Can't recreate mysql user - mysql

I am using mysql-server 5.5.41-0+wheezy1 on Debian 3.2.54-2 x86_64
I have problems (not related to mysql) on some on my web app that uses mysql table so I am doing a re-install of the app
I started with aptitude remove packagename to remove my app and mysql-server, but it seems that it did not remove/delete the currently used mysql databases
When I reinstall mysql-server the previous database still used. I drop the previous user to create a new one using the command drop user olduser and also I drop the old database drop database olddb
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
Now when I recreate the database with new name, it is a sucess, but if I recreate the same old user create user 'olduser'#'localhost' identified by 'somesecret'; it will always say ERROR 1396 (HY000): Operation CREATE USER failed for 'olduser'#'localhost' Creating a different user is a success, but this problem of recreating the same old user is bugging me. Is there something wrong or something I missed?
I have tried flush privileges

Well it's kinda hard to debug this without having any access to the database, this error is common with MySQL, but normally a FLUSH PRIVILEGES fix it. Anyway, if really the user is dropped you can bypass it that way :
CREATE USER 'anyuser'#'localhost' IDENTIFIED BY 'test123';
UPDATE mysql.user SET USER='olduser' WHERE USER='anyuser';
Note that to completly remove an user, you must delete all datas associated to it in these tables : columns_priv, db, procs_priv, tables_priv. Then finally execute flush privileges.
From the doc :
DROP USER does not automatically drop or invalidate databases or
objects within them that the old user created. This includes stored
programs or views for which the DEFINER attribute names the dropped
user. Attempts to access such objects may produce an error if they
execute in definer security context. (For information about security
context, see Section 18.5, “Access Control for Stored Programs and
Views”.)

Related

Importing mysql5.8 dump into mariadb 10.5 does not let me use already created users

I've a very fresh installation of mariadb-server-10.5 (1:10.5.15-0+deb11u1) on a freshly installed debian 11.1 .
On the old machine with mysql-server (5.5.9999+default) and debian 9.6 I created a dump like this:
mysqldump -u root -pSOMEPW --all-databases > all_databases.dump
and I loaded this dump on the new server:
source /path/to/all_databases.dump
. The source took a while, did not result any error, however it beeped once at the end (no visible error or warning message).
Checking the mysql.user table it has only 3 entries for root, mysql and mariadb.sys , so I tried to create users (which were existing and used on the old machine) with this command:
create user 'testuser'#'localhost' identified by 'pw';
but it result this error:
ERROR 1396 (HY000): Operation CREATE USER failed for 'testuser'#'localhost'
.
With a short script checking all the tables of the mysql db the 'testuser' appears in 3 different tables, but as a User only in the db table twice like this:
| Host | Db | User | Select_priv
| localhost | somedb | testuser | Y
| localhost | somedbp2 | testuser | Y
.
I think that might cause create user to fail.
How could I fix this issue without losing the information in the db table?
Thanks.
In general you need to run mysql_upgrade whenever you switch to a more recent MySQL or MariaDB release, or after importing a backup taken from an older major version.
This is especially true for MariaDB 10.4 and later when importing from MySQL or from MariaDB 10.3 or earlier, as the internal privilege tables changed substantially with 10.4.
mysql.user table was replaced by mysql.global_priv in 10.4, allowing for more fine grained authentication control, e.g. supporting multiple authentication plugins for a single user.
So now mysql.user is just a VIEW presenting information from mysql.global_priv in a backwards compatible way. Simple information like user and host name can still be modified via that view directly as it is an updateable view, but this does not work for the more complex columns.
And commands like CREATE USER now directly operate on the mysql.global_priv table anyway, the errors you are getting are due to that table not being present in your imported dump.
The good news is: mysql_upgrade will take care of the necessary conversion, and after that CREATE USER should work again.
See also: https://mariadb.com/kb/en/mysql_upgrade/
See also: https://mariadb.com/kb/en/mysqlglobal_priv-table/

Using MySQL instance on AWS EMR cluster

I created an AWS EMR instance and logged in "Master" console via putty. I'm able to get in to MySQL command line on the console. I login as "hadoop#localhost"
mysql> SELECT user();
+------------------+
| user() |
+------------------+
| hadoop#localhost |
+------------------+
Now I want to create some users and databases for other projects. When I try to create a new user on MYSQL I get the below error.
How can I create user on EMR-MySQL instance, and give them permission ?
mysql> CREATE USER 'dbadmin'#'localhost' IDENTIFIED BY 'dbadmin';
ERROR 1227 (42000): Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
BTW when I login to MySQL console, it automatically logs me in as "hadoop#localhost", as that is the user I used to login to machine via putty.
Please advise. Thanks.
Hive uses MySQL for its metadata store on EMR. You will need to stop the MySQL service, restart in safe mode and do a standard root password recovery. This will give you root access. However, STOP and don't do this. Create your MySQL database somewhere else.
you could do sudo mysql and it should work.
sudo mysql
CREATE USER 'dbadmin'#'localhost' IDENTIFIED BY 'dbadmin';
Query OK, 0 rows affected (0.00 sec)

1148 - The used command is not allowed with this MySQL version [duplicate]

I have a PHP script that calls MySQL's LOAD DATA INFILE to load data from CSV files. However, on production server, I ended up with the following error:
Access denied for user ... (using password: yes)
As a quick workaround, I changed the command to LOAD DATA LOCAL INFILE which worked. However, the same command failed on client's server with this message:
The used command is not allowed with this MySQL version
I assume this has something to do with the server variable: local_infile = off as described here.
Please suggest a workaround that does not involve changing server settings. Note that phpMyAdmin utility installed on the same server appears to accept CSV files though I am not sure it it uses LOAD DATA (LOCAL) INFILE.
Ran into the same issue as root and threw me for a moment
could be an issue with your server settings set with compile
to test login to console with the same user and try your load data command
if you get the same error, try closing console and running
mysql -u USER -p --local-infile=1 DATABASE
now try running load data command again
if it works then you're going to need to restart mysqld with command line option or re-install with configuration option
references (references are for 5.0 but worked for me with 5.5):
http://dev.mysql.com/doc/refman/5.0/en/load-data-local.html
http://dev.mysql.com/doc/refman/5.0/en/mysql-command-options.html#option_mysql_local-infile
I found that I need to connect to database like this:
$dbh=mysql_connect($server,$dbuser,$dbpass,false,128);
Passing 128 in the flags parameter is the key.
See http://www.php.net/manual/en/mysql.constants.php#mysql.client-flags to read more about the flags.
take a look to this permission list, you can add them separately, IE. you can insert but not update, or you can delete but not select, etc...
ALL [PRIVILEGES] Grant all privileges at specified access level except GRANT OPTION
ALTER Enable use of ALTER TABLE
ALTER ROUTINE Enable stored routines to be altered or dropped
CREATE Enable database and table creation
CREATE ROUTINE Enable stored routine creation
CREATE TEMPORARY TABLES Enable use of CREATE TEMPORARY TABLE
CREATE USER Enable use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES
CREATE VIEW Enable views to be created or altered
DELETE Enable use of DELETE
DROP Enable databases, tables, and views to be dropped
EVENT Enable use of events for the Event Scheduler
EXECUTE Enable the user to execute stored routines
FILE Enable the user to cause the server to read or write files
GRANT OPTION Enable privileges to be granted to or removed from other accounts
INDEX Enable indexes to be created or dropped
INSERT Enable use of INSERT
LOCK TABLES Enable use of LOCK TABLES on tables for which you have the SELECT privilege
PROCESS Enable the user to see all processes with SHOW PROCESSLIST
REFERENCES Not implemented
RELOAD Enable use of FLUSH operations
REPLICATION CLIENT Enable the user to ask where master or slave servers are
REPLICATION SLAVE Enable replication slaves to read binary log events from the master
SELECT Enable use of SELECT
SHOW DATABASES Enable SHOW DATABASES to show all databases
SHOW VIEW Enable use of SHOW CREATE VIEW
SHUTDOWN Enable use of mysqladmin shutdown
SUPER Enable use of other administrative operations such as CHANGE MASTER TO, KILL, PURGE BINARY LOGS, SET GLOBAL, and mysqladmin debug command
TRIGGER Enable trigger operations
UPDATE Enable use of UPDATE
USAGE Synonym for “no privileges”
I think you have permision to select, delete, insert, update, but no to do other stuff,
use this command:
SHOW GRANTS
he will show you what you are able to to, in my case.
jcho360> show grants;
+-------------------------------------------------------+
| Grants for jbolivar#localhost |
+-------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'jbolivar'#'localhost' |
+-------------------------------------------------------+
1 row in set (0.00 sec)

Table 'DBName.user' doesn't exist when trying to change root user name

I have just installed MySQL on Debian 7.0.0.
I successfully imported by database from another system using
mysql -u root -p DBName <mysql27May13.dump
I then successfully logged onto MySQL using
mysql -u root -p
I then successfully selected the database using
use DBName;
Also
show tables;
showed the tables I imported. However, when I try to change the root user name using
update user set user='SomeNewName' where user='root';
I get the error message
ERROR 1146 (42S02): Table 'DBName.user' doesn't exist
If you want to change a MySQL username you should use RENAME USER
RENAME USER root#localhost TO other_user#localhost
The table you want to update -- user, in this case -- is not within your database (which I assume is called DBName, here). The database you need is, in fact, simply called mysql.
You can work around this in a few ways:
Run your update on mysql.user instead of user.
use mysql before you do the update.
Use the supplied RENAME keyword to do the job instead, as #ExplosionPills suggests.
I'd suggest always taking approach #3 for user management unless you know for sure you're trying to do something the built-in commands can't handle. Chances are, you're not -- and if you are, you'll know it.

MySQL error 1449: The user specified as a definer does not exist

When I run the following query I get an error:
SELECT
`a`.`sl_id` AS `sl_id`,
`a`.`quote_id` AS `quote_id`,
`a`.`sl_date` AS `sl_date`,
`a`.`sl_type` AS `sl_type`,
`a`.`sl_status` AS `sl_status`,
`b`.`client_id` AS `client_id`,
`b`.`business` AS `business`,
`b`.`affaire_type` AS `affaire_type`,
`b`.`quotation_date` AS `quotation_date`,
`b`.`total_sale_price_with_tax` AS `total_sale_price_with_tax`,
`b`.`STATUS` AS `status`,
`b`.`customer_name` AS `customer_name`
FROM `tbl_supplier_list` `a`
LEFT JOIN `view_quotes` `b`
ON (`b`.`quote_id` = `a`.`quote_id`)
LIMIT 0, 30
The error message is:
#1449 - The user specified as a definer ('web2vi'#'%') does not exist
Why am I getting that error? How do I fix it?
This commonly occurs when exporting views/triggers/procedures from one database or server to another as the user that created that object no longer exists.
You have two options:
1. Change the DEFINER
This is possibly easiest to do when initially importing your database objects, by removing any DEFINER statements from the dump.
Changing the definer later is a more little tricky:
How to change the definer for views
Run this SQL to generate the necessary ALTER statements
SELECT CONCAT("ALTER DEFINER=`youruser`#`host` VIEW ",
table_name, " AS ", view_definition, ";")
FROM information_schema.views
WHERE table_schema='your-database-name';
Copy and run the ALTER statements
How to change the definer for stored procedures
Example:
UPDATE `mysql`.`proc` p SET definer = 'user#%' WHERE definer='root#%'
Be careful, because this will change all the definers for all databases.
2. Create the missing user
If you've found following error while using MySQL database:
The user specified as a definer ('someuser'#'%') does not exist`
Then you can solve
it by using following :
GRANT ALL ON *.* TO 'someuser'#'%' IDENTIFIED BY 'complex-password';
FLUSH PRIVILEGES;
From http://www.lynnnayko.com/2010/07/mysql-user-specified-as-definer-root.html
This worked like a charm - you only have to change someuser to the name of the missing user. On a local dev server, you might typically just use root.
Also consider whether you actually need to grant the user ALL permissions or whether they could do with less.
The user who originally created the SQL view or procedure has been deleted. If you recreate that user, it should address your error.
Follow these steps:
Go to PHPMyAdmin
Select Your Database
Select your table
On the top menu Click on 'Triggers'
Click on 'Edit' to edit trigger
Change definer from [user#localhost] to root#localhost
Hope it helps
I got the same error after updating mysql.
The error has been fixed after this command:
mysql_upgrade -u root
mysql_upgrade should be executed each time you upgrade MySQL. It
checks all tables in all databases for incompatibilities with the
current version of MySQL Server. If a table is found to have a
possible incompatibility, it is checked. If any problems are found,
the table is repaired. mysql_upgrade also upgrades the system tables
so that you can take advantage of new privileges or capabilities that
might have been added.
Create the deleted user like this :
mysql> create user 'web2vi';
or
mysql> create user 'web2vi'#'%';
If the user exists, then:
mysql> flush privileges;
Solution is just a single line query as below :
grant all on *.* to 'ROOT'#'%' identified by 'PASSWORD' with grant option;
Replace ROOT with your mysql user name.
Replace PASSWORD with your mysql password.
Fixed by running this following comments.
grant all on *.* to 'web2vi'#'%' identified by 'root' with grant option;
FLUSH PRIVILEGES;
if you are getting some_other instead of web2vi then you have to change the name accordingly.
For future googlers: I got a similar message trying to update a table in a database that contained no views. After some digging, it turned out I had imported triggers on that table, and those were the things defined by the non-existant user. Dropping the triggers solved the problem.
quick fix to work around and dump the file:
mysqldump --single-transaction -u root -p xyz_live_db > xyz_live_db_bkup110116.sql
grant all on *.* to 'username'#'%' identified by 'password' with grant option;
example:
grant all on *.* to 'web2vi'#'%' identified by 'password' with grant option;
I had the same problem with root user ans it worked for me when I replaced
root#%
by
root#localhost
So, if the user 'web2vi' is allowed to connect from 'localhost', you can try:
web2vi#localhost
I'm connected remotely to the database.
The user 'web2vi' does not exist on your mysql server.
See http://dev.mysql.com/doc/refman/5.1/en/error-messages-server.html#error_er_no_such_user
If that user does exist, check what servers it can access from, although I would have thought that would be a different error (EG you might have web2vi#localhost, but you are accessing the db as web2vi#% (At anything)
This happened to me after moving the DB from one server to another server. Initially, the definer was using localhost and the user. On the new server we don't have that user, and host had also been changed. I took a back up of that particular table and removed all the triggers manually from phpmyadmin. After that it has been working fine for me.
Why am I getting that error? How do I fix it?
I spent a hour before found a decision for a problem like this. But, in my case, I ran this:
mysql> UPDATE `users` SET `somefield` = 1 WHERE `user_id` = 2;
ERROR 1449 (HY000): The user specified as a definer ('root'#'%') does not exist
If you really want to find the problem, just run this commands one by one:
SHOW PROCEDURE STATUS;
SHOW FUNCTION STATUS;
SHOW TRIGGERS;
SHOW FULL TABLES IN database_name WHERE TABLE_TYPE LIKE 'VIEW';
...and, after each of them, look for the field 'definer'.
In my case it was bearded old trigger, that somebody of developers forgot to delete.
My 5 cents.
I had same error while I tried to select from a view.
However problem appears to be that this view, selected from another view that was restored from backup from different server.
and in fact, YES, user was invalid, but was not obvious where to from the first look.
I had your very same problem minutes ago, I ran into this issue after deleting an unused user from mysql.user table, but doing an alter view fixed it, here is a handy command that makes it very simple:
SELECT CONCAT("ALTER DEFINER=`youruser`#`host` VIEW ",
table_name," AS ", view_definition,";") FROM
information_schema.views WHERE table_schema='databasename'
Mix this with the mysql command line (assuming *nix, not familiar with windows):
> echo above_query | mysql -uuser -p > alterView.sql
> mysql -uuser -ppass databasename < alterView.sql
Note: the command generates and extra SELECT CONCAT on the file, making mysql -uuser -ppass databasename < alterView.sql fail if you don't remove it.
Source: https://dba.stackexchange.com/questions/4129/modify-definer-on-many-views
Try to set your procedure as
SECURITY INVOKER
Mysql default sets procedures security as "DEFINER" (CREATOR OF).. you must set the security to the "invoker".
From MySQL reference of CREATE VIEW:
The DEFINER and SQL SECURITY clauses specify the security context to be used when checking access privileges at view invocation time.
This user must exist and is always better to use 'localhost' as hostname. So I think that if you check that the user exists and change it to 'localhost' on create view you won't have this error.
Your view, "view_quotes" may have been copied from a different database where "web2vi" is a valid user into a database where "web2vi" is not a valid user.
Either add the "web2vi" user to the database or alter the view (normally removing the DEFINER='web2vi'#'%' part and executing the script will do the trick)
In my case, the table had a trigger with a DEFINER user that didn't exist.
You can change the definer for a specific database to an existing user:
UPDATE mysql.proc SET definer = 'existing_user#localhost' WHERE db = 'database_name';
The problem is clear - MySQL cannot find user specified as the definer.
I encountered this problem after synchronizing database model from development server, applying it to localhost, making changes to the model and then reapplying it to localhost. Apparently there was a view (I modified) defined and so I couldn't update my local version.
How to fix (easily):
Note: it involves deleting so it works just fine for views but make sure you have data backed-up if you try this on tables.
Login to database as root (or whatever has enough power to make changes).
Delete view, table or whatever you are having trouble with.
Synchronize your new model - it will not complain about something that does not exist now. You may want to remove SQL SECURITY DEFINER part from the item definition you had problems with.
P.S. This is neither a proper nor best-all-around fix. I just posted it as a possible (and very simple) solution.
You can try this:
$ mysql -u root -p
> grant all privileges on *.* to `root`#`%` identified by 'password';
> flush privileges;
For me, removing the '' from the DEFINER did the trick.
DEFINER = user#localhost
Go into the edit routine section and and at the bottom, change Security Type from Definer to Invoker.
One or several of your views where created/registered by another user. You'll have to check the owner of the view and:
Recreate the user; as the other answers say.
or
Recreate the views that where created by the user 'web2vi' using ALTER VIEW
I had this problem once.
I was trying to migrate views, from BD1 to BD2, using SQLYog. SQLYog recreated the views in the other DataBase (DB2), but it kept the user of BD1 (they where different). Later I realized that the views I was using in my query were having the same error as you, even when I wasn't creating any view.
Hope this help.
If this is a stored procedure, you can do:
UPDATE `mysql`.`proc` SET definer = 'YournewDefiner' WHERE definer='OldDefinerShownBefore'
But this is not advised.
For me, better solution is to create the definer:
create user 'myuser' identified by 'mypass';
grant all on `mytable`.* to 'myuser' identified by 'mypass';
when mysql.proc is empty, but system always notice "user#192.168.%" for table_name no exist,you just root in mysql command line and type:
CHECK TABLE `database`.`table_name` QUICK FAST MEDIUM CHANGED;
flush privileges;
over!
in my case I had a trigger on that table that I could not update data getting the same error.
MySQL error 1449: The user specified as a definer does not exist
the solution was to delete the triggers on that table and recreate them again, this fixed the issue, since the the trigger was made with another user from another server, and the user name changed on the new server after changing hosting company . that's my 2 cents