I try to execute query in phpmyadmin and get error:
#1142 - SELECT command denied to user 'cpses_tkdpmnyjWW'#'localhost' for table 'user'
So, user cpses_tkdpmnyjWW'#'localhost is created dynamically and I can not set privileges for this user.
How to fix this?
Use SHOW GRANTS to show your current user privileges. It sounds as though the output may be similar to:
GRANT USAGE ON *.* TO 'Unnamed'#'localhost'
This would mean the account could sign into the server but do little else. This page gives a more detailed breakdown, as you'll see there are quite a few permutations.
The solution is you need to either find an account with more privileges or create/update one.
If the above is not an option, one quick trick I may try is connecting to '127.0.0.1' instead of 'localhost'. In MySQL the source of the connection can form part of the username so it's plausible that connecting on an IP instead of socket if you are on Unix flavoured OS.
Additionally, if you have admin/root access to the server, it is possible to create users when MySQL starts which is very useful in some scenarios.
Related
I am using MySQL workbench 6.2.3. I want limit user access to an individual database.When one trying to open a database after getting in a connection, he/she should enter user name and password. Is there any provision to grant access to a database after entering valid username and password?
There's no way to require an additional password for a user once he logged in. Control access via the normal MySQL login. The user name used for that can be configured to have only access to the objects you want. The used user name decides what is allowed and what is not.
For commercial MySQL editions you can also use the new MySQL Firewall, which allows only a set of previously learned queries to be run by a given user. It's not a second login, but you can fine tune access levels for a given user.
I am not sure if this is what you are trying to achieve but you can do the following to grant a user the access to a single database and all its tables.
You login as root with "mysql -u root"
Then execute : GRANT ALL PRIVILEGES ON SpecificUserDB.* To 'TheUser'#'yourserver' IDENTIFIED BY 'secretpwd';
Hope this helps.
I recently moved a few websites of mine from one hosting to another, but I decided to keep databases on the old hosting.
I did all the steps:
whitelisted new server's IP
changed all dbcon config ''localhost'' to old server IP
even changed outdated ''mysql_connect'' with mysqli
Still I cannot establish db connection at all!
How do I troubleshoot this? I have bno idea where else to look!
There might be some issues with PHP in the new hosting!
In PHP settings, the dropdown menu of ''Select PHP version" has only WARNING:Alternatives and ERROR:User options. Shouldn't there be PHP versions???
You may have to look at the MySQL user connections from within MySQL.
Here is what you do:
SELECT user,host FROM mysql.user;
This will reveal where each MySQL user can connection from.
If a user has host='%', then that user can connect from anywhere.
If a user has host='10.20.30.%', then that user can connect from '10.20.30.%' netblock only.
Let's take the latter case: a specific netblock.
Suppose your new servers are on netblock 20.30.40.%. You may have to go to each user and change the netblock in mysql.user.
EXAMPLE: For the user myuser.'10.20.30.%', and you want to change myuser to access MySQL from netblock 20.30.40.%, you would login to the DB server, connect to mysql as root#localhost, and execute this:
UPDATE mysql.user SET host='20.30.40.%' WHERE host='10.20.30.%';
FLUSH PRIVILEGES;
This will update every user's host column with the new netblock.
You could always use the GRANT command instead of hacking it like I just suggested.
If you cannot change mysql.user in either way, you may have to ask the DB Host provider to do that for you.
Give it a Try !!!
We've configured our Plesk machine to use an external MySQL server. In doing so, we've granted ALL privileges WITH GRANT OPTION to the psaadmin user so we are able to create remote databases and users just fine. However, the users we create (i.e. 'wordpress_user') cannot run select statements on the remote server.
In checking permissions on the MySQL server, 'wordpress_user' has ALL PRIVILEGES to the database itself. I'm able to login to phpMyAdmin with that user and I'm able to login on the remote server console with that user. It's only when I try to run any query as that user that I get a 'ERROR 1045 (28000): Access denied for user' error.
Everything I've checked seems to indicate the user has full permissions. I've also used FLUSH PRIVILEGES as instructed by the docs. I've restarted Plesk, restarted MySQL, still nothing.
Can anyone help? Please?
I was able to find the problem. Apparently the problematic query was a view that had specific permissions? Regular selects, etc. worked fine (I didn't realize that). I was able to drop and recreate the view and it works great now.
I have a database to work with. There is phpMyAdmin and it works good but I want to use an external database manager. I use the same login account what PhP script uses, still query browser doesnt see a database.
Anyone can know why?
I would guess that with phpMyAdmin, you are accessing MySQL from the WebServer that has IP address 1.0.0.1.
Then, from the external DB manager, you are accessing from IP address 1.0.0.2.
MySQL handles authentication and authorization using IP address (among other things) to authorize. So it's probably the case that you don't have all permissions for 1.0.0.2 in your MySQL database.
Your account is probably limited to 'localhost' only, try adding 'user'#'remote-ip' aswell.
For example:
GRANT ALL ON db.* TO 'jsmith'#'office.example.com' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
How can we prevent the the query "show databases;" or "show tables;" in mysql for any non root user.Is this possible.If so please provide an example or appropriate link...indicating this..
Thanks in advance........
Non-root user sees all databases only if he has global rights (like GRANT something ON *.*). So the solution is to always grant everything ON databasename.* , never global.
I would give show_db_priv a try:
http://dev.mysql.com/doc/refman/5.1/en/grant-table-structure.html
But, there have been reports of this not working. See this bug entry:
http://bugs.mysql.com/bug.php?id=1048
Can't get you a link right now, but this is a permissions issue at heart and control over access to the root user.
On something like phpmyadmin or some other tool, you want to revoke permissions on these two databases (and any others) to all users except for your root admin. If you're on a shared server where you typically get one user for your one database you'll need to talk to your host.
My general rule (if I've got permissions control over the db server) is to create a new user for a specific database or (subset of tables) and always use that user only from the web or other application that talks to the db. It's more setup initially, but once you've got it setup you've got much more control and know that one application can't interfere with another.
Root access is simply not allowed for application use - its for maintenance only.