I'm trying to create a MySQL user with permissions from anywhere, but the command is failing:
MariaDB [(none)]> create user 'accounts'#'%' identified by 'password';
ERROR 1396 (HY000): Operation CREATE USER failed for 'accounts'#'%'
But if I change the permissions to access it from only localhost it works:
MariaDB [(none)]> CREATE USER 'accounts'#'localhost' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.01 sec)
I have a database called accounts:
MariaDB [(none)]> show databases like 'accounts';
+---------------------+
| Database (accounts) |
+---------------------+
| accounts |
+---------------------+
1 row in set (0.02 sec)
But I have to also create a user called accounts as well.
Note, I am doing this for work so I do not make decisions on who can access the DB from where.
Why does the first command fail?
Related
I want to create multiple users on MySQL and allow them to create databases and access the databases which are only created by them. Is there a way to do this?
If so what permission I need to give?
Instead of giving "create database" permission to a user, from "root" you can just create the database and grant all privileges on the database to the specific users. That's what I am using in my world. I don't think "create database" privileges available in MySQL especially.
Using the below approach you have the control of database level because the user can do anything in the specific database where they had the permission, not at the instance level (mean they can't create junk databases).
Friday 28> mysql -uroot -p
mysql> create user test identified by 'test';
mysql> create database x1;
mysql> grant all privileges on x1.* to 'test'#'%';
Friday 28> mysql -utest -p
Enter password:
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| x1 |
+--------------------+
2 rows in set (0.00 sec)
mysql> use x1;
Database changed
mysql> create table test(c int);
seQuery OK, 0 rows affected (0.44 sec)
mysql> select * from test;
Empty set (0.00 sec)
So I'm trying to export a schema/DB out of mysql and I'm getting a weird error.
I also ran several grant commands (see below) which I believe should be enough to let me export the data. On MySQLWorkbench, I logged in as a user mentioned in the grand commands.
Any ideas what I could be doing wrong? Thanks a lot
Error:
Unhandled exception: Error querying security information: Error executing 'SELECT * FROM mysql.user WHERE User='mydb' AND Host='myhost.com' ORDER BY User, Host'
SELECT command denied to user 'mydb'#'my-ip-here' for table 'user'.
SQL Error: 1142
grant commands:
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> grant all privileges on mydb.* to 'mydb'#'%' identified by 'mypassword';
Query OK, 0 rows affected (0.05 sec)
mysql> grant show databases on *.* to 'mydb'#'%';
Query OK, 0 rows affected (0.01 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.02 sec)
mysql> show grants for 'mydb'#'%';
+--------------------------------------------------------------------------------------------------------------+
| Grants for mydb#% |
+--------------------------------------------------------------------------------------------------------------+
| GRANT SHOW DATABASES ON *.* TO 'mydb'#'%' IDENTIFIED BY PASSWORD 'mypassword' |
| GRANT ALL PRIVILEGES ON `mydb`.* TO 'mydb'#'%' |
+--------------------------------------------------------------------------------------------------------------+
I want to grant a user (my program) all access rights to a given database - read/write, even delete.
It is important that, after deletion (and, initially, before it ever exists), the user be able to create the database - but only with a given database name and the user should have no access to anything other than this database.
I am at a loss of the GRANT ...
The database does not have to exist to grant access to it. As a privileged user such as root you can do
mysql> grant all on dooda.* to 'dooda'#'localhost' identified by 'dooda';
mysql> exit
then
jason:>mysql -u dooda -p
Enter password:
etc
mysql> create database dooda;
Query OK, 1 row affected (0.00 sec)
but you can't
mysql> create database somethingelse;
ERROR 1044 (42000): Access denied for user 'dooda'#'localhost' to database 'somethingelse'
and if you
mysql> drop database dooda;
Query OK, 0 rows affected (0.00 sec)
mysql> create database dooda;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| dooda |
| test |
+--------------------+
i was creating a db in mysql and ran commands-
create database projectdb;
create user 'aquaman'#'localhost' identified by password'aquaman123';
and it gave error-
ERROR 1396 (HY000): Operation CREATE USER failed for 'aquaman'#'localhost'
anyone please help me how to resolve it
I ran into this issue having previously deleted a user of the same name directly from the user table:
DELETE FROM mysql.user WHERE User='aquaman';
But this isn't the right way to delete a user! Having dropped the user properly, via:
DROP USER 'aquaman';
...I was once again able to successfully create a user with this name.
Incorrect Syntax!!
You have included an extra password in your code.
Change the code from:
create user 'aquaman'#'localhost' identified by password'aquaman123';
TO:
CREATE USER 'aquaman'#'localhost' IDENTIFIED BY 'aquaman123';
Please check the documentation: http://dev.mysql.com/doc/refman/5.0/en/create-user.html
I faced the same issue in the below MySQL version in MAC OS - Catalina:
Your MySQL connection id is 8
Server version: 8.0.27 MySQL Community Server - GPL
I was able to solve the issue by the below commands:
mysql> create database testdb;
Query OK, 1 row affected (0.04 sec)
mysql> create user 'test'#'%' identified by 'YourPassword$';
Query OK, 0 rows affected (0.07 sec)
or
mysql> create user 'test'#localhost identified by 'YourPassword$';
Query OK, 0 rows affected (0.07 sec)
mysql> grant all on testdb.* to 'test'#'%';
Query OK, 0 rows affected (0.00 sec)
or
mysql> grant all on testdb.* to 'test'#localhost;
Query OK, 0 rows affected (0.00 sec)
mysql> select user from mysql.user;
+------------------+
| user |
+------------------+
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| root |
| test |
+------------------+
I'd like to create a user who has all privileges with his own database in MySQL.
When I use this user to create a table, MySQL returns that the SQL server is running with read-only option.
However when I changed to an another existing user with all privileges on *.*, I can create table without error.
I'm wondering if the read-only option is global or what?
The following is my MySQL commands using MySQL root:
mysql> create user 'demo'#'localhost' identified by 'demo';
mysql> create database demo;
mysql> grant all privileges on demo.* to demo#localhost;
mysql> show grants for demo#localhost;
+-------------------------------------------------------------------------------------------------------------------+
| Grants for demo#localhost |
+-------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'demo'#'localhost' IDENTIFIED BY PASSWORD '*demo-hashed*' |
| GRANT ALL PRIVILEGES ON `demo`.* TO 'demo'#'localhost' |
+-------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
Then I switched to user "demo":
mysql> use demo;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> create table t(t1 int);
ERROR 1290 (HY000): The MySQL server is running with the --read-only option so it cannot execute this statement
So I checked the read-only option, and it seems to be on.
However then I tried using another user with privileges on *.* and I can create tables successfully.
The another user grant setting:
mysql> show grants for demo2#'%';
+-----------------------------------------------------------------------------------------------------------------+
| Grants for demo2#% |
+-----------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'demo2'#'%' IDENTIFIED BY PASSWORD '*demo2-hased*' |
+-----------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MySQL version:
mysql> select version();
+------------------------+
| version() |
+------------------------+
| 5.1.68.0 |
+------------------------+
1 row in set (0.00 sec)
BTW, after I set read_only = 0 I can use demo to create table. I just don't know why the demo2 can create table while read-only is on.
Thanks!
Please check the My.cnf for Linux or My.ini for windows under [mysqld] remove read only parameters then restart the service and try again that will solve the read only problem, but if you create table in read only that will be a temp table.