Dear MySQL List,
Is order important when issuing grant commands?
Linux, Fedora Core 3 MySQL server version: 4.1.11-standard, installed via RPM. perl DBI module installed from CPAN on top of this version.
I am trying to allow all privileges to a given user to a given database from inside my local domain, but allow only select privileges to the same user on the same database from outside that domain. If I use the "bad" order (see below) of the grant commands, I get a situation where the local user does not have insert privileges. The user's name is user, the database name is calib and the domain is domain.org.
Good order:
grant select on calib.* to user@"%"; grant all on calib.* to user@"%.domain.org";
Bad order:
grant all on calib.* to user@"%.domain.org"; grant select on calib.* to user@"%";
With the bad order, write privilege seems turned off. I get errors like
execute failed: INSERT command denied to user 'user'@'claspc2.domain.org' for table 'RunIndex'
from the perl DBI module. With the good order, the same script works!
In between invocations, I use the revoke command to wipe out this user/db combo completely from the db table.
With both grant orders, the mysql.db tables looks the same, with the Y's and N's exactly where I expect them, at least from the mysql command line.
Any helpful hints? Derisive comments?
- Mark
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
