Remote DB server

Operating system: CentOS
OS version: 8.2.2004

Hi,

I have a question regarding the set up of a remote db server and permissions:

In the docs (https://www.virtualmin.com/documentation/database/remote) it describes using the root user to connect to the remote server, however that would give access to all dbs. Therefore, in the case of multiple virtualmin servers conntecting to a single db server, they would have access to all of the dbs present on the db server.

Is it possible to be more restrictive, so that a virtualmin ‘instance’, connecting with a specific user, can only see a selected set of dbs?

Thanks,

Paul

Well, the Virtualmin systems and the admin (you) would have root level access to the db, but Virtualmin virtual servers and Virtualmin users will have access only to the databases that they own (i.e. have created via the Virtualmin system).

Virtualmin configures the local as well as the remote db to give each user access only to the db that they are supposed to access. The system is already as restrictive as it is supposed to be. Your assumption about everyone having access to all the dbs on all the servers is incorrect.

To clarify, and make sure we’re not making any assumptions:

If I have 2 KVM instances running Virtualmin and only Apache, connecting to a third KVM instance running Virtualmin but only Mariadb, I do not want the owners of the two KVM instances to see each other’s databases.

So, my question still stands, do I have to use the root user and assign all permissions, or can I restrict the permissions so that the owners can only see the databases assigned to them on the database server.

Or could this accomplished using Cloudmin services?

Thanks,

Paul

Yup, that’s how it is supposed to work.

You must configure the two Virtualmin servers appropriately by adding the third virtualmin server which hosts the remote DBs.

Virtualmin -> System Settings -> MySQL Servers

Also see https://www.virtualmin.com/documentation/database/remote

You (and your users) must then use Virtualmin on the two servers to create remote databases. You must not: “use the root user and assign all permissions”, either on the two or on the server which hosts the remote DBs.

So these are these steps I am taking:

DB server
User: kvm1 <-- This is the user account used to connect by KVM1 to the database server
Hosts: Any
Permissions: None

I then connect the DB server to KVM1 on the ‘MySQL Servers’ page:

I then change the MySQL server host from local to remote.

I get this error:

DBI connect failed : Access denied for user ‘kvm1’@’%’ to database ‘mysql’

So the permissions are incorrect.

I change the Permissions to All:

Restoring allowed MySQL hosts …
… done

I create the new DB on the virtual server KVM1 instance, again all works as expected:

Creating MySQL database testing1234 …
… done

Now, this is the part where I become confused.

I connect the second KVM, KVM2 in the same way as above.

I then browse to ‘Edit Databases’ on KVM2 to see which databases I can see, and if you click on ‘Import Database’, you will see the database from KVM1 in the list:

I can then import this DB and view it from KVM2. I do not want this to be allowed.

I understand why this is happening, as I have given the user KVM2 ‘All’ permissions (and vice versa with KVM1). So, my question still stands, how do I prevent KVM2 from viewing the other databases. Can I just remove the permissions such as ‘Show databases’ to prevent this from being allowed?

Many thanks,

Paul

You need not create users. Use the existing mysql credentials. The Virtualmin scripts will access the remote server as root and create DBs with the correct permissions.

OK, I think you have confirmed my misgivings here.

The different KVM instances have total access over the remote DB server, especially as they are connecting as the root user.

This is clearly a problem from a security perspective.

How is this a problem from a security perspective, if servers are connecting over an encrypted link? If you wish to use a remote DB server to create (and let your users create) DBs via Virtualmin, can there be any other way to achieve this?

The issue here is that the Master Admins of the two different KVM systems can see each other’s DBs. To me that is a security issue.

Perhaps my requirements may differ from why this feature was added.

On that, we can agree.