How can I make a single table in mysql read only for a user while he still has write access to other tables in the same db?
Additional info
I have root access to the server
Tables are MyISAM
Server version is 5.0.51a-24+lenny2
thanks!
Revoke all previous privileges and then grant the specific new privileges:
REVOKE ALL ON db.table FROM user;
REVOKE ALL ON db.othertable FROM user;
GRANT SELECT ON db.table TO user;
GRANT SELECT, INSERT, UPDATE, DELETE ON db.othertable TO user;
You can make a single MyISAM table read only by compressing the table. Use myisampack on the command line to pack the table.
More info can be found in the MySQL Manual: http://dev.mysql.com/doc/refman/5.0/en/myisampack.html
Related
I am preparing to write a complex stored procedure. I figure will need a debugger going so I am trying to use ocelotgui. I have installed it and can connect to my database in mysql. When I type $INSTALL which is required to set up the debugger I am getting this error:
$INSTALL
Need create privilege on xxxmdbug.. Need select privilege on xxxmdbug.. Need insert privilege on xxxmdbug.. Need delete privilege on xxxmdbug.. Need update privilege on xxxmdbug.. Need drop privilege on xxxmdbug.. Need create routine privilege on xxxmdbug.. Need alter routine privilege on xxxmdbug..
It seems that ocelotgui creates a database called xxxmdbug but for some reason it can't on my system. I am running mySQL in Docker and I have modified the mysql.sql to have the following lines dealing with xxxmdbug.
CREATE DATABASE IF NOT EXISTS subs;
CREATE DATABASE IF NOT EXISTS xxxmdbug;
GRANT ALL PRIVILEGES ON subs.* To 'admin'#'%';
GRANT ALL PRIVILEGES ON xxxmdbug.* To 'admin'#'%';
It seems that I can't login with root so that I can GRANT my actual user the privileges. I though that the password for root was "", but I guess not. Anyone?
I assume you downloaded ocelotgui 1.2 from https://github.com/ocelot-inc/ocelotgui.
You might be seeing an error if database xxxmdbug already exists
(if so, drop it). But if the problem is lack of privileges
(you need create, drop, create routine, alter routine, select, insert, update, delete, select on xxxmdbug.*), then there's
nothing ocelotgui can do, good luck finding the root password.
I have the following tables in my database
users
comments
other_tables
I want to give read-write permission to comments and users tables but read-only permission to other_tables .How can I do that?
(I searched it on google but didn't find any way)
As documented under GRANT Syntax:
GRANT SELECT ON mydb.* TO user_specification;
GRANT INSERT, UPDATE, DELETE ON mydb.users TO user_specification;
GRANT INSERT, UPDATE, DELETE ON mydb.comments TO user_specification;
I am using Plesk 11 on a Centos6 server and have created an openemm database but when I try to import the openemm-2013.sql file into it I am receiving the following message:
QL query:
GRANT DELETE ,
INSERT ,
UPDATE ,
LOCK TABLES ,
SELECT ,
ALTER ,
INDEX ,
CREATE TEMPORARY TABLES ,
DROP ,
CREATE ON openemm . * TO 'agnitas'#'localhost' IDENTIFIED BY 'openemm';
MySQL said:
#1044 - Access denied for user 'openemm'#'localhost' to database 'openemm'
I have created a database user named openemm. What's causing this problem? Is there a password somewhere in openemm-2013.sql that needs to be set for the openemm user? It does appear that the database became populated, and I see the offending script appears at the very end of the openemm-2013.sql file.
Is password is correct?
Also check permissions of 'openemm'#'localhost' it's should have GRANT OPTION;
http://dev.mysql.com/doc/refman/5.1/en/privileges-provided.html#priv_grant-option
Query to check:
show grants for 'openemm'#'localhost';
To add grant option you should grant privileges "WITH GRANT OPTION" like:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON horde.* TO 'openemm'#'localhost' WITH GRANT OPTION;
If 'openemm'#'localhost' is created from Plesk I suppose that there is no GRANT OPTION on this user and this is ok.
In this case you can create new user "agnitas" for database "openemm" in Plesk GUI and remove string
GRANT ... ON openemm . * TO 'agnitas'#localhost' ... ;
from openemm-2013.sql file.
The issue is that you are using 'openemm' as the username, which is not defined in agn.py.
The default username is 'agnitas' and the password is 'openemm'.
Make sure db usernames and passwords are correct in library agn.py located in:
/openemm/openemm-backend/src/main/scripts/lib/agn.py
line:274 for (eid, keyUrl, keyUsername, keyPassword, defaults) in [
line:275 ('emm', 'jdbc.url', 'jdbc.username', 'jdbc.password', ['localhost', 'agnitas', 'openemm', 'openemm']),
line:276 ('cms', 'cmsdb.url', 'cmsdb.username', 'cmsdb.password', ['localhost', 'agnitas', 'openemm', 'openemm_cms'])
line:277 ]:
I hope this helps.
-Yamen-
I have a demo mysql database the I would like all users to be able to see.
How do I grant SELECT on this one database to all the mysql users?
I tried:
GRANT SELECT ON demodb.* TO ''#localhost;
This seemed to run, but no change on the visability of the demodb database.
Any help?
Try this query -
INSERT INTO mysql.db(host, User, Db, select_priv)
SELECT host, user, 'demodb', 'Y' FROM mysql.user;
Then run 'FLUSH PRIVILEGES;' to apply privileges.
Better still, your original solution should have worked, and doesn't require an extra line for every new user, but you needed to flush privileges. I used this for setting up my global DB.
INSERT INTO mysql.db (host,user,db,Select_priv,Execute_priv) VALUE
('%','','demodb','Y','Y');
FLUSH PRIVILEGES;
Anyone knows the MySQL syntax to show the database names that a specific user has the privilege to see in a MySQL database? Say the user is 'dimitris' accessing a database at 'localhost', what would be the syntax to see all databases he has the privilege to select, update, insert etc?
For the current logged in user, you can use SHOW DATABASES;. But, if the user has the SHOW DATABASES; privilege, he'll be able to see all databases, even if he doesn't have access to it. (reference)
Assuming you've read access to the mysql.db table, you can use:
SELECT * FROM mysql.db WHERE User = 'dimitris';
This will return a result set, with Host (e.g. localhost), Db (e.g. somedatabase), User (e.g. dimitris) and the privileges for that database (Select_priv, Update_priv, etc)
You can get list of the databases you have access to with:
SHOW DATABASES;
If you want to get the list for some other user than the user you're logged in as, you have to query the mysql.db table.