RE: Missing Entries
-Original Message- From: Neil Aggarwal n...@jammconsulting.com Sent: 10 December 2009 01:19 To: mysql@lists.mysql.com Subject: RE: Missing Entries Carlos: I was checking my fresh install of MySQL and noticed I had empt spaces or missing entries in some sections when I did a search for users on the 'mysql' database. According to this page: http://dev.mysql.com/doc/mysql-security-excerpt/5.4/en/default-privileges.ht ml If you want to prevent clients from connecting as anonymous users without a password, you should either assign a password to each anonymous account or else remove the accounts. We I do a MySQL install, I always go into the mysql client as root and issue these commands: use mysql; delete from user where Password=''; flush privileges; quit; Be careful doing this on a fresh install, if you don't set passwords for root first you will delete all the initial root accounts too! You really should read the installation section of the manual. Your issue is simple because the installation has not been secured. It removes those accounts. Neil === John Daisley MySQL 5.0 Certified Database Administrator (CMDBA) MySQL 5.0 Certified Developer Cognos BI Developer Telephone: +44(0)1283 537111 Mobile: +44(0)7812 451238 Email: john.dais...@butterflysystems.co.uk === Sent via HP IPAQ mobile device -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql?unsub=arch...@jab.org
RE: Missing Entries
delete from user where Password=''; Be careful doing this on a fresh install, if you don't set passwords for root first you will delete all the initial root accounts too! That is a good point. I always set the root password first. I just assumed that he would do that firt, but it is good to be clear. Thanks, Neil -- Neil Aggarwal, (281)846-8957, http://UnmeteredVPS.net Host your MySQL database on a CentOS VPS for $25/mo Unmetered bandwidth = no overage charges, 7 day free trial -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql?unsub=arch...@jab.org
Re: Missing Entries
I already set the root password for the MySQL root user. That is why in my 1st email you see the encrypted password listed for root in localhost, mail, 127.0.0.1. Thanks for all your info. I followed Neil's steps and it worked perfect...after I realised that those were two 's and not a single quote () at the end of the delete command. Thanks for your support! -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql?unsub=arch...@jab.org
RE: Missing Entries
I'm on my mobile so can't give you a link but you should read the reference manual section on 'post-installation setup and testing'. Regards John Daisley. -Original Message- From: Carlos Williams carlosw...@gmail.com Sent: 09 December 2009 21:16 To: mysql@lists.mysql.com Subject: Missing Entries I was checking my fresh install of MySQL and noticed I had empt spaces or missing entries in some sections when I did a search for users on the 'mysql' database. I checked the MySQL FAQ's and Google and nothing gave me what I am looking for. I can't understand what this entries are blank for: mysql select User, Password, Host, Insert_priv from user; ++---+---+-+ | User | Password | Host | Insert_priv | ++---+---+-+ | root | *FDCCC9BE5FC366E7D9714988DBC7F111A950C428 | localhost | Y | | root | *FDCCC9BE5FC366E7D9714988DBC7F111A950C428 | mail | Y | | root | *FDCCC9BE5FC366E7D9714988DBC7F111A950C428 | 127.0.0.1 | Y | | | | localhost | N | | | | mail | N | | carlos | *FDCCC9BE5FC366E7D9714988DBC7F111A950C428 | localhost | N | ++---+---+-+ I see there are 3 root users: - localhost - mail (hostname) - 127.0.0.1 (localhost IP) But after that there are two entries that are blank for 'localhost' 'mail'. Does anyone know what they are and if I can remove them. They appear useless and clutter my database. Sorry, I am OCD. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=john.dais...@butterflysystems.co.uk -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql?unsub=arch...@jab.org
RE: Missing Entries
Carlos: I was checking my fresh install of MySQL and noticed I had empt spaces or missing entries in some sections when I did a search for users on the 'mysql' database. According to this page: http://dev.mysql.com/doc/mysql-security-excerpt/5.4/en/default-privileges.ht ml If you want to prevent clients from connecting as anonymous users without a password, you should either assign a password to each anonymous account or else remove the accounts. We I do a MySQL install, I always go into the mysql client as root and issue these commands: use mysql; delete from user where Password=''; flush privileges; quit; It removes those accounts. Neil -- Neil Aggarwal, (281)846-8957, http://UnmeteredVPS.net Host your MySQL database on a CentOS VPS for $25/mo Unmetered bandwidth = no overage charges, 7 day free trial -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql?unsub=arch...@jab.org
