Tripp Bishop wrote:
Simple question:
I'd like to create a user that has all privileges for
just one database on the server.
When I try the following:
grant all privileges on my_db.* to
'myuser'@'%.mydomain.com'
identified by 'foobar';
the statement runs fine.
You can verify it worked with
SHOW GRANTS FOR 'myuser'@'%.mydomain.com';
If you need to follow up, show us that output.
If I think try to connect to the server through the
mysql client like this:
mysql -u myuser -pfoobar my_db
No -h, so this is [EMAIL PROTECTED] That's fine, but could be important.
Mysql users are [EMAIL PROTECTED], with hoost being primary. When you try to connect,
mysql searches the user table for the *best* match of [EMAIL PROTECTED] Best match
means most specific, with host taking precedence over user. When trying to
connect as [EMAIL PROTECTED], then, here are some possible users which would match:
[EMAIL PROTECTED]
''@localhost
[EMAIL PROTECTED]
''@thismachine.mydomain.com
myuser@'%.mydomain.com'
''@'%.mydomain.com'
myuser@'%'
''@'%'
(A blank username, '', is the anonymous user.) I've arranged those in
descending order of specificity, so the first one which exists will be the one
used. One possibility, then, is that you have another [EMAIL PROTECTED] definition
which is taking precedence over the one you defined.
I get access denied...
What is the exact error message?
So then if I do this:
grant all privileges on *.* to
'myuser'@'%.mydomain.com'
identified by 'foobar';
I can connect no problem. What am I doing wrong? I
definitely don't want this user to have privileges on
other databases but I also want the user to be
functional.
Adding privileges to other dbs shouldn't fix the problem. Another possibility,
then, is a typo in the first definition. Now that you can get in, try
SELECT CURRENT_USER();
to verify your actual, rather than intended, identity.
Thanks,
Tripp
See the manual for all the details
<http://dev.mysql.com/doc/refman/5.0/en/privilege-system.html>
Michael
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
