I am facing problem with mysql non root/admin user, I am following the below steps for creating user and its privileges, correct me if i am doing wrong,
i am installing mysql on RHEL 5.7 64bit, packages are mentioned below, once i done the rpm install we are
creating mysql db using mysql_install_db, then
starting the mysql service then
using mysql_upgrade also we are doing to the server.
After this process i can login as root but with a non-root user I am not able to log into the server:
[root#clustertest3 ~]# rpm -qa | grep MySQL
MySQL-client-advanced-5.5.21-1.rhel5
MySQL-server-advanced-5.5.21-1.rhel5
[root#clustertest3 ~]# cat /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# Disabling symbolic-links is recommended to prevent assorted security risks;
# to do so, uncomment this line:
# symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
[root#clustertest3 ~]# ls -ld /var/lib/mysql/mysql.sock
srwxrwxrwx 1 mysql mysql 0 Nov 30 11:09 /var/lib/mysql/mysql.sock
mysql> CREATE USER 'golden'#'%' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON * . * TO 'golden'#'%';
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql> SELECT USER(),CURRENT_USER();
+----------------+----------------+
| USER() | CURRENT_USER() |
+----------------+----------------+
| root#localhost | root#localhost |
+----------------+----------------+
1 row in set (0.00 sec)
[root#clustertest3 ~]# mysql -ugolden -p
Enter password:
ERROR 1045 (28000): Access denied for user 'golden'#'localhost' (using password: YES)
This is the problem I am facing, is there any solution to this?
Do not grant all privileges over all databases to a non-root user, it is not safe (and you already have "root" with that role)
GRANT <privileges> ON database.* TO 'user'#'localhost' IDENTIFIED BY 'password';
This statement creates a new user and grants selected privileges to it.
I.E.:
GRANT INSERT, SELECT, DELETE, UPDATE ON database.* TO 'user'#'localhost' IDENTIFIED BY 'password';
Take a look at the docs to see all privileges detailed
EDIT: you can look for more info with this query (log in as "root"):
select Host, User from mysql.user;
To see what happened
If you are connecting to the MySQL using remote machine(Example workbench) etc., use following steps to eliminate this error on OS where MySQL is installed
mysql -u root -p
CREATE USER '<<username>>'#'%%' IDENTIFIED BY '<<password>>';
GRANT ALL PRIVILEGES ON * . * TO '<<username>>'#'%%';
FLUSH PRIVILEGES;
Try logging into the MYSQL instance.
This worked for me to eliminate this error.
Try:
CREATE USER 'golden'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON * . * TO 'golden'#'localhost';
FLUSH PRIVILEGES;
Or even better use: mysql_setpermission to create the user
It looks like you're trying to make a user 'golden'#'%' but a different user by the name of 'golden'#'localhost' is getting in the way/has precedence.
Do this command to see the users:
SELECT user,host FROM mysql.user;
You should see two entries:
1) user= golden, host=%
2) user= golden, host=localhost
Do these Command:
DROP User 'golden'#'localhost';
DROP User 'golden'#'%';
Restart MySQL Workbench.
Then do your original commands again:
CREATE USER 'golden'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON * . * TO 'golden'#'%';
Then when you go to try to sign in to MySQL, type it in like this:
Hit 'Test Connection' and enter your password 'password'.
First I created the user using :
CREATE user user#localhost IDENTIFIED BY 'password_txt';
After Googling and seeing this, I updated user's password using :
SET PASSWORD FOR 'user'#'localhost' = PASSWORD('password_txt');
and I could connect afterward.
For anyone else who did all the advice but the problem still persists.
Check for stored procedure and view DEFINERS. Those definers may no longer exists.
My problem showed up when we changed the wildcard host (%) to IP specific, making the database more secure. Unfortunately there are some views that are still using 'user'#'%' even though 'user'#'172....' is technically correct.
I also have the similar problem, and later on I found it is because I changed my hostname (not localhost).
Therefore I get it resolved by specifying the --host=127.0.0.1
mysql -p mydatabase --host=127.0.0.1
According way you create your user, MySQL interprets a different manner. For instance, if you create a user like this:
create user user01 identified by 'test01';
MySQL expects you give some privilege using grant all on <your_db>.* to user01;
Don't forget to flush privileges;
But, if you create user like that (by passing an IP address), you have to change it to:
create user 'user02'#'localhost' identified by 'teste02';
so, to give some privileges you have to do that:
grant all on <your_db>.* to user02#localhost;
flush privileges;
Make sure the user has a localhost entry in the users table. That was the problem I was having. EX:
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
For annoying searching getting here after searching for this error message:
Access denied for user 'someuser#somewhere' (using password: YES)
The issue for me was not enclosing the password in quotes. eg. I needed to use -p'password' instead of -ppassword
Try this:
If you have already created your user, you might have created your user with the wrong password.
So drop that user and create another user by doing this.
To see your current users.
SELECT Host,User FROM mysql.user;
To drop the user
DROP User '<your-username>'#'localhost';
After this you can create the user again with the correct password
CREATE USER '<your-username>'#'localhost' IDENTIFIED WITH mysql_native_password BY '<correct password>';
then
FLUSH PRIVILEGES;
You might still run into some more errors with getting access to the database, if you have that error run this.
GRANT ALL PRIVILEGES ON *.* to '<your-username>'#'localhost';
In my case the same error happen because I was trying to use mysql by just typing "mysql" instead of "mysql -u root -p"
connect your server from mysqlworkbench and run this command->
ALTER USER 'root'#'localhost' IDENTIFIED BY 'yourpassword';
The error of ERROR 1045 (28000): Access denied for user might not be always related to privilages problems but to the fact that there is a missing -p at the end of the command:
# Will prompt us a mysql terminal in case there are no privilages issues
mysql -u root -p
# Will fail with the mentioned ERROR 1045
mysql -u root
sometimes,it can just be a wrong password.Kindly remember your passwords including their sensitivity.
I had this issue and something dummy ended up solving.
For some reason "locahost" was not resolving for anything, so using its local IP made it work.
So you would change
mysql -h localhost -P 33061
to:
mysql -h 127.0.0.1 -P 33061
Had a similar issue when trying to grant privileges to an already existing user using the command:
use my-db;
GRANT ALL PRIVILEGES ON my-database.* TO 'my-user'#'%' IDENTIFIED BY 'my-password';
Here's how I solved it:
It had to do with 2 issues:
The password of the already exiting user was different from the password that provided in the GRANT ALL PRIVILEGES command. I had to rerun the GRANT ALL PRIVILEGES with the correct password for the already existing user.
The host name of the database server that I provided when connecting to the database was incorrect. I had created the database and the user on a particular database server and I was trying to connect to another database server different from the database server where the database and the user were created. I had to get the correct database server hostname, and I used it for the connection.
After all this were sorted, I was able to connect to the database using the credentials.
The issue was that my-user already had the privileges I wanted to grant it.
You can check to see the privileges that you've granted your user using:
SHOW GRANTS FOR 'your-user'#'%';
OR
SHOW GRANTS FOR 'your-user'#'localhost';
That's all.
Just add computer name instead of 'localhost' in hostname or MySQL Host address.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have installed MySQL. During the process of installation I was asked whether I want to determine a password for root user. Well, I entered a password.
Now I can access it through
mysql -u root -p
Well, it works.
The question is what will happen if I use just mysql command?
Well. This is what appears:
mysql>
I'm a bit confused. If I organize a password, how can I get access without entering it.
What privileges do I have in this case?
You are connected as ROOT (you can create,detele, alter,procedures,triggers,tables,configurations, users, Dbs, etc) , so you can do whatever you want. It's the same if you do:
mysql -u root -p
or
mysql -u root -p "my_root_pass"
(of course if you have one)
the mysql> just mean that you are connected to your database, however it's not recommended that use that user, also you should give him a password with the grant command.
if you want to see the user that you are using, you can use:
mysql> select current_user;
The fact that you can "enter" MySQL doesn't mean that you have the ability to do anything. Try and create a database without supplying a password. Try and access a database without the password... I'm fairly sure that you won't be able to do either.
Try to access your database / tables when you see mysql> If it doesn't give you an error, then your password most likely is still not set for the root account. If this is the case, you can go ahead and execute this query to set your root password.
grant all privileges on *.* to 'root'#'localhost' identified by 'your new password';
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I forgot mysql root password. How can I get it again? I am trying to use mysql -u root command but I am getting this error ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: NO)
how can I solve this problem?
Try with -p option; then it will prompt you for password. In your case, it's saying that you can't access with user root with no password.
mysql -u root -h localhost -p
In case, you have really forgot your password then take a look here on how to reset the same
How to Reset the Root Password (for 5.7 version)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about programming within the scope defined in the help center.
Improve this question
I'm writing a script to perform some database maintenance, and MySQL is not accepting the username I'm trying to pass it.
I have a MySQL user and database named 'abc_wpsites', as well as a user and database named 'abc_wpsitesdev'. Here, I'm trying to access abc_wpsitesdev, but MySQL continually attempts to access with the account 'abc_wpsites' instead.
abc.com [~]# mysql -uabc_wpsitesdev --password='(redacted)' -h localhost abc_wpsitesdev
ERROR 1045 (28000): Access denied for user 'abc_wpsites'#'localhost' (using password: YES)
abc.com [~]# mysql --user='abc_wpsitesdev' --password='(redacted)' -h localhost abc_wpsitesdev
ERROR 1045 (28000): Access denied for user 'abc_wpsites'#'localhost' (using password: YES)
abc.com [~]# mysql --user='abc_wpsitesfff' --password='(redacted)' -h localhost abc_wpsitesdev
ERROR 1045 (28000): Access denied for user 'abc_wpsites'#'localhost' (using password: YES)
Notice how each attempt at experimenting with the username still results in an attempt to access MySQL via the 'abc_wpsites' account. Any thoughts on what's going on here?
Also, I should mention that I can connect via other methods with the appropriate credentials (e.g. via MySQL), so this seems to be some sort of problem with my understanding/the operation of MySQL's CLI interface.
I wouldn't suggest passing your login information that way. This means your password is
Visible in the processlist (some distro's will filter that but)
It's either stored in a crontab or your bash .history file
Instead create at script.cnf file that is NOT world readable.
The contents will look like
[client]
user=abc_wspitesdev
password=your_password
Change your command line call to
mysql --defaults-file=/path/to/script.cnf -h localhost abc_wpsitesdev
mysql
Edit
Your other comment said you could connect as other users. If you have root access to this db run
select user, host, passowrd from mysql.users;
Compare the one that's not working with others that are.
The passwords that are stored will be hashes of the actual values. Are they all the same length? If one is significantly longer or shorter it could be the password was stored with an old password hashing method used in versions 4.x and earlier.
What is the host for the account you are trying to connect through? Is it 'localhost' or an IP address? If it is your IP address this likely might be the problem. Since your command line call is connecting to localhost this will tell it to connect through a unix socket (/var/lib/mysql/mysql.sock perhaps). MySQL differentiates these connections from ones coming through the TCP stack.
You could alternatively specify your full (non 127.0.0.1) IP address on the commandline if this is the case like
mysql -u blah -pblah -h 1.2.3.4
"Where" is user "abc_wpsitesdev" allowed to connect from as opposed to where the "abc_wpsites" user is allowed to connect from -- any difference?
If you did "grant all privileges on abcwpsitedev to 'abc_wpsitesdev'#'%' identified by 'thedevpassword';" that won't work for accessing from localhost as explained in the last pargraph in the post from the manual below:
From the MySQL manual:
After connecting to the server as root, you can add new accounts. The following statements use GRANT to set up four new accounts:
mysql> GRANT ALL PRIVILEGES ON . TO 'monty'#'localhost'
-> IDENTIFIED BY 'some_pass' WITH GRANT OPTION;
mysql> GRANT ALL PRIVILEGES ON . TO 'monty'#'%'
-> IDENTIFIED BY 'some_pass' WITH GRANT OPTION;
mysql> GRANT RELOAD,PROCESS ON . TO 'admin'#'localhost';
mysql> GRANT USAGE ON . TO 'dummy'#'localhost';
The accounts created by these statements have the following properties:
Two of the accounts have a user name of monty and a password of some_pass. Both accounts are superuser accounts with full privileges to do anything. The 'monty'#'localhost' account can be used only when connecting from the local host. The 'monty'#'%' account uses the '%' wildcard for the host part, so it can be used to connect from any host.
It is necessary to have both accounts for monty to be able to connect from anywhere as monty. Without the localhost account, the anonymous-user account for localhost that is created by mysql_install_db would take precedence when monty connects from the local host. As a result, monty would be treated as an anonymous user. The reason for this is that the anonymous-user account has a more specific Host column value than the 'monty'#'%' account and thus comes earlier in the user table sort order. (user table sorting is discussed in Section 5.5.4, “Access Control, Stage 1: Connection Verification”.)
the problem with your line
mysql -uabc_wpsitesdev --password='(redacted)' -h localhost abc_wpsitesdev
is, that you need a space after -u
(and no space after -p)
this is the form I use:
mysql -u abc_wpsitesdev -p(redacted) -h localhost abc_wpsitesdev
This question already has answers here:
How to set root password to null
(21 answers)
Closed 9 years ago.
How can I change the root password to an empty one in MySql?
The following gives "Access denied for user 'root'#'localhost' (using password: YES)" error. I'm sure I've typed my password correct (it's only 123456)
mysqladmin -u root -p'123456' password ''
I've run this sql successfully but I can still access with my password 123456 and not with an empty one:
use mysql; update user set password=PASSWORD("") where User='root';
You should restart the MySQL server or run the following command:
FLUSH PRIVILEGES;
MySQL doesn't immediately "see" the changes you make to the tables containing user account data, hence the need for this additional step.
You need to FLUSH PRIVILEGES.