I have MyCloudMirror NAS box and I accidentally delete root user from MySQL now I can't login to mysql.
I have uninstall and reinstall the phpmyadmin app but that did not make any different
I also try following but nothing is working
mysqld_safe --skip-grant-tables &
below command show that all permission are assign
CREATE USER 'root'#'localhost' IDENTIFIED BY '';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' WITH GRANT OPTION;
this doesnt assign all permission the trigger are uncheck
CREATE USER 'root'#'%' IDENTIFIED BY '';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
If I try to check triger from myphpadmin and click on apply i get error message
GRANT ALL PRIVILEGES ON . TO 'root'#'%' REQUIRE NONE WITH GRANT
OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0
MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0; MySQL said:
Documentation
#1045 - Access denied for user 'root'#'localhost' (using password: NO)
GRANT ALL PRIVILEGES is not enough.
On MySQL 8+ you must execute the next statements:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS,
FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER,
CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE,
REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE,
CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE
ON *.* TO `root`#`localhost` WITH GRANT OPTION;
GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,
AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,
CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FLUSH_OPTIMIZER_COSTS,
FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,
INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,
PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,
RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,
SERVICE_CONNECTION_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,
SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,XA_RECOVER_ADMIN
ON *.* TO `root`#`localhost` WITH GRANT OPTION;
GRANT PROXY ON ``#`` TO `root`#`localhost` WITH GRANT OPTION;
FLUSH PRIVILEGES;
This is how I fixed the issue
Run /usr/bin/mysql_reset.py --reset
The above command reset all settings on DB
Related
When we try to GRANT ALL permissions to a user for a specific database, the admin (superuser) user of database receives the following error.
Access denied for user 'admin'#'%' to database 'the_Db'
After looking other questions in stackoverflow I could not find the solution. I already tried to change * -> % without success, that is the approach suggested in the following source:
http://www.fidian.com/problems-only-tyler-has/using-grant-all-with-amazons-mysql-rds
I think there is an underlying configuration on RDS so I can't grant all permissions for the users, but I don't know how to detect what is happening.
Update
After doing some workarounds I noticed that the "Delete versioning rows" permissions is the one that causes the problem. I can add all permissions but that one.
https://mariadb.com/kb/en/grant/
So the only "way" I could grant other permissions was to specific each one of those with a script like this.
GRANT Alter ON *.* TO 'user_some_app'#'%';
GRANT Create ON *.* TO 'user_some_app'#'%';
GRANT Create view ON *.* TO 'user_some_app'#'%';
GRANT Delete ON *.* TO 'user_some_app'#'%';
GRANT Drop ON *.* TO 'user_some_app'#'%';
GRANT Grant option ON *.* TO 'user_some_app'#'%';
GRANT Index ON *.* TO 'user_some_app'#'%';
GRANT Insert ON *.* TO 'user_some_app'#'%';
GRANT References ON *.* TO 'user_some_app'#'%';
GRANT Select ON *.* TO 'user_some_app'#'%';
GRANT Show view ON *.* TO 'user_some_app'#'%';
GRANT Trigger ON *.* TO 'user_some_app'#'%';
GRANT Update ON *.* TO 'user_some_app'#'%';
GRANT Alter routine ON *.* TO 'user_some_app'#'%';
GRANT Create routine ON *.* TO 'user_some_app'#'%';
GRANT Create temporary tables ON *.* TO 'user_some_app'#'%';
GRANT Execute ON *.* TO 'user_some_app'#'%';
GRANT Lock tables ON *.* TO 'user_some_app'#'%';
Try this
mysql -h your-rds-host-name -P 3306 -u rds-master-user -p
CREATE DATABASE sitedb;
CREATE USER 'siteuser'#'%' IDENTIFIED BY 'Password';
// For MySQL 5.7 or Less
GRANT ALL ON sitedb.* TO 'siteuser'#'%' IDENTIFIED BY 'Password' WITH GRANT OPTION;
// MariaDB 10 Up
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, EVENT, TRIGGER, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON `sitedb`.* TO 'siteuser'#'%';
FLUSH PRIVILEGES;
EXIT
Error show while executing stored procedure
MySQL said: Documentation
#1045 - Access denied for user 'root'#'%' (using password: YES)
Permissions on mysql
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'root'#'%' IDENTIFIED BY PASSWORD <secret> WITH GRANT OPTION
GRANT ALL PRIVILEGES ON `product`.* TO 'root'#'%' WITH GRANT OPTION
GRANT ALL PRIVILEGES ON `%`.* TO 'root'#'%' WITH GRANT OPTION
GRANT EXECUTE ON PROCEDURE `product`.`export_product` TO 'root'#'%' WITH GRANT OPTION
Create DB parameter group.Try the above link to create db parameter group in amazon rds and enable log_bin_trust_function_creators for creating and executing functions triggers and stored procedures
Im trying to remove all permissions for a user on a database.
REVOKE ALL PRIVILEGES ON database.* FROM 'user'#'%';
This just gives an error saying:
ERROR 1141 (42000): There is no such grant defined for user 'user' on host '%'
I am logged in as root user when running the query. And running show grants for user query shows that the user has permissions on all databases
Output from show grants query:
GRANT USAGE ON *.* TO 'user'#'%' IDENTIFIED BY PASSWORD 'xxxxxx'
Revoke statement has to match the grants issued. If grant is issued to *.*, you can only revoke *.* as well.
since SHOW GRANTS for 'user'#'%' shows a line like:
GRANT USAGE ON *.* TO 'user'#'%' IDENTIFIED BY PASSWORD 'xxxxxx'
You need to revoke that!
This should work:
REVOKE ALL PRIVILEGES ON *.* FROM 'user'#'%';
database.* denotes all tables in the "database" database
*.* denotes all tables in all databases
You can execute the below queries,
1) REVOKE ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TABLESPACE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DELETE, DROP, EVENT, EXECUTE, FILE, INDEX, INSERT, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SELECT, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER, UPDATE ON . FROM ‘user'#'%’;
OR
REVOKE ALL PRIVILEGES ON . FROM ‘user'#'%';
2) REVOKE GRANT OPTION ON . FROM ‘user'#'%';
While logging into MySQL using 'root'#10.0.1.15'
I tried to grant a user SELECT, INSERT, UPDATE but got this error from MySQL
Error Code: 1044. Access denied for user 'root'#'10.%' to database 'abc'
This is the query that I used to grant
GRANT SELECT, INSERT, UPDATE ON abc.* TO 'myUser'#'10.%';
This makes no since because when I execute SHOW GRANTS FOR 'root'#'10.%' Here is what I get
GRANT ALL PRIVILEGES ON *.* TO 'root'#'10.%' IDENTIFIED BY PASSWORD 'jklasdfksfkashdfksdfhsdlkfasdfjklasdfsjk'
I tried to do grant all privileges all over again but still getting the same error.
GRANT ALL PRIVILEGES ON *.* TO 'root'#'10.%';
FLUSH PRIVILEGES;
What I could be doing wrong here? why aren't the user 'root'#'10.0.1.15' able to GRANT other users privileges?
Your user needs the GRANT OPTION.
Here's how to change your existing grant to fix that:
GRANT ALL PRIVILEGES ON *.*
TO 'root'#'10.%'
IDENTIFIED BY PASSWORD 'jklasdfksfkashdfksdfhsdlkfasdfjklasdfsjk'
WITH GRANT OPTION
I am creating a user app_root identified by a password with limited permission. This user should only be able to create a database with prefix, create a new user, and grant permission to new user to access the database. So this is what I am doing.
CREATE USER app_root#localhost IDENTIFIED BY 'password';
GRANT CREATE USER ON *.* TO app_root#localhost WITH GRANT OPTION;
GRANT CREATE ON `myapp\_%`.* TO app_root#localhost WITH GRANT OPTION;
FLUSH PRIVILEGES;
The user is duly created. Now I log in to mysql with app_root user and execute following:
CREATE DATABASE test;
It fails as expected because name of database does not contain myapp_ prefix.
CREATE DATABASE myapp_test;
CREATE USER myapp_test#localhost IDENTIFIED BY 'ABC';
Both database and user are successfully created. But if I execute grant statement, error occurs.
GRANT ALL PRIVILEGES ON myapp_test.* TO myapp_test#localhost;
It generates ERROR 1044 (42000): Access denied for user 'app_root'#'localhost' to database 'myapp_test'. Could anyone please tell me what is wrong with my approach?
MySQL Version - Server version: 5.5.37-0ubuntu0.14.04.1 (Ubuntu)
Edit - As suggested, I granted all privileges to app_root user. But it still does not change anything.
GRANT ALL ON `myapp\_%`.* TO app_root#localhost WITH GRANT OPTION;
FLUSH PRIVILEGES;