I have an ubuntu server with mysql installed, at one point I saw the php code running on the server could access mysql but I can't access mysql remotely, for another server or sequal pro.
$ mysql -u root -p
mysql> GRANT ALL on *.* TO 'thomas'#'%';
mysql> exit
$ mysql -u thomas -p
mysql> show grants;
+------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for thomas#localhost |
+------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'localhost' IDENTIFIED BY PASSWORD '[ENCRYPTEDPASSWORD]' WITH GRANT OPTION |
+------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
mysql> exit
$ mysql -u thomas -p -h [SERVERIP]
ERROR 1045 (28000): Access denied for user 'thomas'#'[SERVERNAME]' (using password: YES)
Update:
I wen't in and dropped all the users that where made (some didn't have passwords) I was going by the mysql.user table and using the drop user command.
CREATE USER 'thomas'#'localhost' IDENTIFIED BY '[PASSWORD]';
GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'localhost' IDENTIFIED BY '[PASSWORD]';
GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'[SERVERIP]' IDENTIFIED BY '[PASSWORD]';
GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'%' IDENTIFIED BY '[PASSWORD]';
the table now looks like this:
+--------------+------------------+
| Host | User |
+--------------+------------------+
| localhost | root |
| localhost | phpmyadmin |
| 127.0.0.1 | root |
| ::1 | root |
| localhost | debian-sys-maint |
| localhost | thomas |
| [SERVERIP] | thomas |
| % | thomas |
+--------------+------------------+
Well, you have
GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'localhost'
but you are not on localhost. You might want to try
GRANT ALL PRIVILEGES ON *.* TO 'thomas'#'%'
Ofcourse you have to add IDENTIFIED BY 'password' if you so desire
Related
I can't login with root ,I think root's password may be changed.But I can't change root's password either.
Mysql version is v8.0.16.
I have used --init-file to specificd alter sql at mysqld booting
alter user 'root'#'localhost' identified by 'mynewpassword'
but it doesn't work.
I used --skip-grant-tables --user=mysql so I could add a new user, and my new user works. I try to alter root,but it failed again.
mysql> alter user 'root'#'localhost' identified by 'mynewpassword';
ERROR 1396 (HY000): Operation ALTER USER failed for 'root'#'localhost'
here is the table user's content
mysql> select user,host from user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| admin | % |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
Do anyone have any idea?
You Can try:
ALTER USER 'root'#'%' IDENTIFIED WITH mysql_native_password BY '123';
rather than
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY '123';
When you use the following command
mysql> use mysql;
mysql> select user,host from user;
you can find that root's host is '%'
mysql> select user, host from user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| root | % |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
+------------------+-----------+
According to the mysql docs and this one - check the special --init-file option.
And then try to FLUSH PRIVILEGES;
Also, please see this related post.
This should help.
Even after trying the methods in this threadERROR 1698 (28000): Access denied for user 'superuser1'#'localhost', I still have the same error with my username 'cotequotey' which reads:
OperationalError: (1045, "Access denied for user 'cotequotey'#'localhost' (using password: NO)")
And this username 'cotequotey' is the one that I have attributed the auth_socket plugin to, in order for that username to be the default instead of root. So this is what my user table looks like:
mysql> select User,host,plugin, authentication_string from mysql.user;
+------------------+-----------+-----------------------+-------------------------------------------+
| User | host | plugin | authentication_string |
+------------------+-----------+-----------------------+-------------------------------------------+
| root | localhost | mysql_native_password | *B845F78DCA29B8AE945AB9CFFAC24A9D17EB5063 |
| mysql.session | localhost | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql.sys | localhost | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| debian-sys-maint | localhost | mysql_native_password | *0C8DDC30A93F5F8834121C4DF8703A051E215166 |
| cotequotey | localhost | auth_socket | |
+------------------+-----------+-----------------------+-------------------------------------------+
5 rows in set (0.00 sec)
Therefore, I expected my connection via 'cotequotey' to work without a password when I did the command:
ubuntu:~/environment/RAD_Final (angela) $ mysql -u cotequotey
ERROR 1045 (28000): Access denied for user 'cotequotey'#'localhost'
However, this command in the console still produces the original error, so I'm wondering if anyone knows of a solution?
I'm wondering if it is a grant permissions issue, since my root grants permissions are the same as those for cotequotey#localhost.
Wasn't sure if this made them clash.
+---------------------------------------------------------------------+
| Grants for root#localhost |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
+---------------------------------------------------------------------------+
| Grants for cotequotey#localhost |
+---------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'cotequotey'#'localhost' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'cotequotey'#'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------------+
According to the docs:
The socket plugin checks whether the socket user name (the operating system user name) matches the MySQL user name specified by the client program to the server. If the names do not match, the plugin checks whether the socket user name matches the name specified in the authentication_string column of the mysql.user system table row. If a match is found, the plugin permits the connection. The authentication_string value can be specified using an IDENTIFIED ...AS clause with CREATE USER or ALTER USER.
It looks like your mysql account name doesn't match your UNIX user name, and you don't have an alternate specified in the authentication_string field.
ADDENDUM:
Essentially auth_socket says "if the operating system authenticated you, MySQL will trust you too." The default to accomplish that is to check if the Linux account name and the MySQL account name match (so no one else can log into the machine and gain privileges by claiming to be you). You can override this behavior by specifying an alternate name as explained in the documentation linked above.
As in the title i get:
Access denied for user 'xxxx'#'localhost' to database 'dbname'
when i try to import a mysql file as below:
mysql -u xxxx -p dbname < mysql_update
if i do a show privileges inside the database accessin with xxxx i get this result:
+------------------------------------------------------------------------------------+
| Grants for tacticalcustom#localhost |
+------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'xxxx'#'localhost' |
| GRANT ALL PRIVILEGES ON `dbname`.* TO 'xxxx'#'localhost' |
| GRANT ALL PRIVILEGES ON `dbname`.* TO 'xxxx'#'localhost' |
| GRANT ALL PRIVILEGES ON `dbname`.`dbname` TO 'xxxx'#'localhost' |
+------------------------------------------------------------------------------------+
did i miss something?
I've read a lot of answers for this question, but didn't found the resolve.
I have an mysql server on Azure (ex. 13.25.147.140).
my.cnf:
[mysqld]
# bind-address=127.0.0.1
init_connect= ^`^xSET collation_connection = utf8_unicode_ci ^`^y
character-set-server = utf8
collation-server = utf8_unicode_ci
[client]
default-character-set = utf8
Then, I did sudo service mysql restart
Then, granted permission for root:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'57.26.24.157' IDENTIFIED BY 'password' WITH GRANT OPTION;
mysql> SELECT user, host from user;
+------------------+--------------+
| user | host |
+------------------+--------------+
| root | % |
| root | 57.26.24.157 |
| debian-sys-maint | localhost |
| mysql.sys | localhost |
| paymon | localhost |
| phpmyadmin | localhost |
| root | localhost |
+------------------+--------------+
But when I tried to connect from my PC, I got this:
mysql -u root -p -h 13.25.147.140
Enter password:
ERROR 1045 (28000): Access denied for user 'root'#'57.26.24.157' (using password: YES)
How can I fix that?
By default, mysql disallow root login remotely, it is a security precaution.
If you want to use root to login remotely for some test, we can use this command to modify it:
[root#jasonvm etc]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.1.73 Source distribution
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select host, user from user where user="root";
+-----------+------+
| host | user |
+-----------+------+
| % | root |
| 127.0.0.1 | root |
| localhost | root |
+-----------+------+
3 rows in set (0.00 sec)
mysql> grant all privileges on *.* to 'root'#'%' identified by 'password' with grant option;
Query OK, 0 rows affected (0.00 sec)
Another VM to use root to login mysql:
[root#localhost ~]# mysql -u root -p -h 40.71.33.231
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.1.73 Source distribution
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]>
I have mysql Server version: 5.5.32-0ubuntu0.12.04.1 (Ubuntu) installed linux Ubuntu 12.04 LTS.
I seem to have all the permissions as root. I can create a user and a db. However, I cannot seem to give the user all the permissions to the db.
My .my.cnf:
[client]
user=root
password=test
I login through mysql -u root -h localhost -p, but I cannot login without the -p option though I have the .my.cnf (not an issue, but odd).
There were a bunch of root users, so I got rid of them and I have these users:
mysql> SELECT host,user,password FROM mysql.user;
+-----------+------------------+-------------------------------------------+
| host | user | password |
+-----------+------------------+-------------------------------------------+
| localhost | root | ***************************************** |
| localhost | debian-sys-maint | ***************************************** |
+-----------+------------------+-------------------------------------------+
mysql> SHOW GRANTS FOR 'root'#'localhost';
+----------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*****************************************' |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------+
Now, I create a db, a user. The last line shows an error when I grant permissions. Can you please let me know why I am getting this error and what I can do to make this work?
mysql> create database staging;
Query OK, 1 row affected (0.00 sec)
mysql> CREATE USER 'staging'#'localhost' IDENTIFIED BY 'test';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON staging.* TO 'staging'#'localhost';
ERROR 1044 (42000): Access denied for user 'root'#'localhost' to database 'staging'
First, Identify the user you are logged in as:
select user(); select current_user();
The result for the first command is what you attempted to login as, the second is what you actually connected as. Confirm that you are logged in as root#localhost in mysql.
The issue was that the installation I came up with did not provide Grant_priv to root#localhost. Here is how you can check.
mysql> SELECT host,user,password,Grant_priv,Super_priv FROM mysql.user;
+-----------+------------------+-------------------------------------------+------------+------------+
| host | user | password | Grant_priv | Super_priv |
+-----------+------------------+-------------------------------------------+------------+------------+
| localhost | root | ***************************************** | N | Y |
| localhost | debian-sys-maint | ***************************************** | Y | Y |
| localhost | staging | ***************************************** | N | N |
+-----------+------------------+-------------------------------------------+------------+------------+
You can see that the Grant_priv is set to N for root#localhost. This needs to be Y. Here is how I fixed this:
UPDATE mysql.user SET Grant_priv='Y', Super_priv='Y' WHERE User='root';
FLUSH PRIVILEGES;
GRANT ALL ON *.* TO 'root'#'localhost';
I did get some permission error, but when I logged back in, it was fine.
try flushing privileges after granting permissions
GRANT ALL PRIVILEGES ON staging.* TO 'staging'#'localhost' IDENTIFIED BY 'test';
FLUSH PRIVILEGES;
For those who still stumble upon this like I did, it's worth checking to make sure the attempted GRANT does not already exist:
SHOW GRANTS FOR username;
In my case, the error was not actually because there was a permission error, but because the GRANT already existed.