MySQL grant privileges has no effect

MySQLpermissions

I've executed the following queries:

GRANT USAGE ON my_db.* TO my_user@127.0.0.1 IDENTIFIED BY 'pass';
GRANT ALL ON my_db.* TO my_user@127.0.0.1;
GRANT SELECT, INSERT, UPDATE, DELETE ON my_db.* TO my_user@127.0.0.1;
FLUSH PRIVILEGES;

But they don't show up.

SHOW GRANTS FOR my_user@127.0.0.1;

results in

GRANT USAGE ON my_db.* TO my_user@127.0.0.1 IDENTIFIED BY '*123...';
GRANT ALL PRIVILEGES ON my_db.* TO my_user@127.0.0.1;

Best Answer

Aley,

GRANT ALL ON my_db.* TO my_user@127.0.0.1;

is a superset of:

GRANT SELECT, INSERT, UPDATE, DELETE ON my_db.* TO my_user@127.0.0.1;

So the last one is superfluous. You must understand that SHOW GRANTS do not show every grant query that you executed, and that in some specific cases, it may not show all grants for a user. That is something that can be very confusing in MySQL.

Also, another tip is that you do not need FLUSH PRIVILEGES; if you only use GRANT/CREATE/DROP keywords, only if you modify directly the mysql.* tables.

Related Solutions

Grant Table Privileges to a MySQL User Connecting from Any Host

When you execute GRANT SELECT ON store.catalog TO 'wordpress'@'%';, mysqld wants to insert a row into the grant table mysql.tables_priv. Here is mysql.tables_priv:

mysql> show create table mysql.tables_priv\G
*************************** 1. row ***************************
       Table: tables_priv
Create Table: CREATE TABLE `tables_priv` (
  `Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
  `Db` char(64) COLLATE utf8_bin NOT NULL DEFAULT '',
  `User` char(16) COLLATE utf8_bin NOT NULL DEFAULT '',
  `Table_name` char(64) COLLATE utf8_bin NOT NULL DEFAULT '',
  `Grantor` char(77) COLLATE utf8_bin NOT NULL DEFAULT '',
  `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  `Table_priv` set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create View','Show view','Trigger') CHARACTER SET utf8 NOT NULL DEFAULT '',
  `Column_priv` set('Select','Insert','Update','References') CHARACTER SET utf8 NOT NULL DEFAULT '',
  PRIMARY KEY (`Host`,`Db`,`User`,`Table_name`),
  KEY `Grantor` (`Grantor`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Table privileges'
1 row in set (0.00 sec)

mysql>

Since you want to insert a row into mysql.table_priv where user='wordpress' and host='%', there has to exist a row in mysql.user where user='wordpress' and host='%'.

You also mentioned that you are using MySQL Workbench. You must be using 'root'@'localhost'. That would usually have all rights and a password.

If you want to just allow anonymous SELECT against that table, first run this:

GRANT USAGE ON *.* TO 'wordpress'@'%';

This will place wordpress@'%' into mysql.user. Afterwards, GRANT SELECT ON store.catalog TO 'wordpress'@'%' should run just fine.

You will have to see what other wordpress entries are in mysql.user. This should show what SQL GRANT commands you need:

SELECT CONCAT('GRANT SELECT ON store.catalog TO ',userhost,';') GrantCommand
FROM
(
    SELECT CONCAT('''',user,'''@''',host,'''') userhost
    FROM mysql.user WHERE user='wordpress'
) A;

Oracle SQL create view privileges

To grant privilege to create a view:

GRANT CREATE VIEW TO STD01;

To grant the DML privileges:

GRANT SELECT,UPDATE,INSERT,DELETE ON STD00.CUSTOMER TO STD01;

But that's not all of the object privileges. If you did:

GRANT ALL ON STD00.CUSTOMER TO STD01;

you would also give other privileges such as ALTER, INDEX, FLASHBACK, etc.

Best Answer

Related Solutions

Grant Table Privileges to a MySQL User Connecting from Any Host

Oracle SQL create view privileges

Related Question