I want to create new DB in mysql.
I am logged in as root. I have set password for root user.
mysql> SHOW GRANTS FOR root;
+---------------------------------------------------------------------------------------------+
| Grants for root#% |
+---------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY PASSWORD <secret> WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'%' WITH GRANT OPTION
|
+---------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> create database xxx;
ERROR 1044 (42000): Access denied for user 'root'#'localhost' to database 'xxx'
One thing I notice that i do not have mysql db
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| info_schema |
| sms_auto |
| smstest |
+--------------------+
Please can you help me
Make sure you set your user privileges right
Like -host localhost -user root and -pass {your pass word}
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY PASSWORD;. Set a user privilege to a particular user like people and then follow the example grant all on people.*to 'root'#'localhost' identified by 'PASSWORD';
I have started MySQL in safe mode then assigned appropriate privileges( Referenced from here)
Stop MySQL service
Run mysqld_safe --skip-grant-tables &
Type MySQL -u root -p and press enter.
Enter your password
At the MySQL command line enter: use mysql;
After this, I have updated the privileges in mysql.user table for appropriate host and user. Flush privileges;
Now this works for me
you can also refer the answer for update privilages
Related
I created one myaccount with a password and used :
select user,password,host,plugin from mysql.user;
+---------------------+-------------------------------------------+-----------+-------------+
| user | password | host | plugin |
+---------------------+-------------------------------------------+-----------+-------------+
| root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 | localhost | unix_socket |
| myaccount#localhost | *28F1DE8C4229B1D4F62F752EA3812747CE4E5CA0 | % | |
+---------------------+-------------------------------------------+-----------+-------------+
As you can see, there is no plugin configured for myaccount. I was expecting this would mean that I'd be allowed to access the mariadb with my password, but when logging from my account which is called libra and not myaccount I get a :
ERROR 1045 (28000): Access denied for user 'myaccount'#'localhost' (using password: YES)
How can I set the plugin attribute to allow password authentication from any account? myaccount doesn't exist as a user on my machine.
This isn't an auth plugin issue.
There's no account named 'myaccount'#'localhost' on your database. There is an account named 'myaccount#localhost'#'%', however. Yeah, that name is strange. Yeah, the way one creates accounts on MariaDB / MySQL is strange.
Try this:
CREATE USER 'myaccount'#'localhost' IDENTIFIED BY 'REDACTED';
GRANT ALL PRIVILEGES ON *.* TO 'myaccount'#'localhost' WITH GRANT OPTION;
CREATE USER 'myaccount'#'%' IDENTIFIED BY 'REDACTED';
GRANT ALL PRIVILEGES ON *.* TO 'myaccount'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
That will set you up to log in both from localhost and any other host, to accounts with administrative privileges on the server. That requires, on MariaDB / MySQL, two accounts. Sigh. (If you don't want administrative privileges, change the GRANT statements.)
And, of course, replace REDACTED with the password you want.
I tried following command to remove all permissions of a user for a specific table:
REVOKE all ON db.tb1 FROM 'user2'#'localhost';
but I got this error:
ERROR 1147 (42000): There is no such grant defined for user 'user2' on host 'localhost' on table 'tb1'
even if it already has all privileges for whole database.
MariaDB [(none)]> show grants for user2 #localhost;
+-------------------------------------------------------------------------
-------------------------------------+
| Grants for user2#localhost |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user2'#'localhost' IDENTIFIED BY PASSWORD '*DC52755F3C09F5923046BD42AFA76BD1D80DF2E9' |
| GRANT ALL PRIVILEGES ON `db`.* TO 'user2'#'localhost'
How can I fix it?
Grants don't include a negative grant structure to be recorded.
option 1) Move db.tb1 to its own database
option 2) give user2 and explicit whitelist of tables in db that they are allowed to access.
now, I can login the mysql with mysql -uroot -p, then I input my password.
Then I try to do this.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
But when I create database, i get an error:
mysql> CREATE DATABASE newdb;
ERROR 1044 (42000): Access denied for user 'root'#'localhost' to database 'newdb'
this is my grants:
mysql> show grants;
+------------------------------------------+
| Grants for root#localhost |
+------------------------------------------+
| GRANT USAGE ON *.* TO 'root'#'localhost' |
+------------------------------------------+
on the terminal with MacOSX. Thanks for any help.
From the docs, GRANT USAGE is a:
Synonym for “no privileges”
Leaving aside the point that this privilege has a confusing name, I'm not sure how/why you have such limited privileges for root, anyway.
What you want for root is GRANT ALL. Even better, leave root as-is and create a different superuser with local-only access to replace root. But do note that, in general, you want to give users only the bare minimum privileges necessary for whatever they need to do.
I have strange error. I am logged in local Mysql as root via command line. After creating database:
create database some_db;
Then giving privileges to some user:
grant all privileges on some_db.* to some_user#'localhost' identified by 'password';
This is giving error:
ERROR 1044 (42000): Access denied for user 'root'#'localhost' to database 'some_db'
The permissions for the root(show grants;) shows:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*8919C53DC7A4DFBF3F8584382E96463583EB7FDA'
I am also making sure i am logged in as root:
select current_user();
And this confirms that i am logged in as 'root'#'localhost'
I have created database and assigned user multiple times and never had an issue. Why i am unable assign user to the database created by root while logged in as root?
p.s. from other posts, i am thinking the issue may be caused due to some strange users
select host, user from mysql.user;
Some users that i have not added but does show up:
MY_COMPuTER_name.local | ''
MY_COMPuTER_name.local | root
I tried to delete these users
drop user 'root'#'MY_COMPuTER_name.local';
drop user ''#'MY_COMPuTER_name.local';
However, while it states query run successful, the users are not dropped even after flush privileges. Why i am unable delete users? Any help is much appricated
First, Identify the user you are logged in as:
select user();
select current_user();
The result for the first command is what you attempted to login as, the second is what you actually connected as. Confirm that you are logged in as root#localhost in mysql.
Grant_priv to root#localhost. Here is how you can check.
mysql> SELECT host,user,password,Grant_priv,Super_priv FROM mysql.user;
+-----------+------------------+-------------------------------------------+------------+------------+
| host | user | password | Grant_priv | Super_priv |
+-----------+------------------+-------------------------------------------+------------+------------+
| localhost | root | ***************************************** | N | Y |
| localhost | debian-sys-maint | ***************************************** | Y | Y |
| localhost | staging | ***************************************** | N | N |
+-----------+------------------+-------------------------------------------+------------+------------+
You can see that the Grant_priv is set to N for root#localhost. This needs to be Y. Below is how to fixed this:
UPDATE mysql.user SET Grant_priv='Y', Super_priv='Y' WHERE User='root';
FLUSH PRIVILEGES;
GRANT ALL ON *.* TO 'root'#'localhost';
I logged back in, it was fine.
The reason i could not delete some of the users via 'drop' statement was that there is a bug in Mysql http://bugs.mysql.com/bug.php?id=62255 with hostname containing upper case letters. The solution was running following query:
DELETE FROM mysql.user where host='Some_Host_With_UpperCase_Letters';
I am still trying to figure the other issue where the root user with all permissions are unable to grant privileges to new user for particular database
If you get an error 1044 (42000) when you try to run SQL commands in MySQL (which installed along XAMPP server) cmd prompt, then here's the solution:
Close your MySQL command prompt.
Open your cmd prompt (from Start menu -> run -> cmd) which will show: C:\Users\User>_
Go to MySQL.exe by Typing the following commands:
C:\Users\User>cd\
C:\>cd xampp
C:\xampp>cd mysql
C:\xxampp\mysql>cd bin
C:\xampp\mysql\bin>mysql -u root
Now try creating a new database by typing:
mysql> create database employee;
if it shows:
Query OK, 1 row affected (0.00 sec)
mysql>
Then congrats ! You are good to go...
Try to comment string "sql-mode=..." in file my.cnf and than restart mysql.
I'm setting a MySQL server (actually a Percona server, but that shouldn't matter) and I'm setting a password to the root user. At the end, I have this:
mysql> select host, user, password from user;
+-----------+------------------+-------------------------------------------+
| host | user | password |
+-----------+------------------+-------------------------------------------+
| localhost | root | *huge string here, no kidding |
| localhost | debian-sys-maint | *another huge string here |
+-----------+------------------+-------------------------------------------+
2 rows in set (0.00 sec)
I thought this should not allow the root user to connect without a password. However, if I go to the command line, I can connect with mysql -u root or just mysql. If I do mysql -u root -p and hit enter for the password, then I get ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: NO).
Could anyone explain to me how to make sure a user can only connect with a password?
Edit: if relevant, I set the password with SET PASSWORD FOR 'root'#'localhost' = PASSWORD('somethinghere');
Edit: output of show grants, it indicates I used a password to login but I did not.
mysql> show grants;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*huge string here, no kidding' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
Facepalm. It turned out there was a .my.cnf on /root with username and password, and so it was possible to login only with mysql when using the root account (that's what I was using). It was created by a Chef recipe (percona was installed via Chef) and I wasn't aware of it.
The hint was to look at the output of show grants. Even though I entered no password it still said I entered one, so there must be one somewhere!