rep1 would gain FILE access to all ( not sure what the really entails ) it would not have SELECT access, so can not read from it
mind you if they have enough info to get in with rep1 access, then they could just replicate everything on thier own server and read till thier hearts content -----Original Message----- From: Thi Cao [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 12:04 PM To: Thi Cao Cc: MySQL Subject: RE: MySQL Database Replication ds, If I understand you correctly, that also means that the user repl can access the mysql database where all the privilege info is stored and see the permissions, passwords, and such. Yes/No? Thi -----Original Message----- From: ds [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 11:02 AM To: Thi Cao Cc: MySQL Subject: RE: MySQL Database Replication On Wed, 2002-03-06 at 14:26, Thi Cao wrote: > When I grant privileges as follows, the slave gets updated: > > GRANT FILE ON *.* to repl@'%' identified by 'some_password'; > > Could someone please tell me why I must grant the FILE privilege on all > databases for the repl (slave) to be able to update one particular database? MySQL Manual: 4.2.7 Privileges Provided by MySQL: The file privilege gives you permission to read and write files on the server using the LOAD DATA INFILE and SELECT ... INTO OUTFILE statements. Any user to whom this privilege is granted can read or write any file that the MySQL server can read or write. 4.10.3 How To Set Up Replication 2. Set up special a replication user on the master with the FILE privilege and permission to connect from all the slaves. If the user is only doing replication (which is recommended), you don't need to grant any additional privileges. For example, to create a user named repl which can access your master from any host, you might use this command: GRANT FILE ON *.* TO repl@"%" IDENTIFIED BY '<password>'; > > Thi Cao wrote: > > > > Hello everyone, > > > > This is my first attempt at MySQL database replication. Can't seem to get > > it to work yet. The problem reported in the error log of the slave server > > is as follows: > > > > Error reading packet from server: Access denied for user > 'repl@slave_host' > > (Using password: YES) (read_errno 0,server_errno=1045) > > > > I believe it has something to do with the way I granted privileges to the > > user repl. I did the following: > > > > GRANT FILE ON dbname.* to repl@'%' identified by 'some_password'; > > > > Did you do a FLUSH PRIVILIGES after that? That is needed in some cases. You don't need to flush privileges when using grant/revoke commands. -- dsoares (sql) --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php