Hello.
MySQL 4.1.0 is not respecting the registered privileges.
Before I switch back to the last stable version, I would like to know if
there is a workaround to my problem or if other persons have met the
same problems. Following is the description of the troubles.
I have installed MySQL 4.1.0-alpha-standard on Linux (RH 7.3 and RH 9).
I installed it from scratch using the MySQL tarball. After the installation,
I transfered by 'tar' the 4.03 databases (MyISAM and InnoDB) into the
'data' directory of MySQL4.1. I didn't transfer the MySQL privileges
database mysql (mysql.user, mysql.db, etc)'. So I am working with the
privileges 'format' of 4.1 and mysql_fix_privilege_tables is not needed.
I use MySQL 4.1 because of the subselect feature.
I have 7 databases and 2 users plus root. For each database, I grant
all privileges to the user for all host ('%'). Each user always use the same
password for all the databases.
"show databases" displays an incorrect list of databases. Each user lists a
database it should not, and doesn't show all the databases it should.
Same thing with 'use <database>' : the access is denied for some databases
for which the user s granted 'all privileges'.
An example from the client:
===========================
[EMAIL PROTECTED]<64> mysql -p -u archive -h dbserver
Enter password:
mysql> select user();
+---------------------------+
| user() |
+---------------------------+
| [EMAIL PROTECTED] |
+---------------------------+
mysql> show grants for archive;
| Grants for [EMAIL PROTECTED]
...
GRANT USAGE ON *.* TO 'archive'@'%' IDENTIFIED BY PASSWORD '*blabla...'
| GRANT ALL PRIVILEGES ON `dbancien`.* TO 'archive'@'%'
| GRANT ALL PRIVILEGES ON `dbrecent2`.* TO 'archive'@'%'
| GRANT ALL PRIVILEGES ON `dbcourant`.* TO 'archive'@'%'
| GRANT ALL PRIVILEGES ON `dbcourant`.* TO 'archive'@'%'
mysql> use cctest
Database changed ======> should not be possible (should not work) !
mysql> use dbcourant ======> works according to the privileges
Database changed
mysql> use dbancien
ERROR 1044: Access denied for user: '[EMAIL PROTECTED]' to database 'dbancien'
======> should work, because all privileges are granted
mysql> show databases;
+-----------+
| Database |
+-----------+
| cctest | ===> 'dbancien' should be displayed instead of cctest
| dbcourant |
| dbrecent1 |
| dbrecent2 |
+-----------+
On the server now:
==================
Following are some coloumns of the defined privileges :
[EMAIL PROTECTED] data]# mysql -p -u root
Enter password:
mysql> select version();
+----------------------+
| version() |
+----------------------+
| 4.1.0-alpha-standard |
+----------------------+
1 row in set (0.00 sec)
mysql> use mysql
mysql> select user,host from user;
+---------+-----------+
| user | host |
+---------+-----------+
| archive | % |
| ccsql | % |
| root | dbserver |
| root | localhost |
+---------+-----------+
4 rows in set (0.00 sec)
mysql> select user,host,db from db;
+---------+------+----------------+
| user | host | db |
+---------+------+----------------+
| ccsql | % | cctandem |
| ccsql | % | cctandemOnline |
| ccsql | % | cctest |
| archive | % | dbancien |
| archive | % | dbcourant |
| archive | % | dbrecent1 |
| archive | % | dbrecent2 |
+---------+------+----------------+
7 rows in set (0.00 sec)
Any idea ?
Thanks in advance.
Christophe.
--
***
Christophe DIARRA
Institut de Physique Nucleaire
15, Rue Georges Clemenceau
Bat 102 - S2I
91406 ORSAY Cedex
Tel: (33) 1 69 15 65 60
Fax: (33) 1 69 15 64 70
E-mail: [EMAIL PROTECTED]
***
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
