexes of your tables.

Select_full_range_join

The number of joins that used a range search on a reference table.

Select_range

The number of joins that used ranges on the first table. It is normally not a critical issue even if this is quite large.

Select_range_check

The number of joins without keys that check for key usage after each row. If this is not 0, you should carefully check the indexes of your tables.

Select_scan

The number of joins that did a full scan of the first table.

Slave_open_temp_tables

The number of temporary tables currently open by the slave SQL thread.

Slave_running

This is ON if this server is a slave that is connected to a master.

Slave_retried_transactions

Total number of times since startup that the replication slave SQL thread has retried transactions.

Slow_launch_threads

The number of threads that have taken more than slow_launch_time seconds to create.

Slow_queries

The number of queries that have taken more than long_query_time seconds. See Section 5.11.4, “The Slow Query Log”.

Sort_merge_passes

The number of merge passes the sort algorithm has had to do. If this value is large, you should consider increasing the value of the sort_buffer_size system variable.

Sort_range

The number of sorts that were done using ranges.

Sort_rows

The number of sorted rows.

Sort_scan

The number of sorts that were done by scanning the table.

Ssl_xxx

Variables used for SSL connections.

Table_locks_immediate

The number of times that a table lock was acquired immediately.

Table_locks_waited

The number of times that a table lock could not be acquired immediately and a wait was needed. If this is high, and you have performance problems, you should first optimize your queries, and then either split your table or tables or use replication.

Threads_cached

The number of threads in the thread cache.

Threads_connected

The number of currently open connections.

Threads_created

The number of threads created to handle connections. If Threads_created is big, you may want to increase the thread_cache_size value. The cache hit rate can be calculated as Threads_created/Connections.

Threads_running

The number of threads that are not sleeping.

Uptime

The number of seconds the server has been up.

Do not ever give anyone (except MySQL root accounts) access to the user table in the mysql database! This is critical. The encrypted password is the real password in MySQL. Anyone who knows the password that is listed in the user table and has access to the host listed for the account can easily log in as that user.

Learn the MySQL access privilege system. The GRANT and REVOKE statements are used for controlling access to MySQL. Do not grant more privileges than necessary. Never grant privileges to all hosts.

Checklist:

Do not store any plain-text passwords in your database. If your computer becomes compromised, the intruder can take the full list of passwords and use them. Instead, use MD5(), SHA1(), or some other one-way hashing function.

Do not choose passwords from dictionaries. There are special programs to break them. Even passwords like “xfish98” are very bad. Much better is “duag98” which contains the same word “fish” but typed one key to the left on a standard QWERTY keyboard. Another method is to use “Mhall” which is taken from the first characters of each word in the sentence “Mary had a little lamb.” This is easy to remember and type, but difficult to guess for someone who does not know it.

Invest in a firewall. This protects you from at least 50% of all types of exploits in any software. Put MySQL behind the firewall or in a demilitarized zone (DMZ).

Checklist:

Do not trust any data entered by users of your applications. They can try to trick your code by entering special or escaped character sequences in Web forms, URLs, or whatever application you have built. Be sure that your application remains secure if a user enters something like “; DROP DATABASE mysql;”. This is an extreme example, but large security leaks and data loss might occur as a result of hackers using similar techniques, if you do not prepare for them.

A common mistake is to protect only string data values. Remember to check numeric data as well. If an application generates a query such as SELECT * FROM table WHERE ID=234 when a user enters the value 234, the user can enter the value 234 OR 1=1 to cause the application to generate the query SELECT * FROM table WHERE ID=234 OR 1=1. As a result, the server retrieves every record in the table. This exposes every record and causes excessive server load. The simplest way to protect from this type of attack is to use single quotes around the numeric constants: SELECT * FROM table WHERE ID='234'. If the user enters extra information, it all becomes part of the string. In a numeric context, MySQL automatically converts this string to a number and strips any trailing non-numeric characters which the string may contain.

Sometimes people think that if a database contains only publicly available data, it need not be protected. This is incorrect. Even if it is allowable to display any record in the database, you should still protect against denial of service attacks (for example, those that are based on the technique in the preceding paragraph that causes the server to waste resources). Otherwise, your server becomes unresponsive to legitimate users.

Checklist:

Many application programming interfaces provide a means of escaping special characters in data values. Properly used, this prevents application users from entering values that cause the application to generate statements that have a different effect than you intend:

Other programming interfaces might have similar capabilities.

Do not transmit plain (unencrypted) data over the Internet. This information is accessible to everyone who has the time and ability to intercept it and use it for their own purposes. Instead, use an encrypted protocol such as SSL or SSH. MySQL supports internal SSL connections as of Version 4.0.0. SSH port-forwarding can be used to create an encrypted (and compressed) tunnel for the communication.

Learn to use the tcpdump and strings utilities. In most cases, you can check whether MySQL data streams are unencrypted by issuing a command like the following:

shell> tcpdump -l -i eth0 -w - src or dst port 3306 | strings

(This works under Linux and should work with small modifications under other systems.) Warning: If you do not see plaintext data, this doesn't always mean that the information actually is encrypted. If you need high security, you should consult with a security expert.

Use passwords for all MySQL users. A client program does not necessarily know the identity of the person running it. It is common for client/server applications that the user can specify any username to the client program. For example, anyone can use the mysql program to connect as any other person simply by invoking it as mysql -u other_user db_name if other_user has no password. If all users have a password, connecting using another user's account becomes much more difficult.

To change the password for a user, use the SET PASSWORD statement. It is also possible to update the user table in the mysql database directly. For example, to change the password of all MySQL accounts that have a username of root, do this:

shell> mysql -u root
mysql> UPDATE mysql.user SET Password=PASSWORD('newpwd')
    -> WHERE User='root';
mysql> FLUSH PRIVILEGES;

Never run the MySQL server as the Unix root user. This is extremely dangerous, because any user with the FILE privilege is able to create files as root (for example, ~root/.bashrc). To prevent this, mysqld refuses to run as root unless that is specified explicitly using the --user=root option.

mysqld can (and should) be run as an ordinary unprivileged user instead. You can create a separate Unix account named mysql to make everything even more secure. Use this account only for administering MySQL. To start mysqld as a different Unix user, add a user option that specifies the username to the [mysqld] group of the /etc/my.cnf option file or the my.cnf option file in the server's data directory. For example:

[mysqld]
user=mysql

This causes the server to start as the designated user whether you start it manually or by using mysqld_safe or mysql.server. For more details, see Section A.3.2, “How to Run MySQL as a Normal User”.

Running mysqld as a Unix user other than root does not mean that you need to change the root username in the user table. Usernames for MySQL accounts have nothing to do with usernames for Unix accounts.

Don't allow the use of symlinks to tables. (This can be disabled with the --skip-symbolic-links option.) This is especially important if you run mysqld as root, because anyone that has write access to the server's data directory then could delete any file in the system! See Section 7.6.1.2, “Using Symbolic Links for Tables on Unix”.

Make sure that the only Unix user with read or write privileges in the database directories is the user that mysqld runs as.

Don't grant the PROCESS or SUPER privilege to non-administrative users. The output of mysqladmin processlist shows the text of any executing queries currently being executed, so any user who is allowed to run that command might be able to see if another user issues an UPDATE user SET password=PASSWORD('not_secure') query.

mysqld reserves an extra connection for users who have the SUPER privilege, so that a MySQL root user can log in and check server activity even if all normal connections are in use.

The SUPER privilege can be used to terminate client connections, change server operation by changing the value of system variables, and control replication servers.

Don't grant the FILE privilege to non-administrative users. Any user that has this privilege can write a file anywhere in the filesystem with the privileges of the mysqld daemon! To make this a bit safer, files generated with SELECT ... INTO OUTFILE do not overwrite existing files and are writable by everyone.

The FILE privilege may also be used to read any file that is world-readable or accessible to the Unix user that the server runs as. With this privilege, you can read any file into a database table. This could be abused, for example, by using LOAD DATA to load /etc/passwd into a table, which then can be displayed with SELECT.

If you don't trust your DNS, you should use IP numbers rather than hostnames in the grant tables. In any case, you should be very careful about creating grant table entries using hostname values that contain wildcards!

If you want to restrict the number of connections allowed for a single account, you can do so by setting the max_user_connections variable in mysqld. The GRANT statement also supports resource control options for limiting the extent of server use allowed to an account. See Section 13.5.1.3, “GRANT and REVOKE Syntax”.

--allow-suspicious-udfs

This option controls whether user-defined functions that have only an xxx symbol for the main function can be loaded. By default, the option is off and only UDFs that have at least one auxiliary symbol can be loaded. This prevents attempts at loading functions from shared object files other than those containing legitimate UDFs. See Section 27.2.3.6, “User-Defined Function Security Precautions”.

--local-infile[={0|1}]

If you start the server with --local-infile=0, clients cannot use LOCAL in LOAD DATA statements. See Section 5.6.4, “Security Issues with LOAD DATA LOCAL”.

--old-passwords

Force the server to generate short (pre-4.1) password hashes for new passwords. This is useful for compatibility when the server must support older client programs. See Section 5.7.9, “Password Hashing in MySQL 4.1”.

(OBSOLETE) --safe-show-database

In previous versions of MySQL, this option caused the SHOW DATABASES statement to display the names of only those databases for which the user had some kind of privilege. In MySQL 5.1, this option is no longer available as this is now the default behavior, and there is a SHOW DATABASES privilege that can be used to control access to database names on a per-account basis. See Section 13.5.1.3, “GRANT and REVOKE Syntax”.

--safe-user-create

If this is enabled, a user cannot create new users with the GRANT statement unless the user has the INSERT privilege for the mysql.user table. If you want a user to have the ability to create new users with those privileges that the user has right to grant, you should grant the user the following privilege:

mysql> GRANT INSERT(user) ON mysql.user TO 'user_name'@'host_name';

This ensures that the user can't change any privilege columns directly, but has to use the GRANT statement to give privileges to other users.

--secure-auth

Disallow authentication for accounts that have old (pre-4.1) passwords.

--skip-grant-tables

This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing a mysqladmin flush-privileges or mysqladmin reload command, or by issuing a FLUSH PRIVILEGES statement.)

--skip-name-resolve

Hostnames are not resolved. All Host column values in the grant tables must be IP numbers or localhost.

--skip-networking

Don't allow TCP/IP connections over the network. All connections to mysqld must be made via Unix socket files.

--skip-show-database

With this option, the SHOW DATABASES statement is allowed only to users who have the SHOW DATABASES privilege, and the statement displays all database names. Without this option, SHOW DATABASES is allowed to all users, but displays each database name only if the user has the SHOW DATABASES privilege or some privilege for the database. Note that any global privilege is a privilege for the database.

The transfer of the file from the client host to the server host is initiated by the MySQL server. In theory, a patched server could be built that would tell the client program to transfer a file of the server's choosing rather than the file named by the client in the LOAD DATA statement. Such a server could access any file on the client host to which the client user has read access.

In a Web environment where the clients are connecting from a Web server, a user could use LOAD DATA LOCAL to read any files that the Web server process has read access to (assuming that a user could run any command against the SQL server). In this environment, the client with respect to the MySQL server actually is the Web server, not the program being run by the user connecting to the Web server.

By default, all MySQL clients and libraries in binary distributions are now compiled with the --enable-local-infile option, to be compatible with MySQL 3.23.48 and before.

If you build MySQL from source but don't use the --enable-local-infile option to configure, LOAD DATA LOCAL cannot be used by any client unless it is written explicitly to invoke mysql_options(... MYSQL_OPT_LOCAL_INFILE, 0). See Section 25.2.3.48, “mysql_options()”.

You can disable all LOAD DATA LOCAL commands from the server side by starting mysqld with the --local-infile=0 option.

For the mysql command-line client, LOAD DATA LOCAL can be enabled by specifying the --local-infile[=1] option, or disabled with the --local-infile=0 option. Similarly, for mysqlimport, the --local or -L option enables local data file loading. In any case, successful use of a local loading operation requires that the server is enabled to allow it.

If you use LOAD DATA LOCAL in Perl scripts or other programs that read the [client] group from option files, you can add the local-infile=1 option to that group. However, to keep this from causing problems for programs that do not understand local-infile, specify it using the loose- prefix:

[client]
loose-local-infile=1

If LOAD DATA LOCAL INFILE is disabled, either in the server or the client, a client that attempts to issue such a statement receives the following error message:

ERROR 1148: The used command is not allowed with this MySQL version

Stage 1: The server checks whether it should allow you to connect.

Stage 2: Assuming that you can connect, the server checks each statement you issue to see whether you have sufficient privileges to perform it. For example, if you try to select rows from a table in a database or drop a table from the database, the server verifies that you have the SELECT privilege for the table or the DROP privilege for the database.

Scope columns determine the scope of each entry (row) in the tables; that is, the context in which the row applies. For example, a user table row with Host and User values of 'thomas.loc.gov' and 'bob' would be used for authenticating connections made to the server from the host thomas.loc.gov by a client that specifies a username of bob. Similarly, a db table row with Host, User, and Db column values of 'thomas.loc.gov', 'bob' and 'reports' would be used when bob connects from the host thomas.loc.gov to access the reports database. The tables_priv and columns_priv tables contain scope columns indicating tables or table/column combinations to which each row applies. The procs_priv scope columns indicate the store routine to which each row applies.

Privilege columns indicate which privileges are granted by a table row; that is, what operations can be performed. The server combines the information in the various grant tables to form a complete description of a user's privileges. The rules used to do this are described in Section 5.7.6, “Access Control, Stage 2: Request Verification”.

The user table scope columns determine whether to reject or allow incoming connections. For allowed connections, any privileges granted in the user table indicate the user's global (superuser) privileges. These privileges apply to all databases on the server.

The db table scope columns determine which users can access which databases from which hosts. The privilege columns determine which operations are allowed. A privilege granted at the database level applies to the database and to all its tables.

The host table is used in conjunction with the db table when you want a given db table row to apply to several hosts. For example, if you want a user to be able to use a database from several hosts in your network, leave the Host value empty in the user's db table row, then populate the host table with a row for each of those hosts. This mechanism is described more detail in Section 5.7.6, “Access Control, Stage 2: Request Verification”.

Note: The host table is not affected by the GRANT and REVOKE statements. Most MySQL installations need not use this table at all.

The tables_priv and columns_priv tables are similar to the db table, but are more fine-grained: They apply at the table and column levels rather than at the database level. A privilege granted at the table level applies to the table and to all its columns. A privilege granted at the column level applies only to a specific column.

The procs_priv table applies to stored routines. A privilege granted at the routine level applies only to a single routine.

The FILE privilege can be abused to read into a database table any files that the MySQL server can read on the server host. This includes all world-readable files and files in the server's data directory. The table can then be accessed using SELECT to transfer its contents to the client host.

The GRANT privilege allows users to give their privileges to other users. Two users with different privileges and with the GRANT privilege are able to combine privileges.

The ALTER privilege may be used to subvert the privilege system by renaming tables.

The SHUTDOWN privilege can be abused to deny service to other users entirely by terminating the server.

The PROCESS privilege can be used to view the plain text of currently executing queries, including queries that set or change passwords.

The SUPER privilege can be used to terminate other clients or change how the server operates.

Privileges granted for the mysql database itself can be used to change passwords and other access privilege information. Passwords are stored encrypted, so a malicious user cannot simply read them to know the plain text password. However, a user with write access to the user table Password column can change an account's password, and then connect to the MySQL server using that account.

You cannot explicitly specify that a given user should be denied access. That is, you cannot explicitly match a user and then refuse the connection.

You cannot specify that a user has privileges to create or drop tables in a database but not to create or drop the database itself.

The name of the host where the MySQL server is running

Your username

Your password

The default hostname is localhost.

The default username is ODBC on Windows and your Unix login name on Unix.

No password is supplied if -p is missing.

You can specify connection parameters in the [client] section of an option file. The relevant section of the file might look like this:

[client]
host=host_name
user=user_name
password=your_pass

Option files are discussed further in Section 4.3.2, “Using Option Files”.

You can specify some connection parameters using environment variables. The host can be specified for mysql using MYSQL_HOST. The MySQL username can be specified using USER (this is for Windows and NetWare only). The password can be specified using MYSQL_PWD, although this is insecure; see Section 5.8.6, “Keeping Your Password Secure”. For a list of variables, see Appendix F, Environment Variables.

The client host from which you connect

Your MySQL username

A Host value may be a hostname or an IP number, or 'localhost' to indicate the local host.

You can use the wildcard characters ‘%’ and ‘_’ in Host column values. These have the same meaning as for pattern-matching operations performed with the LIKE operator. For example, a Host value of '%' matches any hostname, whereas a value of '%.mysql.com' matches any host in the mysql.com domain.

For Host values specified as IP numbers, you can specify a netmask indicating how many address bits to use for the network number. For example:

mysql> GRANT ALL PRIVILEGES ON db.*
    -> TO david@'192.58.197.0/255.255.255.0';

This allows david to connect from any client host having an IP number client_ip for which the following condition is true:

client_ip & netmask = host_ip

That is, for the GRANT statement just shown:

client_ip & 255.255.255.0 = 192.58.197.0

IP numbers that satisfy this condition and can connect to the MySQL server are those that lie in the range from 192.58.197.0 to 192.58.197.255.

Note: The netmask can only be used to tell the server to use 8, 16, 24, or 32 bits of the address, for example:

192.0.0.0/255.0.0.0 (anything on the 192 class A network)
192.168.0.0/255.255.0.0 (anything on the 192.168 class B network)
192.168.1.0/255.255.255.0 (anything on the 192.168.1 class C network)
192.168.1.1 (only this specific IP) 

The following netmask (28 bits) will not work:

192.168.0.1/255.255.255.240

A blank Host value in a db table record means that its privileges should be combined with those in the row in the host table that matches the client hostname. The privileges are combined using an AND (intersection) operation, not OR (union). You can find more information about the host table in Section 5.7.6, “Access Control, Stage 2: Request Verification”.

A blank Host value in the other grant tables is the same as '%'.

Whenever the server reads the user table into memory, it sorts the entries.

When a client attempts to connect, the server looks through the entries in sorted order.

The server uses the first row that matches the client hostname and username.