Gleb et al.,
Gleb Paharenko wrote:
That is what I thought. Because of the sorting I should not have to worry about the order of issuing the grant commands. That's why I posted.I think the grant statements flow order doesn't matter, because according to:
http://dev.mysql.com/doc/mysql/en/connection-access.html
server sorts the entries of the grant tables before reading them.
Now there's an excellent idea! Here is what I get in the "bad" configuration:What output does the following statement produce:
show grants for current_user();
==begin quote==
> mysql -hclaspc2.jlab.org -uprimex_user -A primex_calib ; Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 136 to server version: 4.1.11-standard
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> show grants for current_user();
+---------------------------------------------------------------------------------+
| Grants for [EMAIL PROTECTED] |
+---------------------------------------------------------------------------------+
| GRANT CREATE TEMPORARY TABLES, LOCK TABLES ON *.* TO 'primex_user'@'%.jlab.org' |
| GRANT ALL PRIVILEGES ON `primex_calib`.* TO 'primex_user'@'%.jlab.org' |
+---------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> insert into testSystem_testAttribute set comment='junk entry';
ERROR 1142 (42000): INSERT command denied to user 'primex_user'@'claspc2.jlab.org' for table 'testSystem_testAttribute'
==end quote==
where I have dispensed with the coy generic names of users, servers and domains.
If I do the grants in the "good" order I get:
==begin quote==
> mysql -hclaspc2.jlab.org -uprimex_user -A primex_calib Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 140 to server version: 4.1.11-standard
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> show grants for current_user();
+---------------------------------------------------------------------------------+
| Grants for [EMAIL PROTECTED] |
+---------------------------------------------------------------------------------+
| GRANT CREATE TEMPORARY TABLES, LOCK TABLES ON *.* TO 'primex_user'@'%.jlab.org' |
| GRANT ALL PRIVILEGES ON `primex_calib`.* TO 'primex_user'@'%.jlab.org' |
+---------------------------------------------------------------------------------+
2 rows in set (0.06 sec)
mysql> insert into testSystem_testAttribute set comment='junk entry'; Query OK, 1 row affected (0.00 sec)
==end quote==
which looks like the same privileges to me, but with much better results.
What is going on?
- Mark
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]