I am trying to read a CSV file into MariaDb and get an error message that says "permission denied". Can you tell me what I have done wrong (see details below)?
I am running MariaDb 10.2.6 on OSX High Serra. I am logged in to MariaDb as 'root'#'localhost'. I have granted 'root'#'localhost' FILE privilege. The user 'root'#'localhost' is using the security plugin 'unix_socket'.
I have created a table using the CONNECT storage engine like so:
create table twins (
ABOT double,
SCLK double,
LMST varchar(30),
LTST varchar(30),
UTC varchar(30),
HORIZONTAL_WIND_SPEED double,
VERTICAL_WIND_SPEED double,
WIND_DIRECTION double,
AIR_TEMP double)
engine=CONNECT table_type=CSV file_name='twins_calib_8066_01.csv'
header=1;
The permission to the file I wish to read is:
-rw-r--r-- 1 ssackett everyone 873837 Mar 20 11:29 twins_calib_8066_01.csv
When I issue the SQL: select * from twins;
I receive the error message:
ERROR 1296 (HY000): Got error 174 'Open() error 13 on twins_calib_8066_01.csv: Permission denied' from CONNECT
The CSV storage engine doesn't allow UPDATE or DELETE, but it does allow INSERT, therefore mysqld needs write permission on the file, or else it can't open it.
But your CSV file is owned by ssacckett, not "mysql" (or whatever uid your mysqld runs as), so it's not writeable by the mysqld process.
Try:
sudo chown mysql:mysql twins_calib_8066_01.csv
Change it to the user & group that the mysqld process runs as.
Alternatively, change the file mode to writeable by all:
chmod 666 twins_calib_8066_01.csv
Check the permission on the directory containing the .csv file. You need "search" (x) permission on the directory to even see the files in it.
Related
I have my main database on an SSD but I also want to hold semi-temporary data in a ramdisk. This is all on Ubuntu with mySQL 8.0.23. However, I'm unable to issue the following query:
mysql> create table t1 (c1 int) data directory = '/mnt/ramdisk/mysql';
I get this:
ERROR 1045 (28000): Access denied for user 'username'#'localhost' (using password: NO)
However, I can do it without the data directory option.
I have the directory in innodb_directories:
mysql> show variables like 'innodb_directories';
+--------------------+--------------------+
| Variable_name | Value |
+--------------------+--------------------+
| innodb_directories | /mnt/ramdisk/mysql |
+--------------------+--------------------+
Permissions to the directory seem okay:
root#localhost:~# ls -ld /mnt/ramdisk/mysql/
drwxr-xr-x 2 mysql mysql 40 Feb 19 10:59 /mnt/ramdisk/mysql/
edit:
Suggestion below pointed to the "file" privilege. After granting "file" privs:
mysql> grant create on ib.* to username#localhost;
Now complains about this when creating the table:
ERROR 1030 (HY000): Got error 168 - 'Unknown (generic) error from engine' from storage engine
With error.log reporting the following even though the directory has rwx perms for all:
2021-02-19T19:20:16.105812Z 26 [ERROR] [MY-012592] [InnoDB] Operating system error number 13 in a file operation.
2021-02-19T19:20:16.105879Z 26 [ERROR] [MY-012595] [InnoDB] The error means mysqld does not have the access rights to the directory.
edit:
After creating a subdirectory for the database named "db", and chown'ing it to mysql:
/mnt/ramdisk/mysql/db
I'm getting this:
2021-02-20T02:47:04.997841Z 8 [ERROR] [MY-012592] [InnoDB] Operating system error number 13 in a file operation.
2021-02-20T02:47:04.997854Z 8 [ERROR] [MY-012595] [InnoDB] The error means mysqld does not have the access rights to the directory.
2021-02-20T02:47:04.997869Z 8 [ERROR] [MY-012126] [InnoDB] Cannot create file '/mnt/ramdisk/mysql/db/table.ibd'
edit:
I noticed that I was able to create the table if I used /tmp... now things are getting interesting...
I did an strace on mysqld to see what was causing the issue and got this:
99911 openat(AT_FDCWD, "/mnt/ramdisk/mysql/db/table.ibd", O_RDWR|O_CREAT|O_EXCL, 0640) = -1 EACCES (Permission denied)
Not knowing what all those flags are, I wrote a quick C program to do the same thing... and it worked. It's not even that the mysql user (running mysqld) can't do it, since the following worked:
sudo -u mysql <the C program>
Any pointers? Thanks...
Okay, sort of figured it out. If the mount point is /mnt, or some other directory that I make, I get the issues described above. If the mount point is /tmp, it works. This is even if I use the same attributes as /tmp. In the end, I'm convinced it's not a mysql issue, but something to do with the filesystem.
This being just about the only relevant post I could find when encountering this problem myself, I'll post my solution.
But first, the problem, apparmor!
Here's how to check if apparmor or similar !#$##$ is the reason for your grievances.
If running:
journal -fx
return something akin to this when you try to create your db: (removed timestamps etc)
audit[813063]: AVC apparmor="DENIED" operation="mknod" profile="/usr/sbin/mysqld" name="/mnt/volume_fra1_01/mysql/mydb/tda.ibd" pid=813063 comm="connection" requested_mask="c" denied_mask="c" fsuid=112 ouid=112
audit: type=1400 audit(1664628440.627:200): apparmor="DENIED" operation="mknod" profile="/usr/sbin/mysqld" name="/mnt/volume_fra1_01/mysql/mydb/tda.ibd" pid=813063 comm="connection" requested_mask="c" denied_mask="c" fsuid=112 ouid=112
Then you've hit jackpot!
Find mysql's apparmor file, mine is in /etc/apparmor.d/usr.sbin.mysqld. Find the rows allowing access to mysql's default data dir and add your rows, my addition is the two last ones, you'll of course need to change them to suit yours, if you're feeling frisky you can just allow access to /mnt/ and be done with it.
# Allow data dir access
/var/lib/mysql/ r,
/var/lib/mysql/** rwk,
/mnt/volume_fra1_01/mysql/ r,
/mnt/volume_fra1_01/mysql/** rwk,
Once you've edited your apparmor file you may swear some more and run:
apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld
Done! Now run your CREATE TABLE again and go on with your life to greener pastures.
I tried to make a mysql_secure_installation but after I enter the password is giving me this:
...Failed! Error: File './mysql/user.MYD' not found (Errcode: 2 - No such file or directory)
Connecting using mysql cli and trying to create a new user gives me the same.
Mysql is 5.7 and installed via Homebrew
You haven't initialized the database. Your error means, that the table in which users are stored doesn't exist.
Have a look in your /etc/my.cnf file. There should be an entry datadir. Make sure this directory is empty. Then do
# mysql_install_db --defaults-file=/etc/my.cnf
This creates the schema mysql and all necessary tables. After that you can do
# mysql_secure_installation
I am fixing a server that uses Bitnami to run a WordPress site. I did not set up the server – it ran out of memory and crashed.
I was able to restart MySQL through the bitnami ctlscript, and I am able to access the MySQL CLI, but I cannot execute any queries that return data INSIDE the tables.
The following commands all work, and generate the expected output:
show databases;
use database 'x';
show tables;
As soon as I try to view table data (SELECT * FROM ...), this error shows up:
2019-01-15T18:25:19.507808Z 233 [ERROR] /opt/bitnami/mysql/bin/mysqld.bin: Can't find file: './bitnami_wordpress/wp_options.frm' (errno: 13 - Permission denied)
What I've tried:
Database file permissions. All data (specifically the
wp_tablename.frm files) is chowned by mysql:mysql
I confirmed this by changing permissions to my server user, restarting and trying to access mysql again, but the commands above, which already worked, broke, so I changed it back.
Reboots of all sorts. Bitnami, server, etc.
Selinux. I am 95% sure it is not running on this server (all commands
that check its status / install info return 'use apt-get to
install this package) or something like that.
Please help! This site is in production!
I am trying to use the LOAD DATA INFILE MySQL command on a Raspberry Pi running Raspbian. There are lot of similar questions on here but none seems to answer my problem exactly.
My code works fine on my Windows dev machine but on the Pi I get this error:
Can't get stat of '/var/www/transfer/categories.csv' (Errcode: 13)
Mysql statement is:
LOAD DATA INFILE '/var/www/transfer/categories.csv'
IGNORE INTO TABLE category
FIELDS TERMINATED BY ',' ENCLOSED BY '"';
The code is running in PHP and the database is MySQL.
The file and its '/transfer' folder have read permissions for World.
I have read a little about apparmor but can't see how to check or change how it is configured. There are 2 files in the /etc/apparmor.d folder. One is .usr.sbin.mysqld.swp but it doesn't seem to contain text and the other file refers to lightdm.
The database server and client is on the same server, so the LOCAL keyword doesn't apply.
My MySQL user has global privileges, so includes the FILE privilege.
I have checked the secure_file_priv setting and there is none.
I am sure this is some sort of permission or privilege issue, but I've run out of ideas. I want the file to live under the www folder because the system user has FTP rights to put it there. Ultimately I want to also create the file on the same machine but for now I'm happy to just read the file created under Windows.
$ errno 13
EACCES 13 Permission denied
Check your permissions; especially folder permissions. You can try su or sudo -u to the MySQL user and running ls -la /var/www/transfer/; if you don't see anything then you know the issue has to do with permissions of the folder and/or its contents.
If MySQL is running locally; to see which user: ps -elf | grep mysql
To switch to the MySQL user and test: sudo -u <mysql> bash
Linux. No SELinux (disabled).
I try to run this command as my linuxuser (member of group mysql):
mysqldump --user=root --tab "/some/folder" dbname
Getting this error:
mysqldump: Got error: 1: "Can't create/write to file 'sometable.txt' (Errcode: 13 "Permission denied")" when executing 'SELECT INTO OUTFILE'
If I look in the folder, there is a sometable.sql file, but no txt file.
As I understand, the sql file is created from the user's name who run the command (linuxuser in my case), but the txt file gets generated by mysql server (mysql user in this case). Note that mysql user is also a member of mysql group.
What could be the problem? Tried everything :)
If you trying to execute a mysqldump in a client diferent that the server
can be a problem
I tried with mysqldump Ver 10.14 Distrib 5.5.56-MariaDB, for Linux (x86_64), and works only with the /tmp/ dir.
Perhaps, help info say that will not work
-T, --tab=name Create tab-separated textfile for each table to given path. (Create .sql and .txt files.) NOTE: This only works if mysqldump is run on the same machine as the mysqld server.
The solution was to change "some/folder" to an external location. Looks like there were permission problems because originally the folder mentioned was under Perforce root and probably it had read-only permissions.
I then changed the new folder permissions to:
mylinuxuser:mysql
making sure that both the user with which the process was started, as well as mysql server have permissions to write there. This is because the sql file is written from user's name and txt file is written from mysql server's name.
I also added my user to the mysql group.
This was something I just found and wanted to pass along for the folks searching for the same answer.
This has been occurring on systems running systemd. In the /lib/systemd/system/mariadb.service file is the setting, 'PrivateTmp=true'. This is a security measure to prevent the data from being seen by folks who shouldn't be seeing it.
If you run:
SELECT * TO OUTFILE '/var/tmp/tablename.txt' FROM TABLENAME;
It will create the file but it creates it in a systemd protected directory.
/var/tmp/systemd-private-[hash]-mariadb-[hash]/tmp/tablename.txt
You can either save the data from here which is perfectly acceptable or stop mariadb, create the directory /etc/systemd/system/mariadb.service.d and in that directory create the file 'mariadb.conf' (as an example; any file should do) with the following:
[Service]
PrivateTmp=false
Run systemctl daemon-reload to reload the configuration and restart mariadb.
You should be able to create backups now.
What has worked for me (in Windows), trying to export a file using:
SELECT * INTO OUTFILE 'C:/documents/dumps' from file
MySQL Service properties --> Log on: take note account defined.
Directory C:\documents\dumps --> properties --> Security: account defined above needs read/write privileges