Error show while executing stored procedure
MySQL said: Documentation
#1045 - Access denied for user 'root'#'%' (using password: YES)
Permissions on mysql
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'root'#'%' IDENTIFIED BY PASSWORD <secret> WITH GRANT OPTION
GRANT ALL PRIVILEGES ON `product`.* TO 'root'#'%' WITH GRANT OPTION
GRANT ALL PRIVILEGES ON `%`.* TO 'root'#'%' WITH GRANT OPTION
GRANT EXECUTE ON PROCEDURE `product`.`export_product` TO 'root'#'%' WITH GRANT OPTION
Create DB parameter group.Try the above link to create db parameter group in amazon rds and enable log_bin_trust_function_creators for creating and executing functions triggers and stored procedures
Related
I have MyCloudMirror NAS box and I accidentally delete root user from MySQL now I can't login to mysql.
I have uninstall and reinstall the phpmyadmin app but that did not make any different
I also try following but nothing is working
mysqld_safe --skip-grant-tables &
below command show that all permission are assign
CREATE USER 'root'#'localhost' IDENTIFIED BY '';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' WITH GRANT OPTION;
this doesnt assign all permission the trigger are uncheck
CREATE USER 'root'#'%' IDENTIFIED BY '';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
If I try to check triger from myphpadmin and click on apply i get error message
GRANT ALL PRIVILEGES ON . TO 'root'#'%' REQUIRE NONE WITH GRANT
OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0
MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0; MySQL said:
Documentation
#1045 - Access denied for user 'root'#'localhost' (using password: NO)
GRANT ALL PRIVILEGES is not enough.
On MySQL 8+ you must execute the next statements:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS,
FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER,
CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE,
REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE,
CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE
ON *.* TO `root`#`localhost` WITH GRANT OPTION;
GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,
AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,
CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FLUSH_OPTIMIZER_COSTS,
FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,
INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,
PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,
RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,
SERVICE_CONNECTION_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,
SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,XA_RECOVER_ADMIN
ON *.* TO `root`#`localhost` WITH GRANT OPTION;
GRANT PROXY ON ``#`` TO `root`#`localhost` WITH GRANT OPTION;
FLUSH PRIVILEGES;
This is how I fixed the issue
Run /usr/bin/mysql_reset.py --reset
The above command reset all settings on DB
I am logged in as root user and i just reinstalled the mysql server. login_manager isn't created as is shown when i execute SELECT * FROM mysql.user;. I now execute
CREATE USER 'login_manager'#'localhost' IDENTIFIED BY 'login_manager'; and when i check if the user is created, i can find it. Executing
GRANT INSERT
ON clients
TO login_manager;
where client is a table gives me the error i put in the title. Executing FLUSH PRIVILEGES; after creating the user didn't help either. I flushed privileges before creating the user. I looked that up, and normally this error comes when you try to create the user in the grant statement, which i am not doing.
I know this is long, but here are the Grants that root has:
'GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`#`localhost` WITH GRANT OPTION'
and
'GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,XA_RECOVER_ADMIN ON *.* TO `root`#`localhost` WITH GRANT OPTION'
and
'GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION'
Your login_manager user has a Host entry, likely localhost or %.
Because of this, your GRANT technically isn't for that user, it's for a login_manager with no Host entry - so mysql knows it would have to create the user with no Host first.
Asuming you used localhost when you created the user, use this to do the grants:
GRANT INSERT
ON clients
TO 'login_manager'#'localhost';
I'm currently trying to grant access to my locally hosted MySQL user to my Google Cloud SQL MySQL instance so that I can migrate a database over.
Currently, I've done the following:
Authorized my IP (it's from my ISP so it will change eventually) on my Cloud SQL connections.
On my laptop I've signed into my instance with:
mysql --host=12.345.678.90 --user=root --password
Then I created myself a user so that I can use mysqladmin and mysqldump to migrate the DB after.:
mysql> CREATE USER 'andrew'#'98.76.543.210' IDENTIFIED BY 'andrew';
Then:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'andrew'#'98.76.543.210 WITH GRANT OPTION;
But I get the error:
ERROR 1045 (28000): Access denied for user 'root'#'%' (using password: YES)
Users created using Cloud SQL have all privileges except FILE and SUPER.
The set of privileges you can set are as below
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE ON mydb.* TO 'admin'#'%' WITH GRANT OPTION
So that is to say you cannot do GRANT ALL PRIVILEGES since it requires SUPERROLE.
I am trying to give explicit permissions to an user on mysql and im doing this (to an already created user)
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, INDEX, ALTER, SHOW DATABASES,
CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW,
CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER
ON mydatabase.*
TO 'myuser'#'localhost' ;
But im getting this weird error:
Incorrect usage of DB GRANT and GLOBAL PRIVILEGES
I tried on other schemas with other users making a GRANT ALL PRIVILEGES and seems is working. Any idea?
Some privileges only make sense when the grant references ON *.* as the schema.table.
The manual page https://dev.mysql.com/doc/refman/5.7/en/grant.html lists all the available privileges, and notes each for global, database, table, based on whether you can grant them at different levels of scope.
The SHOW DATABASES privilege can only be granted at the global level.
So you'll have to do it this way:
GRANT SHOW DATABASES
ON *.*
TO 'myuser'#'localhost' ;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, INDEX, ALTER,
CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW,
CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER
ON mydatabase.*
TO 'myuser'#'localhost' ;
I had the strange thing that the "root" user had the rights to grant rights, but I still had to use the user "admin" instead.
With root, I got:
SQL Error [1045] [28000]: Access denied for user 'root'#'%' (using password: YES)
It might just be the setup, but when I look it up in the GUI of DBeaver (Connection --> Users --> Grants --> View Grants), they both have all of the rights checked, and I still cannot grant rights with the "root" user.
Perhaps it helps someone with another weird db setup.
Admin:
Root:
Im trying to remove all permissions for a user on a database.
REVOKE ALL PRIVILEGES ON database.* FROM 'user'#'%';
This just gives an error saying:
ERROR 1141 (42000): There is no such grant defined for user 'user' on host '%'
I am logged in as root user when running the query. And running show grants for user query shows that the user has permissions on all databases
Output from show grants query:
GRANT USAGE ON *.* TO 'user'#'%' IDENTIFIED BY PASSWORD 'xxxxxx'
Revoke statement has to match the grants issued. If grant is issued to *.*, you can only revoke *.* as well.
since SHOW GRANTS for 'user'#'%' shows a line like:
GRANT USAGE ON *.* TO 'user'#'%' IDENTIFIED BY PASSWORD 'xxxxxx'
You need to revoke that!
This should work:
REVOKE ALL PRIVILEGES ON *.* FROM 'user'#'%';
database.* denotes all tables in the "database" database
*.* denotes all tables in all databases
You can execute the below queries,
1) REVOKE ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TABLESPACE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DELETE, DROP, EVENT, EXECUTE, FILE, INDEX, INSERT, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SELECT, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER, UPDATE ON . FROM ‘user'#'%’;
OR
REVOKE ALL PRIVILEGES ON . FROM ‘user'#'%';
2) REVOKE GRANT OPTION ON . FROM ‘user'#'%';