Michael, Thanks for the detailed response.
First off, it's a network connection, but I forgot to show the -h in my example. Sorry for the lack of clarity there. The error message that I'm getting is: ERROR 1045: Access denied for user 'myuser'@'host.mydomain.com' (using password: YES) So then, I go and check the grants using SHOW GRANT There is no such grant defined for user 'myuser' on host '%.mydomain.com' OK, so there are no grants so that's why access is denied. Then I try to re-enter the grant: grant all on my_db.* to 'myuser'@'%.mydomain.com' identified by 'foobar'; Query OK, 0 rows affected (0.00 sec) same password, user, and domain as before (just in case they're not the same in the examples I've given). If I run SHOW GRANTS again I get the same error as above?!? What am I doing wrong? I issuing these commands as root. Thanks again, Tripp --- Michael Stassen <[EMAIL PROTECTED]> wrote: > Tripp Bishop wrote: > > Simple question: > > > > I'd like to create a user that has all privileges > for > > just one database on the server. > > > > When I try the following: > > > > grant all privileges on my_db.* to > > 'myuser'@'%.mydomain.com' > > identified by 'foobar'; > > > > the statement runs fine. > > You can verify it worked with > > SHOW GRANTS FOR 'myuser'@'%.mydomain.com'; > > If you need to follow up, show us that output. > > > If I think try to connect to the server through > the > > mysql client like this: > > > > mysql -u myuser -pfoobar my_db > > No -h, so this is [EMAIL PROTECTED] That's fine, > but could be important. > > Mysql users are [EMAIL PROTECTED], with hoost being primary. > When you try to connect, > mysql searches the user table for the *best* match > of [EMAIL PROTECTED] Best match > means most specific, with host taking precedence > over user. When trying to > connect as [EMAIL PROTECTED], then, here are some > possible users which would match: > > [EMAIL PROTECTED] > ''@localhost > [EMAIL PROTECTED] > ''@thismachine.mydomain.com > myuser@'%.mydomain.com' > ''@'%.mydomain.com' > myuser@'%' > ''@'%' > > (A blank username, '', is the anonymous user.) I've > arranged those in > descending order of specificity, so the first one > which exists will be the one > used. One possibility, then, is that you have > another [EMAIL PROTECTED] definition > which is taking precedence over the one you defined. > > > I get access denied... > > What is the exact error message? > > > So then if I do this: > > > > grant all privileges on *.* to > > 'myuser'@'%.mydomain.com' > > identified by 'foobar'; > > > > I can connect no problem. What am I doing wrong? I > > definitely don't want this user to have privileges > on > > other databases but I also want the user to be > > functional. > > Adding privileges to other dbs shouldn't fix the > problem. Another possibility, > then, is a typo in the first definition. Now that > you can get in, try > > SELECT CURRENT_USER(); > > to verify your actual, rather than intended, > identity. > > > Thanks, > > > > Tripp > > See the manual for all the details > <http://dev.mysql.com/doc/refman/5.0/en/privilege-system.html> > > Michael > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: > http://lists.mysql.com/[EMAIL PROTECTED] > > __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
