aboutsummaryrefslogtreecommitdiff
path: root/databases
diff options
context:
space:
mode:
Diffstat (limited to 'databases')
-rw-r--r--databases/mongo/README.md (renamed from databases/mongo/README.org)206
-rw-r--r--databases/mysql/README.md173
-rw-r--r--databases/mysql/README.org183
-rw-r--r--databases/oracle/README.md (renamed from databases/oracle/README.org)20
-rw-r--r--databases/postgres/README.md67
-rw-r--r--databases/postgres/README.org75
-rw-r--r--databases/sql/README.md (renamed from databases/sql/README.org)20
7 files changed, 362 insertions, 382 deletions
diff --git a/databases/mongo/README.org b/databases/mongo/README.md
index 689d37d..99e1c68 100644
--- a/databases/mongo/README.org
+++ b/databases/mongo/README.md
@@ -1,104 +1,102 @@
-#+title: MongoDB Scripts
-
-* =admins.py=
-
-Dependency:
-
-#+begin_src shell
-pip install pymongo
-#+end_src
-
-#+begin_src python
-python ./admins.py
-#+end_src
-
-Example output:
-
-#+begin_src json
-[
- {
- "_id": "admin.admin",
- "user": "admin",
- "db": "admin",
- "roles": [
- {
- "role": "userAdminAnyDatabase",
- "db": "admin"
- },
- {
- "role": "readWriteAnyDatabase",
- "db": "admin"
- },
- {
- "role": "dbAdminAnyDatabase",
- "db": "admin"
- },
- {
- "role": "clusterAdmin",
- "db": "admin"
- }
- ],
- "credentials": {
- "SCRAM-SHA-1": {
- "iterationCount": 10000,
- "salt": "abc123",
- "storedKey": "storedKeyHash",
- "serverKey": "serverKeyHash"
- },
- "SCRAM-SHA-256": {
- "iterationCount": 15000,
- "salt": "def456",
- "storedKey": "storedKeyHash256",
- "serverKey": "serverKeyHash256"
- }
- }
- },
- {
- "_id": "test.user1",
- "user": "user1",
- "db": "test",
- "roles": [
- {
- "role": "readWrite",
- "db": "test"
- }
- ],
- "credentials": {
- "SCRAM-SHA-1": {
- "iterationCount": 10000,
- "salt": "ghi789",
- "storedKey": "storedKeyHashUser1",
- "serverKey": "serverKeyHashUser1"
- }
- }
- },
- {
- "_id": "test.ldapUser",
- "user": "ldapUser",
- "db": "test",
- "roles": [
- {
- "role": "read",
- "db": "test"
- }
- ],
- "userSource": "ldap"
- },
- {
- "_id": "admin.x509User",
- "user": "x509User",
- "db": "$external",
- "roles": [
- {
- "role": "readWrite",
- "db": "admin"
- }
- ],
- "credentials": {
- "MONGODB-X509": {
- "subject": "CN=x509User,OU=OrgUnit,O=Org,L=City,ST=State,C=Country"
- }
- }
- }
-]
-#+end_src
+# `admins.py`
+
+Dependency:
+
+``` shell
+pip install pymongo
+```
+
+``` python
+python ./admins.py
+```
+
+Example output:
+
+``` json
+[
+ {
+ "_id": "admin.admin",
+ "user": "admin",
+ "db": "admin",
+ "roles": [
+ {
+ "role": "userAdminAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "readWriteAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "dbAdminAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "clusterAdmin",
+ "db": "admin"
+ }
+ ],
+ "credentials": {
+ "SCRAM-SHA-1": {
+ "iterationCount": 10000,
+ "salt": "abc123",
+ "storedKey": "storedKeyHash",
+ "serverKey": "serverKeyHash"
+ },
+ "SCRAM-SHA-256": {
+ "iterationCount": 15000,
+ "salt": "def456",
+ "storedKey": "storedKeyHash256",
+ "serverKey": "serverKeyHash256"
+ }
+ }
+ },
+ {
+ "_id": "test.user1",
+ "user": "user1",
+ "db": "test",
+ "roles": [
+ {
+ "role": "readWrite",
+ "db": "test"
+ }
+ ],
+ "credentials": {
+ "SCRAM-SHA-1": {
+ "iterationCount": 10000,
+ "salt": "ghi789",
+ "storedKey": "storedKeyHashUser1",
+ "serverKey": "serverKeyHashUser1"
+ }
+ }
+ },
+ {
+ "_id": "test.ldapUser",
+ "user": "ldapUser",
+ "db": "test",
+ "roles": [
+ {
+ "role": "read",
+ "db": "test"
+ }
+ ],
+ "userSource": "ldap"
+ },
+ {
+ "_id": "admin.x509User",
+ "user": "x509User",
+ "db": "$external",
+ "roles": [
+ {
+ "role": "readWrite",
+ "db": "admin"
+ }
+ ],
+ "credentials": {
+ "MONGODB-X509": {
+ "subject": "CN=x509User,OU=OrgUnit,O=Org,L=City,ST=State,C=Country"
+ }
+ }
+ }
+]
+```
diff --git a/databases/mysql/README.md b/databases/mysql/README.md
new file mode 100644
index 0000000..cc05311
--- /dev/null
+++ b/databases/mysql/README.md
@@ -0,0 +1,173 @@
+# `mysql_admins.sql`
+
+``` sql
+SELECT * FROM information_schema.user_privileges;
+```
+
+ MySQL [(none)]> SELECT * FROM information_schema.user_privileges;
+ +--------------------------------+---------------+---------------------------------+--------------+
+ | GRANTEE | TABLE_CATALOG | PRIVILEGE_TYPE | IS_GRANTABLE |
+ +--------------------------------+---------------+---------------------------------+--------------+
+ | 'mysql.infoschema'@'localhost' | def | SELECT | NO |
+ | 'mysql.infoschema'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
+ | 'mysql.infoschema'@'localhost' | def | FIREWALL_EXEMPT | NO |
+ | 'mysql.infoschema'@'localhost' | def | SYSTEM_USER | NO |
+ | 'mysql.session'@'localhost' | def | SHUTDOWN | NO |
+ | 'mysql.session'@'localhost' | def | SUPER | NO |
+ | 'mysql.session'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
+ | 'mysql.session'@'localhost' | def | AUTHENTICATION_POLICY_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | BACKUP_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | CLONE_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | CONNECTION_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | FIREWALL_EXEMPT | NO |
+ | 'mysql.session'@'localhost' | def | PERSIST_RO_VARIABLES_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | SESSION_VARIABLES_ADMIN | NO |
+ | 'mysql.session'@'localhost' | def | SYSTEM_USER | NO |
+ | 'mysql.session'@'localhost' | def | SYSTEM_VARIABLES_ADMIN | NO |
+ | 'mysql.sys'@'localhost' | def | USAGE | NO |
+ | 'mysql.sys'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
+ | 'mysql.sys'@'localhost' | def | FIREWALL_EXEMPT | NO |
+ | 'mysql.sys'@'localhost' | def | SYSTEM_USER | NO |
+ | 'root'@'localhost' | def | SELECT | YES |
+ | 'root'@'localhost' | def | INSERT | YES |
+ | 'root'@'localhost' | def | UPDATE | YES |
+ | 'root'@'localhost' | def | DELETE | YES |
+ | 'root'@'localhost' | def | CREATE | YES |
+ | 'root'@'localhost' | def | DROP | YES |
+ | 'root'@'localhost' | def | RELOAD | YES |
+ | 'root'@'localhost' | def | SHUTDOWN | YES |
+ | 'root'@'localhost' | def | PROCESS | YES |
+ | 'root'@'localhost' | def | FILE | YES |
+ | 'root'@'localhost' | def | REFERENCES | YES |
+ | 'root'@'localhost' | def | INDEX | YES |
+ | 'root'@'localhost' | def | ALTER | YES |
+ | 'root'@'localhost' | def | SHOW DATABASES | YES |
+ | 'root'@'localhost' | def | SUPER | YES |
+ | 'root'@'localhost' | def | CREATE TEMPORARY TABLES | YES |
+ | 'root'@'localhost' | def | LOCK TABLES | YES |
+ | 'root'@'localhost' | def | EXECUTE | YES |
+ | 'root'@'localhost' | def | REPLICATION SLAVE | YES |
+ | 'root'@'localhost' | def | REPLICATION CLIENT | YES |
+ | 'root'@'localhost' | def | CREATE VIEW | YES |
+ | 'root'@'localhost' | def | SHOW VIEW | YES |
+ | 'root'@'localhost' | def | CREATE ROUTINE | YES |
+ | 'root'@'localhost' | def | ALTER ROUTINE | YES |
+ | 'root'@'localhost' | def | CREATE USER | YES |
+ | 'root'@'localhost' | def | EVENT | YES |
+ | 'root'@'localhost' | def | TRIGGER | YES |
+ | 'root'@'localhost' | def | CREATE TABLESPACE | YES |
+ | 'root'@'localhost' | def | CREATE ROLE | YES |
+ | 'root'@'localhost' | def | DROP ROLE | YES |
+ | 'root'@'localhost' | def | ALLOW_NONEXISTENT_DEFINER | YES |
+ | 'root'@'localhost' | def | APPLICATION_PASSWORD_ADMIN | YES |
+ | 'root'@'localhost' | def | AUDIT_ABORT_EXEMPT | YES |
+ | 'root'@'localhost' | def | AUDIT_ADMIN | YES |
+ | 'root'@'localhost' | def | AUTHENTICATION_POLICY_ADMIN | YES |
+ | 'root'@'localhost' | def | BACKUP_ADMIN | YES |
+ | 'root'@'localhost' | def | BINLOG_ADMIN | YES |
+ | 'root'@'localhost' | def | BINLOG_ENCRYPTION_ADMIN | YES |
+ | 'root'@'localhost' | def | CLONE_ADMIN | YES |
+ | 'root'@'localhost' | def | CONNECTION_ADMIN | YES |
+ | 'root'@'localhost' | def | CREATE_SPATIAL_REFERENCE_SYSTEM | YES |
+ | 'root'@'localhost' | def | ENCRYPTION_KEY_ADMIN | YES |
+ | 'root'@'localhost' | def | FIREWALL_EXEMPT | YES |
+ | 'root'@'localhost' | def | FLUSH_OPTIMIZER_COSTS | YES |
+ | 'root'@'localhost' | def | FLUSH_PRIVILEGES | YES |
+ | 'root'@'localhost' | def | FLUSH_STATUS | YES |
+ | 'root'@'localhost' | def | FLUSH_TABLES | YES |
+ | 'root'@'localhost' | def | FLUSH_USER_RESOURCES | YES |
+ | 'root'@'localhost' | def | GROUP_REPLICATION_ADMIN | YES |
+ | 'root'@'localhost' | def | GROUP_REPLICATION_STREAM | YES |
+ | 'root'@'localhost' | def | INNODB_REDO_LOG_ARCHIVE | YES |
+ | 'root'@'localhost' | def | INNODB_REDO_LOG_ENABLE | YES |
+ | 'root'@'localhost' | def | OPTIMIZE_LOCAL_TABLE | YES |
+ | 'root'@'localhost' | def | PASSWORDLESS_USER_ADMIN | YES |
+ | 'root'@'localhost' | def | PERSIST_RO_VARIABLES_ADMIN | YES |
+ | 'root'@'localhost' | def | REPLICATION_APPLIER | YES |
+ | 'root'@'localhost' | def | REPLICATION_SLAVE_ADMIN | YES |
+ | 'root'@'localhost' | def | RESOURCE_GROUP_ADMIN | YES |
+ | 'root'@'localhost' | def | RESOURCE_GROUP_USER | YES |
+ | 'root'@'localhost' | def | ROLE_ADMIN | YES |
+ | 'root'@'localhost' | def | SENSITIVE_VARIABLES_OBSERVER | YES |
+ | 'root'@'localhost' | def | SERVICE_CONNECTION_ADMIN | YES |
+ | 'root'@'localhost' | def | SESSION_VARIABLES_ADMIN | YES |
+ | 'root'@'localhost' | def | SET_ANY_DEFINER | YES |
+ | 'root'@'localhost' | def | SHOW_ROUTINE | YES |
+ | 'root'@'localhost' | def | SYSTEM_USER | YES |
+ | 'root'@'localhost' | def | SYSTEM_VARIABLES_ADMIN | YES |
+ | 'root'@'localhost' | def | TABLE_ENCRYPTION_ADMIN | YES |
+ | 'root'@'localhost' | def | TELEMETRY_LOG_ADMIN | YES |
+ | 'root'@'localhost' | def | TRANSACTION_GTID_TAG | YES |
+ | 'root'@'localhost' | def | XA_RECOVER_ADMIN | YES |
+ | 'cmc'@'%' | def | USAGE | NO |
+ +--------------------------------+---------------+---------------------------------+--------------+
+ 92 rows in set (0.001 sec)
+
+# `passwords.sql`
+
+``` sql
+SELECT user, host, plugin FROM mysql.user;
+```
+
+ mysql> SELECT user, host, plugin FROM mysql.user;
+ +------------------+-----------+-----------------------+
+ | user | host | plugin |
+ +------------------+-----------+-----------------------+
+ | cmc | % | caching_sha2_password |
+ | mysql.infoschema | localhost | caching_sha2_password |
+ | mysql.session | localhost | caching_sha2_password |
+ | mysql.sys | localhost | caching_sha2_password |
+ | root | localhost | caching_sha2_password |
+ +------------------+-----------+-----------------------+
+ 5 rows in set (0.001 sec)
+
+``` sql
+SHOW GLOBAL VARIABLES LIKE 'validate_password%';
+SHOW VARIABLES LIKE 'validate_password%';
+```
+
+ mysql> SHOW GLOBAL VARIABLES LIKE 'validate_password%';
+ +-------------------------------------------------+--------+
+ | Variable_name | Value |
+ +-------------------------------------------------+--------+
+ | validate_password.changed_characters_percentage | 0 |
+ | validate_password.check_user_name | ON |
+ | validate_password.dictionary_file | |
+ | validate_password.length | 8 |
+ | validate_password.mixed_case_count | 1 |
+ | validate_password.number_count | 1 |
+ | validate_password.policy | MEDIUM |
+ | validate_password.special_char_count | 1 |
+ +-------------------------------------------------+--------+
+ 8 rows in set (0.004 sec)
+
+ mysql> SHOW VARIABLES LIKE 'validate_password%';
+ +-------------------------------------------------+--------+
+ | Variable_name | Value |
+ +-------------------------------------------------+--------+
+ | validate_password.changed_characters_percentage | 0 |
+ | validate_password.check_user_name | ON |
+ | validate_password.dictionary_file | |
+ | validate_password.length | 8 |
+ | validate_password.mixed_case_count | 1 |
+ | validate_password.number_count | 1 |
+ | validate_password.policy | MEDIUM |
+ | validate_password.special_char_count | 1 |
+ +-------------------------------------------------+--------+
+ 8 rows in set (0.004 sec)
+
+``` sql
+SELECT * FROM mysql.user
+```
+
+ MySQL [(none)]> SELECT * FROM mysql.user;
+ +-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
+ | Host | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | Create_tablespace_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections | plugin | authentication_string | password_expired | password_last_changed | password_lifetime | account_locked | Create_role_priv | Drop_role_priv | Password_reuse_history | Password_reuse_time | Password_require_current | User_attributes |
+ +-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
+ | % | cmc | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | | N | 2025-04-25 16:28:52 | NULL | N | N | N | NULL | NULL | NULL | NULL |
+ | localhost | mysql.infoschema | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
+ | localhost | mysql.session | N | N | N | N | N | N | N | Y | N | N | N | N | N | N | N | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
+ | localhost | mysql.sys | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
+ | localhost | root | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | | N | 2025-04-25 15:51:53 | NULL | N | Y | Y | NULL | NULL | NULL | NULL |
+ +-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
+ 5 rows in set (0.005 sec)
diff --git a/databases/mysql/README.org b/databases/mysql/README.org
deleted file mode 100644
index ce7c438..0000000
--- a/databases/mysql/README.org
+++ /dev/null
@@ -1,183 +0,0 @@
-#+title: MySQL
-
-* =mysql_admins.sql=
-
-#+begin_src sql
-SELECT * FROM information_schema.user_privileges;
-#+end_src
-
-#+begin_src
-MySQL [(none)]> SELECT * FROM information_schema.user_privileges;
-+--------------------------------+---------------+---------------------------------+--------------+
-| GRANTEE | TABLE_CATALOG | PRIVILEGE_TYPE | IS_GRANTABLE |
-+--------------------------------+---------------+---------------------------------+--------------+
-| 'mysql.infoschema'@'localhost' | def | SELECT | NO |
-| 'mysql.infoschema'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
-| 'mysql.infoschema'@'localhost' | def | FIREWALL_EXEMPT | NO |
-| 'mysql.infoschema'@'localhost' | def | SYSTEM_USER | NO |
-| 'mysql.session'@'localhost' | def | SHUTDOWN | NO |
-| 'mysql.session'@'localhost' | def | SUPER | NO |
-| 'mysql.session'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
-| 'mysql.session'@'localhost' | def | AUTHENTICATION_POLICY_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | BACKUP_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | CLONE_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | CONNECTION_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | FIREWALL_EXEMPT | NO |
-| 'mysql.session'@'localhost' | def | PERSIST_RO_VARIABLES_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | SESSION_VARIABLES_ADMIN | NO |
-| 'mysql.session'@'localhost' | def | SYSTEM_USER | NO |
-| 'mysql.session'@'localhost' | def | SYSTEM_VARIABLES_ADMIN | NO |
-| 'mysql.sys'@'localhost' | def | USAGE | NO |
-| 'mysql.sys'@'localhost' | def | AUDIT_ABORT_EXEMPT | NO |
-| 'mysql.sys'@'localhost' | def | FIREWALL_EXEMPT | NO |
-| 'mysql.sys'@'localhost' | def | SYSTEM_USER | NO |
-| 'root'@'localhost' | def | SELECT | YES |
-| 'root'@'localhost' | def | INSERT | YES |
-| 'root'@'localhost' | def | UPDATE | YES |
-| 'root'@'localhost' | def | DELETE | YES |
-| 'root'@'localhost' | def | CREATE | YES |
-| 'root'@'localhost' | def | DROP | YES |
-| 'root'@'localhost' | def | RELOAD | YES |
-| 'root'@'localhost' | def | SHUTDOWN | YES |
-| 'root'@'localhost' | def | PROCESS | YES |
-| 'root'@'localhost' | def | FILE | YES |
-| 'root'@'localhost' | def | REFERENCES | YES |
-| 'root'@'localhost' | def | INDEX | YES |
-| 'root'@'localhost' | def | ALTER | YES |
-| 'root'@'localhost' | def | SHOW DATABASES | YES |
-| 'root'@'localhost' | def | SUPER | YES |
-| 'root'@'localhost' | def | CREATE TEMPORARY TABLES | YES |
-| 'root'@'localhost' | def | LOCK TABLES | YES |
-| 'root'@'localhost' | def | EXECUTE | YES |
-| 'root'@'localhost' | def | REPLICATION SLAVE | YES |
-| 'root'@'localhost' | def | REPLICATION CLIENT | YES |
-| 'root'@'localhost' | def | CREATE VIEW | YES |
-| 'root'@'localhost' | def | SHOW VIEW | YES |
-| 'root'@'localhost' | def | CREATE ROUTINE | YES |
-| 'root'@'localhost' | def | ALTER ROUTINE | YES |
-| 'root'@'localhost' | def | CREATE USER | YES |
-| 'root'@'localhost' | def | EVENT | YES |
-| 'root'@'localhost' | def | TRIGGER | YES |
-| 'root'@'localhost' | def | CREATE TABLESPACE | YES |
-| 'root'@'localhost' | def | CREATE ROLE | YES |
-| 'root'@'localhost' | def | DROP ROLE | YES |
-| 'root'@'localhost' | def | ALLOW_NONEXISTENT_DEFINER | YES |
-| 'root'@'localhost' | def | APPLICATION_PASSWORD_ADMIN | YES |
-| 'root'@'localhost' | def | AUDIT_ABORT_EXEMPT | YES |
-| 'root'@'localhost' | def | AUDIT_ADMIN | YES |
-| 'root'@'localhost' | def | AUTHENTICATION_POLICY_ADMIN | YES |
-| 'root'@'localhost' | def | BACKUP_ADMIN | YES |
-| 'root'@'localhost' | def | BINLOG_ADMIN | YES |
-| 'root'@'localhost' | def | BINLOG_ENCRYPTION_ADMIN | YES |
-| 'root'@'localhost' | def | CLONE_ADMIN | YES |
-| 'root'@'localhost' | def | CONNECTION_ADMIN | YES |
-| 'root'@'localhost' | def | CREATE_SPATIAL_REFERENCE_SYSTEM | YES |
-| 'root'@'localhost' | def | ENCRYPTION_KEY_ADMIN | YES |
-| 'root'@'localhost' | def | FIREWALL_EXEMPT | YES |
-| 'root'@'localhost' | def | FLUSH_OPTIMIZER_COSTS | YES |
-| 'root'@'localhost' | def | FLUSH_PRIVILEGES | YES |
-| 'root'@'localhost' | def | FLUSH_STATUS | YES |
-| 'root'@'localhost' | def | FLUSH_TABLES | YES |
-| 'root'@'localhost' | def | FLUSH_USER_RESOURCES | YES |
-| 'root'@'localhost' | def | GROUP_REPLICATION_ADMIN | YES |
-| 'root'@'localhost' | def | GROUP_REPLICATION_STREAM | YES |
-| 'root'@'localhost' | def | INNODB_REDO_LOG_ARCHIVE | YES |
-| 'root'@'localhost' | def | INNODB_REDO_LOG_ENABLE | YES |
-| 'root'@'localhost' | def | OPTIMIZE_LOCAL_TABLE | YES |
-| 'root'@'localhost' | def | PASSWORDLESS_USER_ADMIN | YES |
-| 'root'@'localhost' | def | PERSIST_RO_VARIABLES_ADMIN | YES |
-| 'root'@'localhost' | def | REPLICATION_APPLIER | YES |
-| 'root'@'localhost' | def | REPLICATION_SLAVE_ADMIN | YES |
-| 'root'@'localhost' | def | RESOURCE_GROUP_ADMIN | YES |
-| 'root'@'localhost' | def | RESOURCE_GROUP_USER | YES |
-| 'root'@'localhost' | def | ROLE_ADMIN | YES |
-| 'root'@'localhost' | def | SENSITIVE_VARIABLES_OBSERVER | YES |
-| 'root'@'localhost' | def | SERVICE_CONNECTION_ADMIN | YES |
-| 'root'@'localhost' | def | SESSION_VARIABLES_ADMIN | YES |
-| 'root'@'localhost' | def | SET_ANY_DEFINER | YES |
-| 'root'@'localhost' | def | SHOW_ROUTINE | YES |
-| 'root'@'localhost' | def | SYSTEM_USER | YES |
-| 'root'@'localhost' | def | SYSTEM_VARIABLES_ADMIN | YES |
-| 'root'@'localhost' | def | TABLE_ENCRYPTION_ADMIN | YES |
-| 'root'@'localhost' | def | TELEMETRY_LOG_ADMIN | YES |
-| 'root'@'localhost' | def | TRANSACTION_GTID_TAG | YES |
-| 'root'@'localhost' | def | XA_RECOVER_ADMIN | YES |
-| 'cmc'@'%' | def | USAGE | NO |
-+--------------------------------+---------------+---------------------------------+--------------+
-92 rows in set (0.001 sec)
-#+end_src
-
-* =passwords.sql=
-
-#+begin_src sql
-SELECT user, host, plugin FROM mysql.user;
-#+end_src
-
-#+begin_src
-mysql> SELECT user, host, plugin FROM mysql.user;
-+------------------+-----------+-----------------------+
-| user | host | plugin |
-+------------------+-----------+-----------------------+
-| cmc | % | caching_sha2_password |
-| mysql.infoschema | localhost | caching_sha2_password |
-| mysql.session | localhost | caching_sha2_password |
-| mysql.sys | localhost | caching_sha2_password |
-| root | localhost | caching_sha2_password |
-+------------------+-----------+-----------------------+
-5 rows in set (0.001 sec)
-#+end_src
-
-#+begin_src sql
-SHOW GLOBAL VARIABLES LIKE 'validate_password%';
-SHOW VARIABLES LIKE 'validate_password%';
-#+end_src
-
-#+begin_src
-mysql> SHOW GLOBAL VARIABLES LIKE 'validate_password%';
-+-------------------------------------------------+--------+
-| Variable_name | Value |
-+-------------------------------------------------+--------+
-| validate_password.changed_characters_percentage | 0 |
-| validate_password.check_user_name | ON |
-| validate_password.dictionary_file | |
-| validate_password.length | 8 |
-| validate_password.mixed_case_count | 1 |
-| validate_password.number_count | 1 |
-| validate_password.policy | MEDIUM |
-| validate_password.special_char_count | 1 |
-+-------------------------------------------------+--------+
-8 rows in set (0.004 sec)
-
-mysql> SHOW VARIABLES LIKE 'validate_password%';
-+-------------------------------------------------+--------+
-| Variable_name | Value |
-+-------------------------------------------------+--------+
-| validate_password.changed_characters_percentage | 0 |
-| validate_password.check_user_name | ON |
-| validate_password.dictionary_file | |
-| validate_password.length | 8 |
-| validate_password.mixed_case_count | 1 |
-| validate_password.number_count | 1 |
-| validate_password.policy | MEDIUM |
-| validate_password.special_char_count | 1 |
-+-------------------------------------------------+--------+
-8 rows in set (0.004 sec)
-#+end_src
-
-#+begin_src sql
-SELECT * FROM mysql.user
-#+end_src
-
-#+begin_src
-MySQL [(none)]> SELECT * FROM mysql.user;
-+-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
-| Host | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | Create_tablespace_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections | plugin | authentication_string | password_expired | password_last_changed | password_lifetime | account_locked | Create_role_priv | Drop_role_priv | Password_reuse_history | Password_reuse_time | Password_require_current | User_attributes |
-+-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
-| % | cmc | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | | N | 2025-04-25 16:28:52 | NULL | N | N | N | NULL | NULL | NULL | NULL |
-| localhost | mysql.infoschema | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
-| localhost | mysql.session | N | N | N | N | N | N | N | Y | N | N | N | N | N | N | N | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
-| localhost | mysql.sys | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | N | 2025-04-25 15:51:53 | NULL | Y | N | N | NULL | NULL | NULL | NULL |
-| localhost | root | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | caching_sha2_password | | N | 2025-04-25 15:51:53 | NULL | N | Y | Y | NULL | NULL | NULL | NULL |
-+-----------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+-----------------------+------------------------------------------------------------------------+------------------+-----------------------+-------------------+----------------+------------------+----------------+------------------------+---------------------+--------------------------+-----------------+
-5 rows in set (0.005 sec)
-#+end_src
diff --git a/databases/oracle/README.org b/databases/oracle/README.md
index f2bc680..3afa2e7 100644
--- a/databases/oracle/README.org
+++ b/databases/oracle/README.md
@@ -1,6 +1,6 @@
-* =oracle_admins.sql=
+# `oracle_admins.sql`
-#+begin_src sql
+``` sql
SELECT
grantee AS "User",
privilege AS "Privilege"
@@ -16,9 +16,9 @@ FROM
dba_tab_privs
WHERE
grantee IN (SELECT DISTINCT grantee FROM dba_tab_privs);
-#+end_src
+```
-#+begin_src text
+``` text
| User | Privilege |
|----------+---------------------|
| SCOTT | CREATE SESSION |
@@ -39,18 +39,18 @@ WHERE
| APP_USER | SELECT ON EMPLOYEES |
| APP_USER | INSERT ON EMPLOYEES |
| APP_USER | UPDATE ON EMPLOYEES |
-#+end_src
+```
-* =oracle_admins_alt.sql=
+# `oracle_admins_alt.sql`
-#+begin_src sql
+``` sql
SELECT ** FROM sys.dba_role_privs;
SELECT ** FROM sys.dba_sys_privs;
SELECT ** FROM sys.dba_tab_privs;
SELECT ** FROM sys.dba_users;
-#+end_src
+```
-#+begin_src text
+``` text
| Grantee | Granted_Role | Admin_Option |
|----------+--------------+--------------|
| SCOTT | DBA | NO |
@@ -78,4 +78,4 @@ SELECT ** FROM sys.dba_users;
| SYS | OPEN | SYSTEM | TEMP |
| SYSTEM | OPEN | SYSTEM | TEMP |
| APP_USER | OPEN | USERS | TEMP |
-#+end_src
+```
diff --git a/databases/postgres/README.md b/databases/postgres/README.md
new file mode 100644
index 0000000..0e4f0fc
--- /dev/null
+++ b/databases/postgres/README.md
@@ -0,0 +1,67 @@
+# `passwords.sql`
+
+``` sql
+SELECT *
+FROM pg_settings
+WHERE name LIKE 'password_%';
+```
+
+ | name | setting | unit | category | short_desc | extra_desc | context | vartype | source | min_val | max_val | enumvals | boot_val | reset_val | sourcefile | sourceline | pending_restart |
+ |---------------------+---------------+------+-------------------------------------------------+-------------------------------------------------+------------+---------+---------+---------+---------+---------+---------------------+---------------+---------------+------------+------------+-----------------|
+ | password_encryption | scram-sha-256 | | Connections and Authentication / Authentication | Chooses the algorithm for encrypting passwords. | | user | enum | default | | | {md5,scram-sha-256} | scram-sha-256 | scram-sha-256 | | | false |
+
+``` sql
+SELECT
+ usename AS user_name,
+ passwd AS password,
+ valuntil AS valid_until,
+ useconfig AS user_config
+FROM pg_shadow;
+```
+
+ | user_name | password | valid_until | user_config |
+ |-----------+---------------------------------------------------------------------------------------------------------------------------------------+------------------------+-------------|
+ | cmc | | | |
+ | testuser | SCRAM-SHA-256$4096:+NSpEU+8afhJ4BUTkzdKeg==$FGIRcTWr89b42qkLUl4Ntfp4RUpoc3GIpLHqJl/fWZE=:o1UM8YiEj5SLV5l/geMuqXMRi6onWazryn/l+LXYMxU= | 2025-12-31 00:00:00-06 | |
+
+# `admins.sql`
+
+``` sql
+SELECT
+ r.rolname AS role_name,
+ r.rolsuper AS is_superuser,
+ r.rolinherit AS inherits_privileges,
+ r.rolcreaterole AS can_create_roles,
+ r.rolcreatedb AS can_create_db,
+ r.rolcanlogin AS can_login,
+ r.rolreplication AS can_replication,
+ r.rolconnlimit AS connection_limit,
+ r.rolvaliduntil AS valid_until,
+ ARRAY(
+ SELECT b.rolname
+ FROM pg_auth_members m
+ JOIN pg_roles b ON (m.roleid = b.oid)
+ WHERE m.member = r.oid
+ ) AS member_of
+FROM pg_roles r;
+```
+
+ | role_name | is_superuser | inherits_privileges | can_create_roles | can_create_db | can_login | can_replication | connection_limit | valid_until | member_of |
+ |-----------------------------+--------------+---------------------+------------------+---------------+-----------+-----------------+------------------+------------------------+--------------------------------------------------------------|
+ | cmc | true | true | true | true | true | true | -1 | | {} |
+ | pg_database_owner | false | true | false | false | false | false | -1 | | {} |
+ | pg_read_all_data | false | true | false | false | false | false | -1 | | {} |
+ | pg_write_all_data | false | true | false | false | false | false | -1 | | {} |
+ | pg_monitor | false | true | false | false | false | false | -1 | | {pg_read_all_settings,pg_read_all_stats,pg_stat_scan_tables} |
+ | pg_read_all_settings | false | true | false | false | false | false | -1 | | {} |
+ | pg_read_all_stats | false | true | false | false | false | false | -1 | | {} |
+ | pg_stat_scan_tables | false | true | false | false | false | false | -1 | | {} |
+ | pg_read_server_files | false | true | false | false | false | false | -1 | | {} |
+ | pg_write_server_files | false | true | false | false | false | false | -1 | | {} |
+ | pg_execute_server_program | false | true | false | false | false | false | -1 | | {} |
+ | pg_signal_backend | false | true | false | false | false | false | -1 | | {} |
+ | pg_checkpoint | false | true | false | false | false | false | -1 | | {} |
+ | pg_maintain | false | true | false | false | false | false | -1 | | {} |
+ | pg_use_reserved_connections | false | true | false | false | false | false | -1 | | {} |
+ | pg_create_subscription | false | true | false | false | false | false | -1 | | {} |
+ | testuser | false | true | false | false | true | false | -1 | 2025-12-31 00:00:00-06 | {} |
diff --git a/databases/postgres/README.org b/databases/postgres/README.org
deleted file mode 100644
index e7cd062..0000000
--- a/databases/postgres/README.org
+++ /dev/null
@@ -1,75 +0,0 @@
-#+title: Postgres
-
-* =passwords.sql=
-
-#+begin_src sql
-SELECT *
-FROM pg_settings
-WHERE name LIKE 'password_%';
-#+end_src
-
-#+begin_src
-| name | setting | unit | category | short_desc | extra_desc | context | vartype | source | min_val | max_val | enumvals | boot_val | reset_val | sourcefile | sourceline | pending_restart |
-|---------------------+---------------+------+-------------------------------------------------+-------------------------------------------------+------------+---------+---------+---------+---------+---------+---------------------+---------------+---------------+------------+------------+-----------------|
-| password_encryption | scram-sha-256 | | Connections and Authentication / Authentication | Chooses the algorithm for encrypting passwords. | | user | enum | default | | | {md5,scram-sha-256} | scram-sha-256 | scram-sha-256 | | | false |
-#+end_src
-
-#+begin_src sql
-SELECT
- usename AS user_name,
- passwd AS password,
- valuntil AS valid_until,
- useconfig AS user_config
-FROM pg_shadow;
-#+end_src
-
-#+begin_src
-| user_name | password | valid_until | user_config |
-|-----------+---------------------------------------------------------------------------------------------------------------------------------------+------------------------+-------------|
-| cmc | | | |
-| testuser | SCRAM-SHA-256$4096:+NSpEU+8afhJ4BUTkzdKeg==$FGIRcTWr89b42qkLUl4Ntfp4RUpoc3GIpLHqJl/fWZE=:o1UM8YiEj5SLV5l/geMuqXMRi6onWazryn/l+LXYMxU= | 2025-12-31 00:00:00-06 | |
-#+end_src
-
-* =admins.sql=
-
-#+begin_src sql
-SELECT
- r.rolname AS role_name,
- r.rolsuper AS is_superuser,
- r.rolinherit AS inherits_privileges,
- r.rolcreaterole AS can_create_roles,
- r.rolcreatedb AS can_create_db,
- r.rolcanlogin AS can_login,
- r.rolreplication AS can_replication,
- r.rolconnlimit AS connection_limit,
- r.rolvaliduntil AS valid_until,
- ARRAY(
- SELECT b.rolname
- FROM pg_auth_members m
- JOIN pg_roles b ON (m.roleid = b.oid)
- WHERE m.member = r.oid
- ) AS member_of
-FROM pg_roles r;
-#+end_src
-
-#+begin_src
-| role_name | is_superuser | inherits_privileges | can_create_roles | can_create_db | can_login | can_replication | connection_limit | valid_until | member_of |
-|-----------------------------+--------------+---------------------+------------------+---------------+-----------+-----------------+------------------+------------------------+--------------------------------------------------------------|
-| cmc | true | true | true | true | true | true | -1 | | {} |
-| pg_database_owner | false | true | false | false | false | false | -1 | | {} |
-| pg_read_all_data | false | true | false | false | false | false | -1 | | {} |
-| pg_write_all_data | false | true | false | false | false | false | -1 | | {} |
-| pg_monitor | false | true | false | false | false | false | -1 | | {pg_read_all_settings,pg_read_all_stats,pg_stat_scan_tables} |
-| pg_read_all_settings | false | true | false | false | false | false | -1 | | {} |
-| pg_read_all_stats | false | true | false | false | false | false | -1 | | {} |
-| pg_stat_scan_tables | false | true | false | false | false | false | -1 | | {} |
-| pg_read_server_files | false | true | false | false | false | false | -1 | | {} |
-| pg_write_server_files | false | true | false | false | false | false | -1 | | {} |
-| pg_execute_server_program | false | true | false | false | false | false | -1 | | {} |
-| pg_signal_backend | false | true | false | false | false | false | -1 | | {} |
-| pg_checkpoint | false | true | false | false | false | false | -1 | | {} |
-| pg_maintain | false | true | false | false | false | false | -1 | | {} |
-| pg_use_reserved_connections | false | true | false | false | false | false | -1 | | {} |
-| pg_create_subscription | false | true | false | false | false | false | -1 | | {} |
-| testuser | false | true | false | false | true | false | -1 | 2025-12-31 00:00:00-06 | {} |
-#+end_src
diff --git a/databases/sql/README.org b/databases/sql/README.md
index 82b8911..3abfa39 100644
--- a/databases/sql/README.org
+++ b/databases/sql/README.md
@@ -1,10 +1,10 @@
-* =admins.sql=
+# `admins.sql`
-#+begin_src sql
+``` sql
:r admins.sql
-#+end_src
+```
-#+begin_src text
+``` text
| UserName | UserType | DatabaseUserName | Role | PermissionType | PermissionState | ObjectType | ObjectName | ColumnName |
|-------------+--------------+------------------+-----------------+----------------+-----------------+----------------------+--------------------+------------|
| SCOTT | SQL User | SCOTT | NULL | SELECT | GRANT | USER_TABLE | EMPLOYEES | NULL |
@@ -14,15 +14,15 @@
| APP_USER | Windows User | APP_USER | ApplicationRole | INSERT | GRANT | USER_TABLE | EMPLOYEES | NULL |
| {All Users} | {All Users} | {All Users} | public | SELECT | GRANT | USER_TABLE | EMPLOYEES | NULL |
| {All Users} | {All Users} | {All Users} | public | EXECUTE | GRANT | SQL_STORED_PROCEDURE | SP_GET_EMPLOYEE | NULL |
-#+end_src
+```
-* =passwords.py=
+# `passwords.py`
-#+begin_src shell
+``` shell
python passwords.py
-#+end_src
+```
-#+begin_src text
+``` text
| Name | Type | Check Policy | Check Expiration | Reason |
|-------+-----------+--------------+------------------+-----------------------------------------------------------------------------------------------------------------------------------------------|
| user1 | SQL_LOGIN | PASS | FAIL | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is not enforced. |
@@ -33,4 +33,4 @@ python passwords.py
| user6 | SQL_LOGIN | PASS | PASS | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
| user7 | SQL_LOGIN | PASS | PASS | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
| user8 | SQL_LOGIN | PASS | PASS | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
-#+end_src
+```
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-15 16:59:57 +0000