CrunchBang ~ Bash Script: MySQL Backup

You are here: CrunchBang → Archives → November '07 → Bash Script: MySQL Backup

Sunday, November 18th, 2007

Bash Script: MySQL Backup

I thought that it might be a good idea to start posting a few of my scripts; it'll be handy to have them on my site for future reference. Also, I learn a lot by reading example scripts — I guess others might be able to learn from mine.

I wrote the following Bash script to perform a backup of a remote MySQL database. The script first connects via SSH and performs a MySQL dump, saving the results to file. It then connects via SFTP and downloads the file. Once the file has been downloaded, it restores the database to my local MySQL server.

It is quite a simple Bash script and it should be fairly straightforward to follow.

#!/bin/sh
# Settings
#############################
REMOTEHOST="example.com"
REMOTEBACKUPDIR="backup/sql"
SQLHOST="localhost"
SQLDB="database_name"
SQLUSER="username"
SQLPASS="password"
SQLFILE="database_name.sql"
LOCALBACKUPDIR="backup/sql"
#############################
# Start main
echo "* Connecting via SSH..."
ssh $REMOTEHOST <<**
echo "* Performing SQL dump..."
if [ -d $REMOTEBACKUPDIR ]; then
    cd $REMOTEBACKUPDIR
else
    mkdir $REMOTEBACKUPDIR
    cd $REMOTEBACKUPDIR
fi
mysqldump -h $SQLHOST --user="$SQLUSER" --password="$SQLPASS" $SQLDB > $SQLFILE
echo "* Closing SSH connection..."
exit
**
cd ~
if [ -d $LOCALBACKUPDIR ]; then
    cd $LOCALBACKUPDIR
else
    mkdir $LOCALBACKUPDIR
    cd $LOCALBACKUPDIR
fi
echo "* Connecting via SFTP..."
sftp $REMOTEHOST <<**
cd $REMOTEBACKUPDIR
get $SQLFILE
exit
**
echo "* Restoring SQL dump to local server..."
mysql --user "$SQLUSER" --password="$SQLPASS" $SQLDB < $SQLFILE
echo "* SQL backup complete."
cd ~
exit 0

Notes

For automation purposes, this script assumes that SSH and SFTP have been configured for automatic login. See "Creating Private/Public SSH Keys"
It also assumes there is a mirrored MySQL server and user account running on the local machine.
The script can be automated using Crontab.
Lacks any error handling and/or logging!?
I've worked with some commercial hosting providers who do not grant table locking privileges to their MySQL users — table locking can be bypassed by adding the "--skip-lock-tables" option to the "mysqldump" command. Use with caution.

Tagged with: bash, code, linux, programming, shell

2 Responses to “Bash Script: MySQL Backup”

Jennifer wrote, Wednesday, March 4th, 2009

I'm curious about the security implications of this. This command will show up in the bash history, right?

mysql --user "$SQLUSER" --password="$SQLPASS" $SQLDB < $SQLFILE

Except it will show up with the variables substituted already and hence will show the username and password you're using to log in… which means that if someone hacks your box a little bit and somehow gets to your bash history they may be able to push a little further in by logging into the database and doing whatever it is that you've configured that db account to be able to do.

Not to mention the more prosaic fact that you're storing the password in plaintext in a script where it may be readable.

Am I wrong about these being security risks? If I'm right, I would be much obliged to anyone who can direct me to an explanation of "the right thing to do" so as to avoid the security risks.
Philip wrote, Wednesday, March 4th, 2009

I'm curious about the security implications of this. This command will show up in the bash history, right?

No. The command used to call the script should be stored in your Bash history, but any commands called from within the script should not be recorded.

Add Your Comment

Use the form below to add your comment. Markdown syntax is available. Note, comments are moderated by me for spam filtering. Alternatively, feel free to contact me privately.

CrunchBang - Code, Design & GNU/Linux

Bash Script: MySQL Backup

Notes

2 Responses to “Bash Script: MySQL Backup”

Add Your Comment

Archives