This is from my terminal in mac.
130-229-0-129-dhcp:~ suyeshamatya$ mysql
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
+--------------------+
2 rows in set (0.00 sec)
mysql> quit
Bye
130-229-0-129-dhcp:~ suyeshamatya$ mysql -u root -p
Enter password:
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| lportal |
| mysql |
| performance_schema |
| test |
+--------------------+
5 rows in set (0.00 sec)
Can someone please explain why mysql is showing different number of databases when connecting without any username/password and when connecting with root username/password?
UPDATE:
Connected without username/password
mysql> show grants;
+--------------------------------------+
| Grants for #localhost |
+--------------------------------------+
| GRANT USAGE ON *.* TO ''#'localhost' |
+--------------------------------------+
1 row in set (0.00 sec)
Connected with root username/password
mysql> show grants;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '********************' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
Grant USAGE means no privileges for that user according to Manual. So when you login without username and password. It will show default mysql schema. If you want to user using following query:
select User from mysql.user;
It will throw error like
SELECT command denied to user ''#'localhost' for table 'user';
Which means you do not have permission on default database to view users details.
If you login with username and password then all the databases created by that User will show you.
I am not sure but I think that the the "unknown user" has no privileges to see the other databases. Please check this in the mysql database.
Related
I am trying to add a user called admin in mariadb and grant them all permissions from any host.
I can see the users get added by examining the rows in mysql.user and after I create the user I see entries for 'admin'#'localost' and 'admin'#'%', but when I try to perform the grants, they don't get actioned;
Here's what I'm doing as the root user.
MariaDB [mysql]> CREATE USER 'admin'#'localhost' IDENTIFIED BY 'mypswd';
Query OK, 0 rows affected (0.000 sec)
MariaDB [mysql]> select user, host, password from mysql.user;
+-------+-----------+-------------------------------------------+
| user | host | password |
+-------+-----------+-------------------------------------------+
| root | localhost | |
| root | 127.0.0.1 | |
| root | ::1 | |
| admin | localhost | *81C702316842FA904B04F249E80134D93FEDB64C |
+-------+-----------+-------------------------------------------+
4 rows in set (0.000 sec)
MariaDB [mysql]> CREATE USER 'admin' IDENTIFIED BY 'mypswd';
Query OK, 0 rows affected (0.000 sec)
MariaDB [mysql]> select user, host, password from mysql.user;
+-------+-----------+-------------------------------------------+
| user | host | password |
+-------+-----------+-------------------------------------------+
| root | localhost | |
| root | 127.0.0.1 | |
| root | ::1 | |
| admin | % | *81C702316842FA904B04F249E80134D93FEDB64C |
| admin | localhost | *81C702316842FA904B04F249E80134D93FEDB64C |
+-------+-----------+-------------------------------------------+
5 rows in set (0.000 sec)
MariaDB [mysql]> GRANT ALL PRIVILEGES ON *.* TO 'admin'#'%' IDENTIFIED BY 'mypswd';
Query OK, 0 rows affected (0.000 sec)
MariaDB [mysql]> GRANT ALL PRIVILEGES ON *.* TO 'admin'#'localhost' IDENTIFIED BY 'mypswd';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> show grants;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*4B431B2B44AFED5F3EBCF1E6DFB60B3164A4B0D4' WITH GRANT OPTION |
| GRANT PROXY ON ''#'%' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)
Why are my GRANT's not working?
Sorry, my bad. I did search quite hard for an answer but I only just discovered that if you are logged in as root from localhost and just use SHOW GRANTS; it will show you just those grants for 'root'#'localhost'.
I needed to do this:
MariaDB [mysql]> SHOW GRANTS FOR 'admin'#'%';
+---------------------------------------------------------------------------------------------------------------+
| Grants for admin#% |
+---------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'admin'#'%' IDENTIFIED BY PASSWORD '*81C702316842FA904B04F249E80134D93FEDB64C' |
+---------------------------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)
MariaDB [mysql]> SHOW GRANTS FOR 'admin'#'localhost';
+-----------------------------------------------------------------------------------------------------------------------+
| Grants for admin#localhost |
+-----------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'admin'#'localhost' IDENTIFIED BY PASSWORD '*81C702316842FA904B04F249E80134D93FEDB64C' |
+-----------------------------------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)
I didn't find this intuitive.
mysql> select user,host from mysql.user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| debian-sys-maint | localhost |
| developer | localhost |
| jack | localhost |
| root | localhost |
| root | rebuild |
+------------------+-----------+
7 rows in set (0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wpdatabase |
+--------------------+
4 rows in set (0.00 sec)
mysql> CREATE USER wpuser#localhost;
ERROR 1396 (HY000): Operation CREATE USER failed for 'wpuser'#'localhost'
Why can't create a new user in mysql? The user wpuser is not in the table user.
I neved used databases, so can anyone help me on how to create a new user ?
No,it is not the problem of password(123456 is the key of mysql database).
mysql> CREATE USER 'wpuser'#'localhost' IDENTIFIED BY '123456';
ERROR 1396 (HY000): Operation CREATE USER failed for 'wpuser'#'localhost'
It is so strange ,please go on .
Why CREATE USER wpuser#localhost; can't ; CREATE USER wpusers#localhost; can?
I had the same problem I believe. I accidentally created 'myuser', deleted it using the command below, and then I cannot create the user, although its not showing up on mysql.user table
I tried these commands for deleting but to no avail.
delete user from mysql.user where user='myuser'
delete user from mysql.user where user='myuser' and host='localhost'
delete user from mysql.user where user='myuser' and host='%'
It worked for me when I use this command to remove the user.
DROP USER 'myuser'#'localhost';
In between trying out these commands I FLUSH PRIVILEGES as though I'm on diarrhoea. So in case it still does not work, do what Begueradj suggested.
The user you want to creat must have a MySQL password:
CREATE USER 'wpuser'#'localhost' IDENTIFIED BY 'password';
Then give him permissions:
GRANT ALL PRIVILEGES ON * . * TO 'wpuser'#'localhost';
Do not forget to reload all the privileges:
FLUSH PRIVILEGES;
Hope this helps you.
For me, I got this error in mysql workbench on trying to re-add a user that I had in the DB, but then I tried this query & found that the user was actually added:
select user, host from mysql.user
So I suggest if someone gets that error in mysql workbench to try this query as a first measure before the more complex solutions as the user might be already created.
I have mysql Server version: 5.5.32-0ubuntu0.12.04.1 (Ubuntu) installed linux Ubuntu 12.04 LTS.
I seem to have all the permissions as root. I can create a user and a db. However, I cannot seem to give the user all the permissions to the db.
My .my.cnf:
[client]
user=root
password=test
I login through mysql -u root -h localhost -p, but I cannot login without the -p option though I have the .my.cnf (not an issue, but odd).
There were a bunch of root users, so I got rid of them and I have these users:
mysql> SELECT host,user,password FROM mysql.user;
+-----------+------------------+-------------------------------------------+
| host | user | password |
+-----------+------------------+-------------------------------------------+
| localhost | root | ***************************************** |
| localhost | debian-sys-maint | ***************************************** |
+-----------+------------------+-------------------------------------------+
mysql> SHOW GRANTS FOR 'root'#'localhost';
+----------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*****************************************' |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------+
Now, I create a db, a user. The last line shows an error when I grant permissions. Can you please let me know why I am getting this error and what I can do to make this work?
mysql> create database staging;
Query OK, 1 row affected (0.00 sec)
mysql> CREATE USER 'staging'#'localhost' IDENTIFIED BY 'test';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON staging.* TO 'staging'#'localhost';
ERROR 1044 (42000): Access denied for user 'root'#'localhost' to database 'staging'
First, Identify the user you are logged in as:
select user(); select current_user();
The result for the first command is what you attempted to login as, the second is what you actually connected as. Confirm that you are logged in as root#localhost in mysql.
The issue was that the installation I came up with did not provide Grant_priv to root#localhost. Here is how you can check.
mysql> SELECT host,user,password,Grant_priv,Super_priv FROM mysql.user;
+-----------+------------------+-------------------------------------------+------------+------------+
| host | user | password | Grant_priv | Super_priv |
+-----------+------------------+-------------------------------------------+------------+------------+
| localhost | root | ***************************************** | N | Y |
| localhost | debian-sys-maint | ***************************************** | Y | Y |
| localhost | staging | ***************************************** | N | N |
+-----------+------------------+-------------------------------------------+------------+------------+
You can see that the Grant_priv is set to N for root#localhost. This needs to be Y. Here is how I fixed this:
UPDATE mysql.user SET Grant_priv='Y', Super_priv='Y' WHERE User='root';
FLUSH PRIVILEGES;
GRANT ALL ON *.* TO 'root'#'localhost';
I did get some permission error, but when I logged back in, it was fine.
try flushing privileges after granting permissions
GRANT ALL PRIVILEGES ON staging.* TO 'staging'#'localhost' IDENTIFIED BY 'test';
FLUSH PRIVILEGES;
For those who still stumble upon this like I did, it's worth checking to make sure the attempted GRANT does not already exist:
SHOW GRANTS FOR username;
In my case, the error was not actually because there was a permission error, but because the GRANT already existed.
I created a database from the mysql prompt. It is named "spring_security_tutorial".
Then, I created a user named "erdinc#localhost" and granted the user all the privileges for the "spring_security_tutorial" db.
Here is the "show databases" result when I am connected as root:
mysql> show databases;
+--------------------------+
| Database |
+--------------------------+
| information_schema |
| mysql |
| performance_schema |
| spring_security_tutorial |
| springsecurity |
| test |
+--------------------------+
6 rows in set (0.00 sec)
Here is the result of the command "use spring_security_tutorial" when I am connected as root:
mysql> use spring_security_tutorial;
ERROR 1049 (42000): Unknown database 'spring_security_tutorial'
Here is the result of the command "select user(), current_user()":
mysql> select user(), current_user()
+----------------+----------------+
| user() | current_user() |
+----------------+----------------+
| root#localhost | root#localhost |
+----------------+----------------+
1 row in set (0.00 sec)
Here are the privileges of the root and erdinc users:
mysql> show grants for 'root'#'localhost';
+---------------------------------------------------------------------+
| Grants for root#localhost |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> show grants for 'erdinc'#'localhost';
+---------------------------------------------------------------------------------------------------------------+
| Grants for erdinc#localhost |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'erdinc'#'localhost' IDENTIFIED BY PASSWORD '*8DCDD69CE7D121DE8013062AEAEB2A148910D50E' |
| GRANT ALL PRIVILEGES ON `spring_security_tutorial`.* TO 'erdinc'#'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
I cannot use the spring_security_tutorial database as root user even if I can see it with "show databases".
Also, when I am connected as "erdinc#localhost", I cannot even show the mentioned database.
It just shows the test and information_schema databases.
I am looking up for this for a couple of hours now. Actually I used to use mysql in the past, either something changed in the usage or I am missing something very obvious because this used to be a trivial task.
Thanks in advance.
I've just installed MySQL Community server (5.5.8) on Mac OS X 10.6.6.
I've been following the rules for a secure install (assign password to root, delete anonymous accounts, etc), however, there is one user account which I can't DROP:
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql> drop user ''#'My-Computer-Hostname.local';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql>
As you can see, MySQL reports no errors when executing the DROP USER command, but doesn't actually delete the user!
I've tried also deleting the user from within phpMyAdmin (3.3.9) and that produced the same results (i.e. reported success, no error messages, user not deleted).
I've researched this and some people suggest that GRANT may be blocking the DROP USER command, however, the user has no GRANT privileges:
mysql> SHOW GRANTS FOR ''#'My-Computer-Hostname.local';
+-----------------------------------------------------------+
| Grants for #my-computer-hostname.local |
+-----------------------------------------------------------+
| GRANT USAGE ON *.* TO ''#'my-computer-hostname.local' |
+-----------------------------------------------------------+
1 row in set (0.00 sec)
mysql> REVOKE GRANT OPTION ON *.* FROM ''#'My-Computer-Hostname.local';
ERROR 1141 (42000): There is no such grant defined for user '' on host 'my-computer-hostname.local'
I tried dropping the user again after that but it didn't drop/delete the user either.
I've checked my MySQl error logs and there's nothing unusual in there.
The MySQL manual suggests that it is possible to delete all anonymous accounts, so why can't I delete this one?
Or, to delete just the anonymous one and not the root as well:
mysql> DELETE FROM mysql.user WHERE User='' AND Host='my-computer-hostname.local';
Worked for me on 5.1.57.
This is a known bug due to your uppercase characters: http://bugs.mysql.com/bug.php?id=62255
Use the suggestion from user douger as a workaround
You can still delete the records from the user table:
mysql> DELETE FROM user WHERE host='my-computer-hostname.local';
Query OK, 2 rows affected (0.00 sec)
This method was used prior to MySQL 4.1...
MySQL includes an anonymous user account that allows anyone to connect into the MySQL server without having a user account. This is meant only for testing, and should be removed before the database server is put into a production environment.
Run the following SQL script against the MySQL server to remove the anonymous user account:
DELETE FROM mysql.user WHERE User='';
After making changes to permissions/user accounts, make sure you flush the provilege tables using the following command:
FLUSH PRIVILEGES;