Re: Problem with mysql_fix_privelege_tables

Paul DuBois Sat, 02 Oct 2004 18:23:54 -0700

At 16:23 -0600 10/2/04, "Dave Shariff Yadallee - System Administrator a.k.a. The Root wrote:

I am trying to convert from 3.23 to 4.0
This is what I am getting with or with root:


Looks like you're confusing the Unix root user with the MySQL root user.
You don't need to use su to run mysql_fix_privilege_tables.

Script started on Sat Oct  2 16:11:30 2004
doctor.nl2k.ab.ca//usr/contrib/var$ man su

[25;1H[KSU(1) BSD Reference Manual SU(1)

[1mNAME[0;10m

     [1msu[0;10m - substitute user identity

[1mSYNOPSIS[0;10m

[1msu[0;10m [[1m-fKlm[0;10m] [[1m-a[0;10m [4mauth-type[m] [[1m-c[0;10m [4mlogin-class[m] [[4mlogin[m [[4margument[m [4m...[m]]

[1mDESCRIPTION[0;10m

[1mSu[0;10m requests the Kerberos password for [4mlogin[m (or for ``[4mlogin[m.root'', if no login is provided), and switches to that user and group ID after obtain-

ing a Kerberos ticket granting ticket. A shell is then executed. [1mSu[0;10m

will resort to the local password file to find the password for [4mlogin[m if

     there is a Kerberos error, or if the system is not configured for Ker-

beros. If [1msu[0;10m is executed by root, no password is requested and a shell

     with the appropriate user ID is executed; no additional Kerberos tickets

     are obtained.

     By default, the environment is unmodified with the exception of USER,

     LOGNAME, HOME, and SHELL. HOME and SHELL are set to the target login's

     default values.  USER and LOGNAME are set to the target login, unless the

target login has a user ID of 0 and the [1m-l[0;10m flag was not specified, in

     which case it is unmodified.  The invoked shell is the target login's.

     This is the traditional behavior of [1msu[0;10m.

[25;1H[K[7msu.0 (27%)[m[25;1H[25;1H[K

If not using [1m-m[0;10m and the target login has a user ID of 0 then the PATH

     variable and umask value (see umask(2))  are always set according to the

     [4m/etc/login.conf[m file (see login.conf(5)).

     The options are as follows:

     [1m-a[0;10m      Specify an authentication type.

[1m-c[0;10m Specify a login class. You may only override the default class

             if you're already root.

[1m-f[0;10m If the invoked shell is csh(1), this option prevents it from

reading the ``[4m.cshrc[m'' file. (The [f] option may be passed as a

             shell argument after the login name, so this option is redundant

             and obsolescent.)

[1m-K[0;10m Do not attempt to use Kerberos to authenticate the user.

[1m-l[0;10m Simulate a full login. The environment is discarded except for

             HOME, SHELL, PATH, TERM, LOGNAME, and USER. HOME and SHELL are

             modified as above.  USER and LOGNAME are set to the target login.

PATH is set to the path specified in the [4m/etc/login.conf[m file.

             TERM is imported from your current environment.  The invoked

[25;1H[K[7msu.0 (52%)[m[25;1H[25;1H[K shell is the target login's, and [1msu[0;10m will change directory to the

             target login's home directory.

[1m-m[0;10m Leave the environment unmodified. The invoked shell is your lo-

             gin shell, and no directory changes are made.  As a security pre-

             caution, if the target user's shell is a non-standard shell (as

             defined by getusershell(3))  and the caller's real uid is non-ze-

             ro, [1msu[0;10m will fail.

The [1m-l[0;10m and [1m-m[0;10m options are mutually exclusive; the last one specified

     overrides any previous ones.

     Any arguments after the login name are passed to the shell.  This feature

     may be used to execute commands as another user without starting up an

     interactive shell, which may be especially useful in the rc(8) script.

     Only users in group 0 (normally ``wheel'') can [1msu[0;10m to ``root''.

     By default (unless the prompt is reset by a startup file) the super-user

     prompt is set to ``[1m#[0;10m'' to remind one of its awesome power.

[1mEXAMPLES[0;10m

     su daemon /usr/contrib/lib/shell-script arguments

     su news -c 'cd /var/spool/news; du -s * | mail usenet'

[25;1H[K[7msu.0 (76%)[m[25;1H[25;1H[K

[1mSEE[0;10m [1mALSO[0;10m

     csh(1),  kerberos(1),  kinit(1),  setusercontext(3),  group(5),

     login.conf(5),  passwd(5),  environ(7),  login(8),  sh(1)

[1mENVIRONMENT[0;10m

     Environment variables used by [1msu[0;10m:

     HOME  Default home directory of real user ID unless modified as specified

           above.

     LOGNAME

           Same as USER.

     PATH  Default search path of real user ID unless modified as specified

           above.

     TERM  Provides terminal type which may be retained for the substituted

           user ID.

     USER  The user ID is always the effective ID (the target user ID) after

an [1msu[0;10m unless the user ID is 0 (root) and the [1m-l[0;10m flag was not speci- fied.

[25;1H[K[7msu.0 (93%)[m[25;1H[25;1H[K[1mHISTORY[0;10m

     A [1msu[0;10m command appeared in Version 7 AT&T UNIX.

[1mBUGS[0;10m

     There is no direct way to force a particular shell to be used.

     The login name is not optional for root if there are shell arguments.

BSDI BSD/OS                     April 18, 1994                               2

[25;1H[Kdoctor.nl2k.ab.ca//usr/contrib/var$ su -l mysql mysql_fix_privilege_tables

This scripts updates the mysql.user, mysql.db, mysql.host and the

mysql.func tables to MySQL 3.22.14 and above.

This is needed if you want to use the new GRANT functions,

CREATE AGGREGATE FUNCTION or want to use the more secure passwords in 3.23

If you get 'Access denied' errors, you should run this script again

and give the MySQL root user password as an argument!

Converting all privilege tables to MyISAM format

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

If your tables are already up to date or partially up to date you will

get some warnings about 'Duplicated column name'. You can safely ignore these!

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Creating Grant Alter and Index privileges if they don't exists

You can ignore any Duplicate column errors

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Adding columns needed by GRANT .. REQUIRE (openssl)

You can ignore any Duplicate column errors

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Creating the new table and column privilege tables

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Changing name of columns_priv.Type -> columns_priv.Column_priv

You can ignore any Unknown column errors from this

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Fixing the func table

You can ignore any Duplicate column errors

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

Adding new fields used by MySQL 4.0.2 to the privilege tables

You can ignore any Duplicate column errors

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

ERROR 1045: Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)

doctor.nl2k.ab.ca//usr/contrib/var$ exit

exit


Script done on Sat Oct  2 16:12:06 2004

Same thing happens with --password

--
Paul DuBois, MySQL Documentation Team
Madison, Wisconsin, USA
MySQL AB, www.mysql.com

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]

Re: Problem with mysql_fix_privelege_tables

Reply via email to