On Wed, 11 Jul 2001, Gerald Clark wrote:
>> On Wed, 11 Jul 2001, Gilbert Healton wrote:
>>
>> The key commands are:
>>
>> grant all privileges on Baseball.* to gilbert identified by "first"
>> with grant option;
.... cut cut cut ....
>try to 'gilbert'@'%'
>or replace % with localhost or whatever machine gilbert will be
>connecting from.
>--
>Gerald L. Clark
>[EMAIL PROTECTED]
>
use mysql;
select * from user where User = "gilbert";
only listed one entry, and the host name was already '%'. Nevertheless
I did your test, and it did not go anywhere.
I also added a
grant all privileges on *.* to gilbert identified by "first"
identified by "first";
While this got "select * from user where User = "gilbert"; to list
Y permissions all the way across, "mysql -ugilbert -pfirst" still fails.
This has the feel for something basic I am overlooking.
NOTE:
* The following selects show that I've got solid YESes across the board
for privileges to mysql.user and mysql.db tables.
* YET the FOLLOWING mysqlaccess shows solid NO access permissions for
user gilbert on Baseball.
* The final "mysql -ugilbert -pfirst" also fails.
mysql> select * from db where user = 'gilbert';
+------+----------+---------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+
| Host | Db | User | Select_priv | Insert_priv | Update_priv | Delete_priv |
|Create_priv | Drop_priv | Grant_priv | References_priv | Index_priv | Alter_priv |
+------+----------+---------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+
| % | Baseball | gilbert | Y | Y | Y | Y |
|Y | Y | Y | Y | Y | Y |
+------+----------+---------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+
1 row in set (0.00 sec)
mysql> select * from user where user = 'gilbert';
+------+---------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+
| Host | User | Password | Select_priv | Insert_priv | Update_priv |
|Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv |
|File_priv | Grant_priv | References_priv | Index_priv | Alter_priv |
+------+---------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+
| % | gilbert | 5ba6098671b952ea | Y | Y | Y | Y
| | Y | Y | Y | Y | Y | Y
| | Y | Y | Y | Y |
+------+---------+------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+
1 row in set (0.00 sec)
# mysqlaccess -uroot gilbert Baseball
Could not open outputfile ~/mysqlaccess.log for debugging-info
mysqlaccess Version 2.06, 20 Dec 2000
By RUG-AIV, by Yves Carlier ([EMAIL PROTECTED])
Changes by Steve Harvey ([EMAIL PROTECTED])
This software comes with ABSOLUTELY NO WARRANTY.
Unknown option: uroot
Access-rights
for USER 'gilbert', from HOST 'localhost', to DB 'Baseball'
+-----------------+---+ +-----------------+---+
| Select_priv | N | | Shutdown_priv | N |
| Insert_priv | N | | Process_priv | N |
| Update_priv | N | | File_priv | N |
| Delete_priv | N | | Grant_priv | N |
| Create_priv | N | | References_priv | N |
| Drop_priv | N | | Index_priv | N |
| Reload_priv | N | | Alter_priv | N |
+-----------------+---+ +-----------------+---+
BEWARE: Everybody can access your DB as user `gilbert' from host `localhost'
: WITHOUT supplying a password.
: Be very careful about it!!
BEWARE: Accessing the db as an anonymous user.
: Your username has no relevance
The following rules are used:
db : 'No matching rule'
host : 'Not processed: host-field is not empty in db-table.'
user : 'localhost','','','N','N','N','N','N','N','N','N','N','N','N','N','N','N'
mysql -ugilbert -pfirst
ERROR 1045: Access denied for user: 'gilbert@localhost' (Using password: YES)
PS TO WORLD: visit http://www.exit109.com/~ghealton/problem.txt for
full description of problem and problem.mysql for UNIX bash shell
script that demonstrates the problem. problem.log is the output of
the shell script (please note the output of various selects and
mysqlaccess commands).
----------------------------------------------------------------------
[EMAIL PROTECTED] http://www.exit109.com/~ghealton/
----------------------------------------------------------------------
Computers are like air conditioners:
they don't work well when Windows are left open
#!/bin/bash -x
### demonstrate my problem
#### EXECUTE AS USER ROOT
echo " =================================== $*"
#### configurations users must leave alone unless they are true gurus
user=gilbert; #user name to test, as know to mySql
db=Baseball; #database to use
table=Abbott; #table name to build
password=first; #password to assign gilbert
die ()
{
echo 1>&2 "$id: $*";
exit 1;
}
id=`basename $0`; #our script name
echo "$id: creating mySql tables in $db database"
id $user || die "USER $user IS NOT PRESENT";
### VERIFY THAT THE .my.cnf FILE DOES NOT EXIST
for u in $user; do
eval "cnf=~${u}/\$my_cnf"; #standard configuration file for `mysql`
if [ -f $cnf ]; then
die "$cnf CONFIGURATION FILE EXISTS";
fi
done
echo " ======= create database and set password ======="
echo "update user set Password=PASSWORD('$password') where user='$user';"
/usr/bin/mysql -u root<<EOF; ### --host=$host
drop database if exists $db;
create database if not exists $db;
use $db;
create table if not exists $table
(
position character(20) not null,
player character(20)
);
grant all privileges on $db.* to $user identified by "$password" with grant option;
insert into $table values ( 'First', 'Who' );
insert into $table values ( 'Second', 'What' );
insert into $table values ( 'Third', "I Don't Know" );
insert into $table values ( 'Catcher', 'Today' );
use mysql
update user set Password=PASSWORD("$password") where user="$user";
flush privileges;
# SET PASSWORD FOR $user=PASSWORD("$password");
# flush privileges;
select * from user where User = "$user";
select * from db where User = "$user";
#### show encrypted version of this password
select password("$password");
EOF
status=$?; #save mySql exit status
echo " ====== showing access permissions "
if [ $status -eq 0 ]; then
mysqlaccess "$user" "$db"
status=$?
fi
echo " ======= testing selection under -u $user ======="
### this does not work, but I don't see why. The .html documentation
### seems to claim that is is a bad password (see previous mysqlaccess error),
### but the password sure looks good to me.
/usr/bin/mysql -u $user -p$password $db <<EOF; ### --host=$host
select * from $db;
EOF
if [ $status -eq 0 ]; then
echo "===== showing basic database info ====="
mysqlshow -u$user -p$password $db $table
status=$?
fi
if [ $status -eq 0 ]; then
echo "$id: successful AmpWaveUsers database creation"
else
echo "$id: DID NOT PROPERLY CREATE AmpWave DATABASE"
fi
exit $status;
#end
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <mysql-unsubscribe-##L=##[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
