Re: Replication and Grants nightmare

Victoria Reznichenko Fri, 30 Apr 2004 06:35:02 -0700

Nico Sabbi <[EMAIL PROTECTED]> wrote:
> 
> Hi,
> I'm running mysql-max 4.0.18 on two servers on separate networks, master is A 
> and slave is B.
> 
> The problem is that if I don't grant on the master the full range of 
> privileges to the slave the replication doesn't even start.
> Even worse is the fact that grants seems to be totally managed at random, 
> as you can see:
> 
> (A and B obviously are fake names).
> mysql A> GRANT REPLICATION SLAVE, REPLICATION CLIENT, SUPER, RELOAD on  *.* TO 
> 'replica'@'B' IDENTIFIED BY PASSWORD '715a443962d324cc';
> 
> OK
> 
> mysql A> show grants for replica@'B';
> +----------------------------------------------------------------------------------------------------------------+
> | Grants for [EMAIL PROTECTED]                                                       
>                       
> |
> +----------------------------------------------------------------------------------------------------------------+
> | GRANT RELOAD ON *.* TO 'replica'@'B' IDENTIFIED BY PASSWORD 
> '715a443962d324cc' WITH GRANT OPTION |
> +----------------------------------------------------------------------------------------------------------------+
> 1 row in set (0.00 sec)
> 
> - I didn't grant (yet) any option, so why does it say 'WITH GRANT OPTION' ?
> - where have all the other privileges gone? they vanished
> 
> mysql A> revoke ALL PRIVILEGES on *.* from replica@'B'; # identified by 
> 'RC_rpl!';
> Query OK, 0 rows affected (0.00 sec)
> 
> mysql A> flush privileges;
> Query OK, 0 rows affected (0.00 sec)
> 
> mysql A> show grants for replica@'B';
> +--------------------------------------------------------------------------------------------------------------------------------------------------------------+
> | Grants for [EMAIL PROTECTED]                                                       
>                                                                     
> |
> +--------------------------------------------------------------------------------------------------------------------------------------------------------------+
> | GRANT SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES ON *.* TO 
> 'replica'@'B' IDENTIFIED BY PASSWORD '715a443962d324cc' WITH GRANT OPTION |
> +--------------------------------------------------------------------------------------------------------------------------------------------------------------+
> 1 row in set (0.00 sec)
> 
> where did it take these rights from? I revoked them all
> 
> 
> 
> Now the replication part:
> 
> mysql A> GRANT super, reload, replication client, replication slave ON *.* TO 
> 'replica'@'B' IDENTIFIED BY PASSWORD '715a443962d324cc' WITH GRANT OPTION;
> Query OK, 0 rows affected (0.00 sec)
> 
> mysql A> flush privileges;
> Query OK, 0 rows affected (0.00 sec)
> 
> these are the logs on B:
> 040430 11:10:34  InnoDB: Started
> /usr/sbin/mysqld-max: ready for connections.
> Version: '4.0.18-Max-log'  socket: '/var/lib/mysql/mysql.sock'  port: 3306
> 040430 11:10:34  Slave I/O thread: connected to master '[EMAIL PROTECTED]:3306',  
> replication started in log 'db-bin.3321' at position 34997604
> 040430 11:10:34  While trying to obtain the list of slaves from the master 
> 'A:3306', user 'replica' got the following error: 'Access denied. You need 
> the REPLICATION SLAVE privilege for this operation'
> 040430 11:10:34  Slave I/O thread exiting, read up to log 'db-bin.3321', 
> position 34997604
> 
> 
> What is going wrong?
>


Hmm..
Your queries worked fine for me:

ANT REPLICATION SLAVE, REPLICATION CLIENT, SUPER, RELOAD ON *.* TO 'replica'@'B' 
IDENTIFIED BY PASSWORD '715a443962d324cc';
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for replica@'B';
+------------------------------------------------------------------------------------------------------------------------------+
| Grants for [EMAIL PROTECTED]                                                         
                                                |
+------------------------------------------------------------------------------------------------------------------------------+
| GRANT RELOAD, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'replica'@'B' 
IDENTIFIED BY PASSWORD '715a443962d324cc' |
+------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.01 sec)

mysql> revoke ALL PRIVILEGES ON *.* FROM replica@'B';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for replica@'B';
+-------------------------------------------------------------------------------+
| Grants for [EMAIL PROTECTED]                                                         
 |
+-------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'replica'@'B' IDENTIFIED BY PASSWORD '715a443962d324cc' |
+-------------------------------------------------------------------------------+
1 row in set (0.00 sec)

Did you have account for 'replica'@'B' before?
Are the above queries exact that you used?
Which OS do you use?


-- 
For technical support contracts, goto https://order.mysql.com/?ref=ensita
This email is sponsored by Ensita.net http://www.ensita.net/
   __  ___     ___ ____  __
  /  |/  /_ __/ __/ __ \/ /    Victoria Reznichenko
 / /|_/ / // /\ \/ /_/ / /__   [EMAIL PROTECTED]
/_/  /_/\_, /___/\___\_\___/   MySQL AB / Ensita.net
       <___/   www.mysql.com





-- 
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]

Re: Replication and Grants nightmare

Reply via email to