I have find many other topics about that but non of them brings me a step forward. I think it's just a stupid little thing, but unfortunately I can't find the problem and I've been working on it for days ^^
Base:
Windows Server 2016 data center
MariaDB 10.4.10, MySQL.exe 15.1
PowerShell 5.1.14393
PS started as administrator
Attempt 1:
If I log in with "mysql -hlocalhost -uroot -p1totalsecet" from the PS, it works without any problems.
Attempt 2:
If I run a PS (not mine), I get an "Access Denied" for the user root with an identical password. The exact message is:
Exception calling "Open" with 0 argument(s): "Authentication to host 'localhost' for user 'root' using method 'mysql_native_password' failed with message: Access denied for user 'root'#'localhost' (using password: yes)"
The corresponding PS function looks like this:
$Today = (Get-Date).ToString("yyyyMMdd")
$DBErrorLog = "$PSScriptRoot\$Today-DBError.log"
$ConnectionString = "server=" + $MySQLHost + ";port=" + $MySQLPort + ";uid=" + $MySQLUserName + ";pwd=" + $MySQLPassword + ";database=" + $MySQLDatabase + ";SslMode=" + $MySQLSSL + ";Default Command Timeout=" + $MySQLCommandTimeOut + ";Connect Timeout=" + $MySQLConnectTimeout + ";"
$Error.Clear()
Try {
[void][System.Reflection.Assembly]::LoadWithPartialName("MySql.Data")
$Connection = New-Object MySql.Data.MySqlClient.MySqlConnection
$Connection.ConnectionString = $ConnectionString
$Connection.Open()
$Command = New-Object MySql.Data.MySqlClient.MySqlCommand($Query, $Connection)
$DataAdapter = New-Object MySql.Data.MySqlClient.MySqlDataAdapter($Command)
$DataSet = New-Object System.Data.DataSet
$RecordCount = $DataAdapter.Fill($DataSet, "data")
$DataSet.Tables[0]
}
Catch {
Debug "[ERROR] DATABASE ERROR : Unable to run query : $Query $($Error[0])"
}
Finally {
$Connection.Close()
}
}
User and password have been checked a hundred times and are definitely identical (test crosswise using copy and paste).
"local-infile = 1" is already set in "my.ini" under [mysql] and under [mysqld]. There is also a "dontprotecthome.conf" with the content "ProtectHome=false" in the BIN directory, although I think this is only relevant under Linux.
It would be really super nice if someone could help me there; unfortunately I've run out of ideas.
Regards
Micha
I created a .bat script to import several .csv in my DB for a Laravel project.
At first, I was using python and each time it took an eternity to restore long files, so I decided to back up those tables and restore them with MySQL.
old .bat file
echo.
echo - Rebuilding database
php artisan migrate:fresh
echo.
echo - Importing animals data
cd py_animalimporter
python importer.py
cd ..
echo.
echo - Importing colors data
cd py_colorimporter
python importer.py
cd ..
echo.
echo - Rebuilding database
php artisan db: seed
echo.
echo - Importing places data
cd py_placeimporter
python importer.py
cd ..
echo.
echo - Starting local server
php artisan serve
New .bat file
echo.
echo - Rebuilding database
php artisan migrate:fresh
echo.
echo - Restoring sql backup
mysql -u username -p test_local < backup.sql
password
echo.
echo - Rebuilding database
php artisan db: seed
echo.
echo - Importing places data
cd py_placeimporter
python importer.py
cd ..
echo.
echo - Starting local server
php artisan serve
My python scripts read MySQL credentials from my laravel.env file (thanks to dotenv library), unfortunately, I can't figure how to do anything similar from the windows terminal.
.env file
DB_HOST=127.0.0.1
DB_PORT=3308
DB_DATABASE=test_local
DB_USERNAME=username
DB_PASSWORD=password
.py files example
from dotenv import load_dotenv
from pathlib import Path
import os
import mysql.connector
from mysql.connector import errorcode
def connectDb():
# Retrieve db credentials from .env
env_path = '../.env'
load_dotenv(dotenv_path=env_path)
db_host = os.getenv("DB_HOST")
db_port = os.getenv("DB_PORT")
db_database = os.getenv("DB_DATABASE")
db_username = os.getenv("DB_USERNAME")
db_password = os.getenv("DB_PASSWORD")
if db_password is None:
db_password = ''
return mysql.connector.connect(user=db_username, password=db_password,
host=db_host,
port=db_port,
database=db_database)
def insertPrimaryColour(hex,color):
try:
cnx = connectDb()
except mysql.connector.Error as err:
if err.errno == errorcode.ER_ACCESS_DENIED_ERROR:
print("] Wrong Credentials")
elif err.errno == errorcode.ER_BAD_DB_ERROR:
print("] No Existing Database")
else:
print("] " + err)
else:
cursor = cnx.cursor()
query = f"INSERT INTO dom_colors(`order`,hex,id_translation) VALUES(0,'{hex}','{color}');"
cursor.execute(query)
insert_id = cursor.lastrowid
cnx.commit()
cnx.close()
return insert_id
Alternately, I could use python to restore the DB but everything I tried didn't work!
If you want to make ad os indipendent solution you can try to use subprocess.
You can use in this way:
mysqlLogin = [...]
process = subprocess.Popen(mysqlLogin, shell=True, stdout=subprocess.PIPE)
process.wait()
This code line will run the command contained in mysqlLogin and wait for his termination.
You can also configure standard output redirection with stdout paramters.
Here is the docs: https://docs.python.org/3/library/subprocess.html
I finally found a solution with Python sending code to the Windows Terminal!
Here's the Python Script that now I call from the batch file
from dotenv import load_dotenv
from pathlib import Path
import os
def restoreDB():
# Retrieve DB credentials from .env
env_path = '.env'
load_dotenv(dotenv_path=env_path)
#db_host = os.getenv("DB_HOST")
#db_port = os.getenv("DB_PORT")
db_database = os.getenv("DB_DATABASE")
db_username = os.getenv("DB_USERNAME")
db_password = os.getenv("DB_PASSWORD")
if db_password is "":
mysqlLogin = "mysql -u "+db_username+" "+db_database+" < backup.sql"
else:
mysqlLogin = "mysql -u "+db_username+" --password='"+db_password+"' "+db_database+" < backup.sql"
os.system('cmd /c "%s"' % mysqlLogin)
restoreDB()
The last line of the script was not executed.
I tried to execute the code manually on the instance created and it was successful.
#!/bin/bash
#install tools
apt-get update -y
apt-get install mysql-client -y
#Create MySQL config file
echo "[mysql]" >> ~/.my.cnf
echo "user = poc5admin" >> ~/.my.cnf
echo "password = poc5password" >> ~/.my.cnf
#test
echo "endpoint = ${rds_endpoint}" >> ~/variables
hostip=$(hostname -I)
endpoint=${rds_endpoint}
echo "$hostip" >> ~/variables
#I have created a table here but I will remove the code since it is unnecessary...
#Create User
echo "CREATE USER 'poc5user'#'%' IDENTIFIED BY 'poc5pass';" >> ~/mysqlscript.sql
echo "GRANT EVENT ON * . * TO 'poc5user'#'%';" >> ~/mysqlscript.sql
cp mysqlscript.sql /home/ubuntu/mysqlscript.sql
mysql -h $endpoint -u poc5admin < ~/mysqlscript.sql
Expected result: There should be a Database, Table and User created on the RDS instance.
You can insert or create Database like this from the bash script but it is not recommended an approach to work with RDS. better to place your data over s3 and import from the s3.
Here is the example, that will create DB
resource "aws_db_instance" "db" {
allocated_storage = 20
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t2.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
s3_import {
source_engine = "mysql"
source_engine_version = "5.6"
bucket_name = "mybucket"
bucket_prefix = "backups"
ingestion_role = "arn:aws:iam::1234567890:role/role-xtrabackup-rds-restore"
}
}
~/.my.cnf why you need this? better to place these script in the s3 file.
second thing, If you still interesting to run from your local environment then you can insert from local-exec
resource "null_resource" "main_db_update_table" {
provisioner "local-exec" {
on_failure = "fail"
interpreter = ["/bin/bash", "-c"]
command = <<EOT
mysql -h ${aws_rds_cluster.db.endpoint} -u your_username -pyour_password your_db < mysql_script.sql
EOT
}
}
But better to with s3.
If you want to import from remote, you can explore remote-exec.
With user-data, you can do this but it seems your MySQL script not generating properly. better to cp script to remote and then run with local exec in remote.
There is no such thing as terraform "user_data". User data is a bootstrap script for the EC2 instances which you can use to install software/binaries or to execute your script at the boot time.
The script will be executed by the cloud-init, not by the terraform itself. The responsibility of the terraform is to set user-data for the ec2 instances.
You may check the cloud-init output logs which should have the result of your user-data script also.
From your code, I am not able to understand which step you have copied the below file.
cp mysqlscript.sql /home/ubuntu/mysqlscript.sql
mysql -h $endpoint -u poc5admin < ~/mysqlscript.sql
I am assuming that you are creating a new server and it does not have any file.
Thank you for your inputs. I have found an answer by moving the config file to /etc/mysql/my.cnf and then executing
mysql -h $endpoint -u poc5admin < ~/mysqlscript.sql
I am trying to connect one remote server where I have installed MySQL but it is taking localhost
Remote server where mySQL is installed: 131.116.220.228
Remote server from where db needs to be connected: 131.116.220.220 ('ov046hanpgate01.ddc.teliasonera.net')
use DBI;
print "Testing 1\n";
$DSN="DATABASE=MySQL80;port=3306;host=131.116.220.228";
print "Testing 2\n";
my $dbh = DBI->connect("dbi:mysql:$DSN", "ShrutiTest", "Shruti#92", {PrintError => 0})
or die "Couldn't connect to database: " . DBI->errstr;
print "Testing 3\n";
$dbh->disconnect;
error: Couldn't connect to database: Host 'ov046hanpgate01.ddc.teliasonera.net' is not allowed to connect to this MySQL server at D:\Integrations\OWF\Scripts\test27july.pl line 6.
Looks like you need to allow the user ShrutiTest to connect from the ip where you are running the script, viz. 131.116.220.220
It can be done at the MySQL server by any admin:
GRANT ALL PRIVILEGES ON *.* TO 'ShrutiTest'#'131.116.220.220'
This syntax "DBI:mysql:database=$db;host=$host;port=$port" worked for me in the perl script to connect to a remote MySQL DB from an Unix server.
Solved the same. Code used is:
#!/usr/bin/perl -w
use DBI;
## mysql user database name
$db ="Buffering";
## mysql database user name
$user = "ShrutiBuffer";
## mysql database password
$pass = "Shruti1234";
## user hostname : This should be "localhost" but it can be diffrent too
$host="131.116.220.228";
$port="3306";
## SQL query
$query = "select * from buffering.insert_data";
my $dbh = DBI->connect("DBI:mysql:database=$db;host=$host;port=$port",$user, $pass);
$sqlQuery = $dbh->prepare($query)
or die "Can't prepare $query: $dbh->errstr\n";
$sqlQuery->execute
or die "can't execute the query: $sqlQuery->errstr";
print "values are:: ";
while (#row= $sqlQuery->fetchrow_array()) {
print join(", ", #row), "\n";
}
$sqlQuery->finish;
exit(0);
I have an existing MySQL instance (test), containing 2 databases and a few users each having different access privileges to each database.
I now need to duplicate one of the databases (into production) and the users associated with it.
Duplicating the database was easy:
Export:
mysqldump --no-data --tables -u root -p secondb >> secondb_schema.sql
Import:
mysql -u root -p -h localhost secondb < secondb_schema.sql
I didn't find, however, a straightforward way to export and import users, from the command line (either inside or outside mysql).
How do I export and import a user, from the command line?
Update: So far, I have found manual (and thus error prone) steps for accomplishing this:
-- lists all users
select user,host from mysql.user;
Then find its grants:
-- find privilege granted to a particular user
show grants for 'root'#'localhost';
Then manually create user with the grants listed in the result of the 'show grants' command above.
I prefer a safer, more automated way. Is there one?
One of the easiest ways I've found to export users is using Percona's tool pt-show-grants. The Percona tool kit is free, easy to install, and easy to use, with lots of documentation.
It's an easy way to show all users, or specific users. It lists all of their grants and outputs in SQL format. I'll give an example of how I would show all grants for test_user:
shell> pt-show-grants --only test_user
Example output of that command:
GRANT USAGE ON *.* TO 'test_user'#'%' IDENTIFIED BY PASSWORD '*06406C868B12689643D7E55E8EB2FE82B4A6F5F4';
GRANT ALTER, INSERT, LOCK TABLES, SELECT, UPDATE ON `test`.* TO 'test_user'#'%';
I usually rederict the output into a file so I can edit what I need, or load it into mysql.
Alternatively, if you don't want to use the Percona tool and want to do a dump of all users, you could use mysqldump in this fashion:
shell> mysqldump mysql --tables user db > users.sql
Note: --flush-privileges won't work with this, as the entire db isn't being dumped. this means you need to run it manually.
shell> mysql -e "FLUSH PRIVILEGES"
mysql -u<user> -p<password> -h<host> -e"select concat('show grants for ','\'',user,'\'#\'',host,'\'') from mysql.user" > user_list_with_header.txt
sed '1d' user_list_with_header.txt > ./user.txt
while read user; do mysql -u<user> -p<password> -h<host> -e"$user" > user_grant.txt; sed '1d' user_grant.txt >> user_privileges.txt; echo "flush privileges" >> user_privileges.txt; done < user.txt
awk '{print $0";"}' user_privileges.txt >user_privileges_final.sql
rm user.txt user_list_with_header.txt user_grant.txt user_privileges.txt
Above script will run in linux environment and output will be user_privileges_final.sql that you can import in new mysql server where you want to copy user privileges.
UPDATE: There was a missing - for the user of the 2nd mysql statement.
In mysql 5.7 and later you can use this.
mysqlpump -uroot -p${yourpasswd} --exclude-databases=% --users
This will generate a sql format output that you can redirect to mysql_users.sql.
Note that it is mysqlpump not mysqldump.
Yet another bash one-liner for linux that you can use instead of the Percona tool:
mysql -u<user> -p<password> -h<host> -N mysql -e "select concat(\"'\", user, \"'#'\", host, \"'\"), coalesce(password, authentication_string) from user where not user like 'mysql.%'" | while read usr pw ; do echo "GRANT USAGE ON *.* TO $usr IDENTIFIED BY PASSWORD '$pw';" ; mysql -u<user> -p<password> -h<host> -N -e "SHOW GRANTS FOR $usr" | grep -v 'GRANT USAGE' | sed 's/\(\S\)$/\1;/' ; done
In complement of #Sergey-Podushkin 's answer, this shell script code is workin for me:
mysql -u<user> -p<password> -N mysql -e "select concat(\"'\", user, \"'#'\", host, \"'\"), authentication_string from user where not user like 'root'" | while read usr pw ; do mysql -u<user> -p<password> -N -e "SHOW GRANTS FOR $usr" | sed 's/\(\S\)$/\1;/'; done
PhpMyAdminYou can use phpMyAdmin.
Login and Go to your database or a table where the user has access.
Select privileges
All users with access are there.
Select Export. And a little window with all the GRANTS are there ready to copy and paste.
I tackled this with a small C# program. There is code here to generate a script or apply the grants directly from source to destination. If porting from a Windows -> *nix environment you may have to consider case sensitivity issues.
using System;
using MySql.Data.MySqlClient;
using System.Configuration;
using System.IO;
using System.Collections.Generic;
namespace GenerateUsersScript
{
class Program
{
static void Main(string[] args)
{
List<string> grantsQueries = new List<string>();
// Get A Show Grants query for each user
using (MySqlConnection sourceConn = OpenConnection("sourceDatabase"))
{
using (MySqlDataReader usersReader = GetUsersReader(sourceConn))
{
while (usersReader.Read())
{
grantsQueries.Add(String.Format("SHOW GRANTS FOR '{0}'#'{1}'", usersReader[0], usersReader[1]));
}
}
Console.WriteLine("Exporting Grants For {0} Users", grantsQueries.Count);
using (StreamWriter writer = File.CreateText(#".\UserPermissions.Sql"))
{
// Then Execute each in turn
foreach (string grantsSql in grantsQueries)
{
WritePermissionsScript(sourceConn, grantsSql, writer);
}
//using (MySqlConnection destConn = OpenConnection("targetDatabase"))
//{
// MySqlCommand command = destConn.CreateCommand();
// foreach (string grantsSql in grantsQueries)
// {
// WritePermissionsDirect(sourceConn, grantsSql, command);
// }
//}
}
}
Console.WriteLine("Done - Press A Key to Continue");
Console.ReadKey();
}
private static void WritePermissionsDirect(MySqlConnection sourceConn, string grantsSql, MySqlCommand writeCommand)
{
MySqlCommand cmd = new MySqlCommand(grantsSql, sourceConn);
using (MySqlDataReader grantsReader = cmd.ExecuteReader())
{
while (grantsReader.Read())
{
try
{
writeCommand.CommandText = grantsReader[0].ToString();
writeCommand.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(grantsReader[0].ToString());
Console.WriteLine(ex.Message);
}
}
}
}
private static void WritePermissionsScript(MySqlConnection conn, string grantsSql, StreamWriter writer)
{
MySqlCommand command = new MySqlCommand(grantsSql, conn);
using (MySqlDataReader grantsReader = command.ExecuteReader())
{
while (grantsReader.Read())
{
writer.WriteLine(grantsReader[0] + ";");
}
}
writer.WriteLine();
}
private static MySqlDataReader GetUsersReader(MySqlConnection conn)
{
string queryString = String.Format("SELECT User, Host FROM USER");
MySqlCommand command = new MySqlCommand(queryString, conn);
MySqlDataReader reader = command.ExecuteReader();
return reader;
}
private static MySqlConnection OpenConnection(string connName)
{
string connectionString = ConfigurationManager.ConnectionStrings[connName].ConnectionString;
MySqlConnection connection = new MySqlConnection(connectionString);
connection.Open();
return connection;
}
}
}
with an app.config containing ...
<connectionStrings>
<add name="sourceDatabase" connectionString="server=localhost;user id=hugh;password=xxxxxxxx;persistsecurityinfo=True;database=MySql" />
<add name="targetDatabase" connectionString="server=queeg;user id=hugh;password=xxxxxxxx;persistsecurityinfo=True;database=MySql" />
</connectionStrings>
Here's what I'm using these days as part of my daily backup scripts (requires root shell and MySQL access, linux shell, and uses the mysql built-in schema:
First, I create a file /var/backup/mysqlroot.cnf containing the root password so I can automate my scripts and not hardcode any passwords in them:
[client]
password=(put your password here)
Then I create an export script which dumps create user commands and grants like this:
touch /var/backup/backup_sql.sh
chmod 700 /var/backup/backup_sql.sh
vi /var/backup/backup_sql.sh
And then write the following contents:
#!/bin/bash
mysql --defaults-extra-file=/var/backup/mysqlroot.cnf -sNe " \
SELECT \
CONCAT( 'CREATE USER \'', User, '\'#\'', Host, '\' IDENTIFIED BY \'', authentication_string, '\'\;' ) AS User \
FROM mysql.user \
WHERE \
User NOT LIKE 'mysql.%' AND CONCAT( User, Host ) <> 'rootlocalhost' AND User <> 'debian-sys-maint' \
"
mysql --defaults-extra-file=/var/backup/mysqlroot.cnf -sNe " \
SELECT \
CONCAT( '\'', User, '\'#\'', Host, '\'' ) as User FROM mysql.user \
WHERE \
User NOT LIKE 'mysql.%' \
AND CONCAT( User, Host ) <> 'rootlocalhost' \
AND User <> 'debian-sys-maint' \
" | sort | while read u ;
do echo "-- $u"; mysql --defaults-extra-file=/var/backup/mysqlroot.cnf -sNe "show grants for $u" | sed 's/$/;/'
done
Then I just have to run it like this:
/var/backup/backup_sql.sh > /tmp/exportusers.sql
A PHP script to loop over your users to get the grant commands would be as such:
// Set up database root credentials
$host = 'localhost';
$user = 'root';
$pass = 'YOUR PASSWORD';
// ---- Do not edit below this ----
// Misc settings
header('Content-type: text/plain; Charset=UTF-8');
// Final import queries goes here
$export = array();
// Connect to database
try {
$link = new PDO("mysql:host=$host;dbname=mysql", $user, $pass);
} catch (PDOException $e) {
printf('Connect failed: %s', $e->getMessage());
die();
}
// Get users from database
$statement = $link->prepare("select `user`, `host`, `password` FROM `user`");
$statement->execute();
while ($row = $statement->fetch())
{
$user = $row[0];
$host = $row[1];
$pass = $row[2];
$export[] = "CREATE USER '{$user}'#'{$host}' IDENTIFIED BY '{$pass}'";
// Fetch any permissions found in database
$statement2 = $link->prepare("SHOW GRANTS FOR '{$user}'#'{$host}'");
$statement2->execute();
while ($row2 = $statement2->fetch())
{
$export[] = $row2[0];
}
}
$link = null;
echo implode(";\n", $export);
Gist: https://gist.github.com/zaiddabaeen/e88a2d10528e31cd6692
pass=your_password_here; \
MYSQL_PWD=$pass mysql -B -N -uroot -e "SELECT CONCAT('\'', user,'\' ','\'', host,'\' ','\'', authentication_string,'\' ','\'', plugin,'\'') FROM mysql.user WHERE user != 'debian-sys-maint' AND user != 'root' AND user != 'mysql.sys' AND user != 'mysql.session' AND user != ''" > mysql_all_users.txt; \
while read line; do linearray=(${line}); \
MYSQL_PWD=$pass mysql -B -N -uroot -e "SELECT CONCAT('CREATE USER \'',${linearray[0]},'\'#\'',${linearray[1]},'\' IDENTIFIED WITH \'',${linearray[3]},'\' AS \'',${linearray[2]},'\'')"; \
done < mysql_all_users.txt > mysql_all_users_sql.sql; \
while read line; do linearray=(${line}); \
MYSQL_PWD=$pass mysql -B -N -uroot -e "SHOW GRANTS FOR ${linearray[0]}#${linearray[1]}"; \
done < mysql_all_users.txt >> mysql_all_users_sql.sql; \
sed -e 's/$/;/' -i mysql_all_users_sql.sql; \
echo 'FLUSH PRIVILEGES;' >> mysql_all_users_sql.sql; \
unset pass
First mysql command : export all users to file and exclude some.
Second mysql command : loop users from file to write a sql command 'create user' to an exported file (with authentication credentials).
Third mysql command : loop users from file to append their privileges to the exported file.
sed command to append a ";" to end of lines and flush privileges to finish.
To import : MYSQL_PWD=$pass mysql -u root < mysql_all_users_sql.sql
SELECT CONCAT('\create user ', user,'\'#\'', host, '\' identified by ', "'", authentication_string, "'"'\;') FROM user WHERE user != 'mysql.session' AND user !='mysql.sys' AND user != 'root' AND user != '';
I had the same problem. The solution is that after the import of the backup you need to do a "flush privileges;". Then the privileges of the users will be active as in the original database.
So execute:
mysql -u root -p -h localhost secondb < secondb_schema.sql
mysql -u root
then in mysql:
flush privileges;