I have the following tables in my database
users
comments
other_tables
I want to give read-write permission to comments and users tables but read-only permission to other_tables .How can I do that?
(I searched it on google but didn't find any way)
As documented under GRANT Syntax:
GRANT SELECT ON mydb.* TO user_specification;
GRANT INSERT, UPDATE, DELETE ON mydb.users TO user_specification;
GRANT INSERT, UPDATE, DELETE ON mydb.comments TO user_specification;
Related
I am preparing to write a complex stored procedure. I figure will need a debugger going so I am trying to use ocelotgui. I have installed it and can connect to my database in mysql. When I type $INSTALL which is required to set up the debugger I am getting this error:
$INSTALL
Need create privilege on xxxmdbug.. Need select privilege on xxxmdbug.. Need insert privilege on xxxmdbug.. Need delete privilege on xxxmdbug.. Need update privilege on xxxmdbug.. Need drop privilege on xxxmdbug.. Need create routine privilege on xxxmdbug.. Need alter routine privilege on xxxmdbug..
It seems that ocelotgui creates a database called xxxmdbug but for some reason it can't on my system. I am running mySQL in Docker and I have modified the mysql.sql to have the following lines dealing with xxxmdbug.
CREATE DATABASE IF NOT EXISTS subs;
CREATE DATABASE IF NOT EXISTS xxxmdbug;
GRANT ALL PRIVILEGES ON subs.* To 'admin'#'%';
GRANT ALL PRIVILEGES ON xxxmdbug.* To 'admin'#'%';
It seems that I can't login with root so that I can GRANT my actual user the privileges. I though that the password for root was "", but I guess not. Anyone?
I assume you downloaded ocelotgui 1.2 from https://github.com/ocelot-inc/ocelotgui.
You might be seeing an error if database xxxmdbug already exists
(if so, drop it). But if the problem is lack of privileges
(you need create, drop, create routine, alter routine, select, insert, update, delete, select on xxxmdbug.*), then there's
nothing ocelotgui can do, good luck finding the root password.
Would like to grant permission to a user on multiple databases in single command. I am getting syntax error when I try
grant all on abc.*, xyz.* TO 'user'#'10.10.0.10';
Please guide. Thanks.
You need to use multiple grant statements, one for each database:
grant all on abc.* TO 'user'#'10.10.0.10';
grant all on xyz.* TO 'user'#'10.10.0.10';
You can either use single database or . for all databases in single statement like below:
grant all on abc.* TO 'user'#'10.10.0.10'; --- For abc database.
grant all on . TO' user'#'10.10.0.10'; --- for all databases
How can I grant somebody to see the structure of mysql routines?
The following command can be used to show the structure of routines:
show create function FUNCTION_NAME
or
show create procedure PROCEDURE_NAME
but It should be run by the user with grant all permission. I don't want to give grant all to the user. What is the exact grant I need or what is the alternative solutions?
from the manual
To use either statement, you must be the user named in the routine DEFINER clause or have SELECT access to the mysql.proc table.
So granting SELECT to the mysql.proc table should be sufficient.
For MySQL 8.20+ you can use:
GRANT SHOW_ROUTINE ON . TO username
MySQL 8 Reference
I have a demo mysql database the I would like all users to be able to see.
How do I grant SELECT on this one database to all the mysql users?
I tried:
GRANT SELECT ON demodb.* TO ''#localhost;
This seemed to run, but no change on the visability of the demodb database.
Any help?
Try this query -
INSERT INTO mysql.db(host, User, Db, select_priv)
SELECT host, user, 'demodb', 'Y' FROM mysql.user;
Then run 'FLUSH PRIVILEGES;' to apply privileges.
Better still, your original solution should have worked, and doesn't require an extra line for every new user, but you needed to flush privileges. I used this for setting up my global DB.
INSERT INTO mysql.db (host,user,db,Select_priv,Execute_priv) VALUE
('%','','demodb','Y','Y');
FLUSH PRIVILEGES;
How can I make a single table in mysql read only for a user while he still has write access to other tables in the same db?
Additional info
I have root access to the server
Tables are MyISAM
Server version is 5.0.51a-24+lenny2
thanks!
Revoke all previous privileges and then grant the specific new privileges:
REVOKE ALL ON db.table FROM user;
REVOKE ALL ON db.othertable FROM user;
GRANT SELECT ON db.table TO user;
GRANT SELECT, INSERT, UPDATE, DELETE ON db.othertable TO user;
You can make a single MyISAM table read only by compressing the table. Use myisampack on the command line to pack the table.
More info can be found in the MySQL Manual: http://dev.mysql.com/doc/refman/5.0/en/myisampack.html