MySql Strange Runs Of Command Denied Errors - mysql

I have an intermittent problem with a MySql database.
Everything runs just fine for long periods of time, but then we suddenly get a run of errors being logged such as this:
MySql.Data.MySqlClient.MySqlException: UPDATE command denied to user
'user'#'ip.add.ress' for table 'tblTable'
The user being reported is the correct user. The same user works just fine almost all the time, but when we get this error we get a load all at once.
I know this is vague, but I have checked that the permissions exist, and indeed the same code, using the same user works almost all the time.
Confirmation: We are not restricting access by IP - it's just a user name and password.

Just to close this one out. We solved this issue by granting the same user elevated permissions (i.e. against the MySQL instance as well as the specific database).

Related

The user specified as a definer does not exist - GRANT doesn't fix

After years of no problems with my PHP webapp running MySQL 5.5 on the backend, suddenly today I'm having permissions problems.
Whenever I try to run an INSERT statement (either from PHP or from Workbench or Heidi), I get this error message: The user specified as a definer ('my_user'#'1.2.3.%') does not exist
One symptom is that INSERT statements cannot be executed by my PHP nor by remote clients such as Workbench or Heidi. I have tried various solutions suggested by:
MySQL error 1449: The user specified as a definer does not exist
Error: 1449, "The user specified as a definer ('root'#'localhost') does not exist"
Everything points to running a GRANT statement. I have tried various GRANTs as suggested, but I always get this error:
Access denied for user
It seems like my permissions got corrupted or something. So I created a brand new DB user inside BlueHost control panel on my VPS and gave full privileges. I get the same exact errors on this brand new user.
BlueHost support has no idea what to do.
Some Stack articles say to go mess around with TRIGGERS or STORED PROCS permissions - but I don't have any of these types of objects. Simple INSERT statements cause this error, and perhaps UPDATEs as well, but I'm not sure of that at this moment.
The user has FULL PRIVILEGES, as always.
What else can I try? Is there some way to fix corrupted permissions? I can run SELECT statements with no problems.
I tried connecting to the DB with root (using the same pwd as I use when connecting to WHM), but it didn't like my password or maybe the user in general. I never set up root as a specific user against this DB and I'm not sure that's a good idea. I have always used a specific user created just for this DB. Again, past 5 years no problems at all. The DB has not been upgraded, no DB changes, no user changes, nothing.
I sort of solved it. I ended up creating a new database with a different name, and created a new admin user to go with it. Then I ran my db backup/dump script against it. Everything works perfectly again, with this new DB. The old DB is still jacked.
I'm thinking that permissions got corrupted in the old database.

Jawsdb on heroku, new database post migration, (Mysql2::Error: INSERT command denied to user..?)

Deployed a new version of our app on heroku and migrated over database from previous free jawsdb instance. However now every time user signs up gives
(Mysql2::Error: INSERT command denied to user <username for instance
what have i missed
migrated using a dump and re-import using mysql command line. eye balled exported data and it seems to be there (user emails etc)
all config vars look ok (DATABASE_URL is mysql2...)
i can login to the database via the url
I have not had to grant access or anything like that before, anyone come across this?
thanks
Ben
My guess is they disabled your INSERT grant because you have reached your max Storage Capacity for your plan.
To validate this is a permissions problem, log into a MySQL prompt with the user the app is running as, and enter this query:
SHOW GRANTS;
It probably list many, but no INSERT.
See this link. As explained in given link, jawsdb preliminary plan does not give you permission to add a new database. You are provided with one schema with some random name and you have to work with that only.
Check your migration
e.g. Make sure the database name matches.
For me, I got the same error as OP when trying to migrate my data. This was a fresh account with only a 50kb'ish database; nowhere close to the free-plan 5mb limit.
In my SQL export statement, my local database name is being used, however the remote MySQL (ie JawsDB) service auto-generates a db name, which will obviously not be the same. Simply used find-replace to change the database name to match remote; everything works.

Followed adwice for err 1045 but new problems Have made Grant statement too

wamp local
Lost contact with all dbases except one which I can log in to. In that DB my password is on a databas level and not a grant user. I have checked all earlier answers. First I did get error 1045 and took the advice given to use "cookie" instead of config in phpmyadmin config.inc
Logged in to phpmyadmin and got two other errors
needs a secret blowfish..??
Something wrong in config file. Doesn't say which and no more info
Fixed them(realy dont know how)
Have made The grant privileges statement for root.
Now I can come in with root user bud also every other user with or without password.
Then I can see my databases and tables(only titles)
I have checked that my DB files are still under the folders(msql bin data)
Got a message Before about something wrong in the config file. Checked it several times(config.inc.php) without seeing anything suspect.
Please... What to do?
I'm not really sure what your question is. It sounds like you worked through items 1 and 2. Sounds like you're logging in as root (as expected) and as the anonymous user (that's "every other user with or without password"). You can restrict that by removing the anonymous user (log in as root and click on the Users tab).

MySQL user with ALL PRIVILEGES can login but not run queries

We've configured our Plesk machine to use an external MySQL server. In doing so, we've granted ALL privileges WITH GRANT OPTION to the psaadmin user so we are able to create remote databases and users just fine. However, the users we create (i.e. 'wordpress_user') cannot run select statements on the remote server.
In checking permissions on the MySQL server, 'wordpress_user' has ALL PRIVILEGES to the database itself. I'm able to login to phpMyAdmin with that user and I'm able to login on the remote server console with that user. It's only when I try to run any query as that user that I get a 'ERROR 1045 (28000): Access denied for user' error.
Everything I've checked seems to indicate the user has full permissions. I've also used FLUSH PRIVILEGES as instructed by the docs. I've restarted Plesk, restarted MySQL, still nothing.
Can anyone help? Please?
I was able to find the problem. Apparently the problematic query was a view that had specific permissions? Regular selects, etc. worked fine (I didn't realize that). I was able to drop and recreate the view and it works great now.

phpmyadmin privileges only working on some databases

When I use PHPMyAdmin to edit or delete a record I am getting an error saying "You don't have permission to access /phpmyadmin/sql.php on this server." But this only happens in some databases. I am the only user according to PHPMyAdmin and through the command prompt on my Linux box.
First off I've changed the PHPMyAdmin access folder because my access logs were showing others trying to get in. Logs don't show any successful attempts.
It was working until today...Now it throws the error. I can still add and drop tables completely, just not edit a record, in two of the five databases. Also I've checked into the user privileges and there doesn't seem to be an issue there.
Anyone have an idea?
EDIT: I have narrowed this down to a conflict between mod_security and PHPMyAdmin, now off to Google to find the solution,
Thanks
What I did was I opened modsecurity.d/modsecurity_crs_47_common_exceptions.conf and added the following to the bottom:
SecRuleEngine Off
And viola it fixed all the issues