Skip to content

M
MariaDB
Commit 8b5ddf22 authored by unknown's avatar unknown
Browse files
Options

Don't give the anonymous user create temp table or lock tables privileges. 

SET PASSWORD=... closed connection on error.


Docs/manual.texi:
  Changelog
mysql-test/r/rpl_rotate_logs.result:
  Fixed test
scripts/mysql_fix_privilege_tables.sh:
  Don't give the anonymous user create temp table or lock tables privileges.
sql/set_var.cc:
  SET PASSWORD=... closed connection on error, because MySQL sent the error message twice.
sql/set_var.h:
  SET PASSWORD=... closed connection on error, because MySQL sent the error message twice.
sql/sql_acl.cc:
  Added function comment
sql/sql_db.cc:
  Change type of variable
sql/sql_parse.cc:
  SET PASSWORD=... closed connection on error, because MySQL sent the error message twice.
tests/grant.pl:
  Updated grant test case to work with latest MySQL version
tests/grant.res:
  updated test results
parent 86ce202f
Show whitespace changes
Inline Side-by-side
Showing with 103 additions and 84 deletions
Docs/manual.texi
View file @ 8b5ddf22
...@@ -50448,6 +50448,9 @@ each individual 4.0.x release. ...@@ -50448,6 +50448,9 @@ each individual 4.0.x release.
@itemize @bullet @itemize @bullet
@item @item
@code{SET PASSWORD FOR ...} closed the connection in case of errors (bug
from 4.0.3).
@item
Increased max possible @code{max_allowed_packet} in @code{mysqld} to 1G. Increased max possible @code{max_allowed_packet} in @code{mysqld} to 1G.
@item @item
Fixed bug when doing a multi-line @code{INSERT} on a table with an Fixed bug when doing a multi-line @code{INSERT} on a table with an
mysql-test/r/rpl_rotate_logs.result
View file @ 8b5ddf22
...@@ -80,4 +80,4 @@ select count(*) from t3 where n >= 4; ...@@ -80,4 +80,4 @@ select count(*) from t3 where n >= 4;
count(*) count(*)
100 100
unlock tables; unlock tables;
drop table if exists t1,t2,t3; drop table if exists t1,t2,t3,t4;
scripts/mysql_fix_privilege_tables.sh
View file @ 8b5ddf22
...@@ -160,7 +160,7 @@ then ...@@ -160,7 +160,7 @@ then
echo "" echo ""
echo "Updating new privileges in MySQL 4.0.2 from old ones" echo "Updating new privileges in MySQL 4.0.2 from old ones"
@bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA @bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv; update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv where user<>"";
END_OF_DATA END_OF_DATA
echo "" echo ""
fi fi
......
sql/set_var.cc
View file @ 8b5ddf22
...@@ -896,7 +896,7 @@ byte *sys_var_thd_enum::value_ptr(THD *thd, enum_var_type type) ...@@ -896,7 +896,7 @@ byte *sys_var_thd_enum::value_ptr(THD *thd, enum_var_type type)
bool sys_var_thd_bit::update(THD *thd, set_var *var) bool sys_var_thd_bit::update(THD *thd, set_var *var)
{ {
bool res= (*update_func)(thd, var); int res= (*update_func)(thd, var);
thd->lex.select_lex.options=thd->options; thd->lex.select_lex.options=thd->options;
return res; return res;
} }
...@@ -1010,7 +1010,7 @@ byte *sys_var_insert_id::value_ptr(THD *thd, enum_var_type type) ...@@ -1010,7 +1010,7 @@ byte *sys_var_insert_id::value_ptr(THD *thd, enum_var_type type)
bool sys_var_slave_skip_counter::check(THD *thd, set_var *var) bool sys_var_slave_skip_counter::check(THD *thd, set_var *var)
{ {
bool result=0; int result= 0;
LOCK_ACTIVE_MI; LOCK_ACTIVE_MI;
pthread_mutex_lock(&active_mi->rli.run_lock); pthread_mutex_lock(&active_mi->rli.run_lock);
if (active_mi->rli.slave_running) if (active_mi->rli.slave_running)
...@@ -1236,26 +1236,24 @@ sys_var *find_sys_var(const char *str, uint length) ...@@ -1236,26 +1236,24 @@ sys_var *find_sys_var(const char *str, uint length)
RETURN VALUE RETURN VALUE
0 ok 0 ok
1 Something got wrong (normally no variables was updated) 1 ERROR, message sent (normally no variables was updated)
-1 ERROR, message not sent
*/ */
bool sql_set_variables(THD *thd, List<set_var_base> *var_list) int sql_set_variables(THD *thd, List<set_var_base> *var_list)
{ {
bool error=0; int error= 0;
List_iterator<set_var_base> it(*var_list); List_iterator<set_var_base> it(*var_list);
set_var_base *var; set_var_base *var;
while ((var=it++)) while ((var=it++))
{ {
if (var->check(thd)) if ((error=var->check(thd)))
return 1; return error;
} }
it.rewind(); it.rewind();
while ((var=it++)) while ((var=it++))
{ error|= var->update(thd); // Returns 0, -1 or 1
if (var->update(thd))
error=1;
}
return error; return error;
} }
...@@ -1264,14 +1262,14 @@ bool sql_set_variables(THD *thd, List<set_var_base> *var_list) ...@@ -1264,14 +1262,14 @@ bool sql_set_variables(THD *thd, List<set_var_base> *var_list)
Functions to handle SET mysql_internal_variable=const_expr Functions to handle SET mysql_internal_variable=const_expr
*****************************************************************************/ *****************************************************************************/
bool set_var::check(THD *thd) int set_var::check(THD *thd)
{ {
if (var->check_type(type)) if (var->check_type(type))
{ {
my_error(type == OPT_GLOBAL ? ER_LOCAL_VARIABLE : ER_GLOBAL_VARIABLE, my_error(type == OPT_GLOBAL ? ER_LOCAL_VARIABLE : ER_GLOBAL_VARIABLE,
MYF(0), MYF(0),
var->name); var->name);
return 1; return -1;
} }
if ((type == OPT_GLOBAL && check_global_access(thd, SUPER_ACL))) if ((type == OPT_GLOBAL && check_global_access(thd, SUPER_ACL)))
return 1; return 1;
...@@ -1282,28 +1280,29 @@ bool set_var::check(THD *thd) ...@@ -1282,28 +1280,29 @@ bool set_var::check(THD *thd)
if (var->check_default(type)) if (var->check_default(type))
{ {
my_error(ER_NO_DEFAULT, MYF(0), var->name); my_error(ER_NO_DEFAULT, MYF(0), var->name);
return 1; return -1;
} }
return 0; return 0;
} }
if (value->fix_fields(thd,0)) if (value->fix_fields(thd,0))
return 1; return -1;
if (var->check_update_type(value->result_type())) if (var->check_update_type(value->result_type()))
{ {
my_error(ER_WRONG_TYPE_FOR_VAR, MYF(0), var->name); my_error(ER_WRONG_TYPE_FOR_VAR, MYF(0), var->name);
return 1; return -1;
} }
return var->check(thd, this); return var->check(thd, this) ? -1 : 0;
} }
bool set_var::update(THD *thd) int set_var::update(THD *thd)
{ {
int error;
if (!value) if (!value)
var->set_default(thd, type); var->set_default(thd, type);
else if (var->update(thd, this)) else if (var->update(thd, this))
return 1; // should never happen return -1; // should never happen
if (var->after_update) if (var->after_update)
(*var->after_update)(thd, type); (*var->after_update)(thd, type);
return 0; return 0;
...@@ -1314,19 +1313,19 @@ bool set_var::update(THD *thd) ...@@ -1314,19 +1313,19 @@ bool set_var::update(THD *thd)
Functions to handle SET @user_variable=const_expr Functions to handle SET @user_variable=const_expr
*****************************************************************************/ *****************************************************************************/
bool set_var_user::check(THD *thd) int set_var_user::check(THD *thd)
{ {
return user_var_item->fix_fields(thd,0); return user_var_item->fix_fields(thd,0) ? -1 : 0;
} }
bool set_var_user::update(THD *thd) int set_var_user::update(THD *thd)
{ {
if (user_var_item->update()) if (user_var_item->update())
{ {
/* Give an error if it's not given already */ /* Give an error if it's not given already */
send_error(&thd->net, ER_SET_CONSTANTS_ONLY); my_error(ER_SET_CONSTANTS_ONLY, MYF(0));
return 1; return -1;
} }
return 0; return 0;
} }
...@@ -1336,16 +1335,19 @@ bool set_var_user::update(THD *thd) ...@@ -1336,16 +1335,19 @@ bool set_var_user::update(THD *thd)
Functions to handle SET PASSWORD Functions to handle SET PASSWORD
*****************************************************************************/ *****************************************************************************/
bool set_var_password::check(THD *thd) int set_var_password::check(THD *thd)
{ {
if (!user->host.str) if (!user->host.str)
user->host.str= (char*) thd->host_or_ip; user->host.str= (char*) thd->host_or_ip;
return check_change_password(thd, user->host.str, user->user.str); /* Returns 1 as the function sends error to client */
return check_change_password(thd, user->host.str, user->user.str) ? 1 : 0;
} }
bool set_var_password::update(THD *thd) int set_var_password::update(THD *thd)
{ {
return change_password(thd, user->host.str, user->user.str, password); /* Returns 1 as the function sends error to client */
return (change_password(thd, user->host.str, user->user.str, password) ?
1 : 0);
} }
/**************************************************************************** /****************************************************************************
......
sql/set_var.h
View file @ 8b5ddf22
...@@ -359,8 +359,8 @@ class set_var_base :public Sql_alloc ...@@ -359,8 +359,8 @@ class set_var_base :public Sql_alloc
public: public:
set_var_base() {} set_var_base() {}
virtual ~set_var_base() {} virtual ~set_var_base() {}
virtual bool check(THD *thd)=0; /* To check privileges etc. */ virtual int check(THD *thd)=0; /* To check privileges etc. */
virtual bool update(THD *thd)=0; /* To set the value */ virtual int update(THD *thd)=0; /* To set the value */
}; };
...@@ -394,8 +394,8 @@ class set_var :public set_var_base ...@@ -394,8 +394,8 @@ class set_var :public set_var_base
else else
value=value_arg; value=value_arg;
} }
bool check(THD *thd); int check(THD *thd);
bool update(THD *thd); int update(THD *thd);
}; };
...@@ -408,8 +408,8 @@ class set_var_user: public set_var_base ...@@ -408,8 +408,8 @@ class set_var_user: public set_var_base
set_var_user(Item_func_set_user_var *item) set_var_user(Item_func_set_user_var *item)
:user_var_item(item) :user_var_item(item)
{} {}
bool check(THD *thd); int check(THD *thd);
bool update(THD *thd); int update(THD *thd);
}; };
/* For SET PASSWORD */ /* For SET PASSWORD */
...@@ -422,8 +422,8 @@ class set_var_password: public set_var_base ...@@ -422,8 +422,8 @@ class set_var_password: public set_var_base
set_var_password(LEX_USER *user_arg,char *password_arg) set_var_password(LEX_USER *user_arg,char *password_arg)
:user(user_arg), password(password_arg) :user(user_arg), password(password_arg)
{} {}
bool check(THD *thd); int check(THD *thd);
bool update(THD *thd); int update(THD *thd);
}; };
...@@ -434,7 +434,7 @@ class set_var_password: public set_var_base ...@@ -434,7 +434,7 @@ class set_var_password: public set_var_base
void set_var_init(); void set_var_init();
void set_var_free(); void set_var_free();
sys_var *find_sys_var(const char *str, uint length=0); sys_var *find_sys_var(const char *str, uint length=0);
bool sql_set_variables(THD *thd, List<set_var_base> *var_list); int sql_set_variables(THD *thd, List<set_var_base> *var_list);
void fix_delay_key_write(THD *thd, enum_var_type type); void fix_delay_key_write(THD *thd, enum_var_type type);
extern sys_var_str sys_charset; extern sys_var_str sys_charset;
sql/sql_acl.cc
View file @ 8b5ddf22
...@@ -783,7 +783,6 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip, ...@@ -783,7 +783,6 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip,
db_access=0; host_access= ~0; db_access=0; host_access= ~0;
char key[ACL_KEY_LENGTH],*tmp_db,*end; char key[ACL_KEY_LENGTH],*tmp_db,*end;
acl_entry *entry; acl_entry *entry;
THD *thd= current_thd;
VOID(pthread_mutex_lock(&acl_cache->lock)); VOID(pthread_mutex_lock(&acl_cache->lock));
memcpy_fixed(&key,bin_ip,sizeof(struct in_addr)); memcpy_fixed(&key,bin_ip,sizeof(struct in_addr));
...@@ -1015,6 +1014,21 @@ bool check_change_password(THD *thd, const char *host, const char *user) ...@@ -1015,6 +1014,21 @@ bool check_change_password(THD *thd, const char *host, const char *user)
} }
/*
Change a password for a user
SYNOPSIS
change_password()
thd Thread handle
host Hostname
user User name
new_password New password for host@user
RETURN VALUES
0 ok
1 ERROR; In this case the error is sent to the client.
*/
bool change_password(THD *thd, const char *host, const char *user, bool change_password(THD *thd, const char *host, const char *user,
char *new_password) char *new_password)
{ {
......
sql/sql_db.cc
View file @ 8b5ddf22
...@@ -332,7 +332,7 @@ bool mysql_change_db(THD *thd,const char *name) ...@@ -332,7 +332,7 @@ bool mysql_change_db(THD *thd,const char *name)
int length, db_length; int length, db_length;
char *dbname=my_strdup((char*) name,MYF(MY_WME)); char *dbname=my_strdup((char*) name,MYF(MY_WME));
char path[FN_REFLEN]; char path[FN_REFLEN];
uint db_access; ulong db_access;
DBUG_ENTER("mysql_change_db"); DBUG_ENTER("mysql_change_db");
if (!dbname || !(db_length=strip_sp(dbname))) if (!dbname || !(db_length=strip_sp(dbname)))
......
sql/sql_parse.cc
View file @ 8b5ddf22
...@@ -2202,9 +2202,7 @@ mysql_execute_command(void) ...@@ -2202,9 +2202,7 @@ mysql_execute_command(void)
break; break;
} }
case SQLCOM_SET_OPTION: case SQLCOM_SET_OPTION:
if (sql_set_variables(thd, &lex->var_list)) if (!(res=sql_set_variables(thd, &lex->var_list)))
res= -1;
else
send_ok(&thd->net); send_ok(&thd->net);
break; break;
case SQLCOM_UNLOCK_TABLES: case SQLCOM_UNLOCK_TABLES:
......
tests/grant.pl
View file @ 8b5ddf22
...@@ -435,8 +435,9 @@ user_connect(0); ...@@ -435,8 +435,9 @@ user_connect(0);
user_query("LOCK TABLES $opt_database.test3 READ"); user_query("LOCK TABLES $opt_database.test3 READ");
user_query("UNLOCK TABLES"); user_query("UNLOCK TABLES");
safe_query("revoke SELECT,INSERT,UPDATE,DELETE on $opt_database.test3 from $user"); safe_query("revoke SELECT,INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
user_connect(1); user_connect(0);
safe_query("revoke LOCK TABLES on *.* from $user"); safe_query("revoke LOCK TABLES on *.* from $user");
user_connect(1);
safe_query("drop table $opt_database.test3"); safe_query("drop table $opt_database.test3");
# #
......
tests/grant.res
View file @ 8b5ddf22
...@@ -27,11 +27,11 @@ show grants for grant_user@localhost ...@@ -27,11 +27,11 @@ show grants for grant_user@localhost
GRANT SELECT ON *.* TO 'grant_user'@'localhost' GRANT SELECT ON *.* TO 'grant_user'@'localhost'
insert into mysql.user (host,user) values ('error','grant_user') insert into mysql.user (host,user) values ('error','grant_user')
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' Error in execute: insert command denied to user: 'grant_user@localhost' for table 'user'
update mysql.user set host='error' WHERE user='grant_user' update mysql.user set host='error' WHERE user='grant_user'
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' Error in execute: update command denied to user: 'grant_user@localhost' for table 'user'
create table grant_test.test (a int,b int) create table grant_test.test (a int,b int)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: create command denied to user: 'grant_user@localhost' for table 'test'
grant select on *.* to grant_user2@localhost grant select on *.* to grant_user2@localhost
Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO) Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO)
revoke select on grant_test.test from grant_user@opt_host revoke select on grant_test.test from grant_user@opt_host
...@@ -99,28 +99,28 @@ select * from mysql.user where user = 'grant_user' ...@@ -99,28 +99,28 @@ select * from mysql.user where user = 'grant_user'
localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0 localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0
select * from mysql.db where user = 'grant_user' select * from mysql.db where user = 'grant_user'
localhost grant_test grant_user Y N N N N N N N N N localhost grant_test grant_user Y N N N N N N N N N N N
Connecting grant_user Connecting grant_user
select count(*) from grant_test.test select count(*) from grant_test.test
2 2
select * from mysql.user where user = 'grant_user' select * from mysql.user where user = 'grant_user'
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' Error in execute: select command denied to user: 'grant_user@localhost' for table 'user'
insert into grant_test.test values (4,0) insert into grant_test.test values (4,0)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: insert command denied to user: 'grant_user@localhost' for table 'test'
update grant_test.test set a=1 update grant_test.test set a=1
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: update command denied to user: 'grant_user@localhost' for table 'test'
delete from grant_test.test delete from grant_test.test
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test'
create table grant_test.test2 (a int) create table grant_test.test2 (a int)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: create command denied to user: 'grant_user@localhost' for table 'test2'
ALTER TABLE grant_test.test add c int ALTER TABLE grant_test.test add c int
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: alter command denied to user: 'grant_user@localhost' for table 'test'
CREATE INDEX dummy ON grant_test.test (a) CREATE INDEX dummy ON grant_test.test (a)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: index command denied to user: 'grant_user@localhost' for table 'test'
drop table grant_test.test drop table grant_test.test
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: drop command denied to user: 'grant_user@localhost' for table 'test'
grant ALL PRIVILEGES on grant_test.* to grant_user2@localhost grant ALL PRIVILEGES on grant_test.* to grant_user2@localhost
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test'
grant ALL PRIVILEGES on grant_test.* to grant_user@localhost WITH GRANT OPTION grant ALL PRIVILEGES on grant_test.* to grant_user@localhost WITH GRANT OPTION
...@@ -133,14 +133,14 @@ REVOKE ALL PRIVILEGES on grant_test.* from grant_user@localhost ...@@ -133,14 +133,14 @@ REVOKE ALL PRIVILEGES on grant_test.* from grant_user@localhost
REVOKE ALL PRIVILEGES on grant_test.* from grant_user@localhost REVOKE ALL PRIVILEGES on grant_test.* from grant_user@localhost
Connecting grant_user Connecting grant_user
insert into grant_test.test values (6,0) insert into grant_test.test values (6,0)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: insert command denied to user: 'grant_user@localhost' for table 'test'
REVOKE GRANT OPTION on grant_test.* from grant_user@localhost REVOKE GRANT OPTION on grant_test.* from grant_user@localhost
Connecting grant_user Connecting grant_user
Access denied for user: 'grant_user@localhost' to database 'grant_test' Access denied for user: 'grant_user@localhost' to database 'grant_test'
grant ALL PRIVILEGES on grant_test.* to grant_user@localhost grant ALL PRIVILEGES on grant_test.* to grant_user@localhost
Connecting grant_user Connecting grant_user
select * from mysql.user where user = 'grant_user' select * from mysql.user where user = 'grant_user'
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' Error in execute: select command denied to user: 'grant_user@localhost' for table 'user'
insert into grant_test.test values (7,0) insert into grant_test.test values (7,0)
update grant_test.test set a=3 where a=2 update grant_test.test set a=3 where a=2
delete from grant_test.test where a=3 delete from grant_test.test where a=3
...@@ -152,7 +152,7 @@ show tables from grant_test ...@@ -152,7 +152,7 @@ show tables from grant_test
test test
insert into mysql.user (host,user) values ('error','grant_user',0) insert into mysql.user (host,user) values ('error','grant_user',0)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' Error in execute: insert command denied to user: 'grant_user@localhost' for table 'user'
revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost
select * from mysql.user where user = 'grant_user' select * from mysql.user where user = 'grant_user'
localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0 localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0
...@@ -190,11 +190,11 @@ delete from grant_test.test ...@@ -190,11 +190,11 @@ delete from grant_test.test
Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test' Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test'
grant delete on grant_test.test to grant_user@localhost grant delete on grant_test.test to grant_user@localhost
delete from grant_test.test where a=1 delete from grant_test.test where a=1
Error in execute: select command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
update grant_test.test set b=3 where b=1 update grant_test.test set b=3 where b=1
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
update grant_test.test set b=b+1 update grant_test.test set b=b+1
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
select * from test select * from test
Error in execute: select command denied to user: 'grant_user@localhost' for table 'test' Error in execute: select command denied to user: 'grant_user@localhost' for table 'test'
grant select on grant_test.test to grant_user@localhost grant select on grant_test.test to grant_user@localhost
...@@ -267,7 +267,7 @@ Error in execute: Access denied for user: 'grant_user@localhost' to database 'gr ...@@ -267,7 +267,7 @@ Error in execute: Access denied for user: 'grant_user@localhost' to database 'gr
drop database grant_test drop database grant_test
Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test'
flush tables flush tables
Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO) Error in execute: Access denied. You need the RELOAD privilege for this operation
flush privileges flush privileges
select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv
localhost grant_test grant_user test2 root@localhost Update,Delete,Create,Grant,Index,Alter Insert localhost grant_test grant_user test2 root@localhost Update,Delete,Create,Grant,Index,Alter Insert
...@@ -291,15 +291,15 @@ grant update(b),delete on grant_test.test to grant_user@localhost ...@@ -291,15 +291,15 @@ grant update(b),delete on grant_test.test to grant_user@localhost
revoke update(a) on grant_test.test from grant_user@localhost revoke update(a) on grant_test.test from grant_user@localhost
Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost' on table 'test' Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost' on table 'test'
delete from grant_test.test where a=2 delete from grant_test.test where a=2
Error in execute: select command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
update test set b=5 where b>0 update test set b=5 where b>0
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
grant select(a),select(b) on grant_test.test to grant_user@localhost grant select(a),select(b) on grant_test.test to grant_user@localhost
delete from grant_test.test where a=2 delete from grant_test.test where a=2
delete from grant_test.test where A=2 delete from grant_test.test where A=2
update test set b=5 where b>0 update test set b=5 where b>0
update test set a=11 where b>5 update test set a=11 where b>5
Error in execute: update command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: UPDATE command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
select a,A from test select a,A from test
8 8 8 8
5 5 5 5
...@@ -313,8 +313,8 @@ select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.t ...@@ -313,8 +313,8 @@ select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.t
revoke GRANT OPTION on grant_test.test from grant_user@localhost revoke GRANT OPTION on grant_test.test from grant_user@localhost
Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost' on table 'test' Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost' on table 'test'
grant select(a) on grant_test.test to grant_user@localhost grant select(a) on grant_test.test to grant_user@localhost
show columns from test show full columns from test
a int(11) YES NULL a int(11) YES NULL select
b int(11) YES NULL b int(11) YES NULL
grant insert (b), update (b) on grant_test.test to grant_user@localhost grant insert (b), update (b) on grant_test.test to grant_user@localhost
...@@ -333,19 +333,19 @@ update test set b=3 where a > 0 ...@@ -333,19 +333,19 @@ update test set b=3 where a > 0
select * from test select * from test
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
select b from test select b from test
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
select a from test where b > 0 select a from test where b > 0
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
insert into test (a) values (10) insert into test (a) values (10)
Error in execute: insert command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: INSERT command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
insert into test (b) values (b) insert into test (b) values (b)
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
insert into test (a,b) values (1,5) insert into test (a,b) values (1,5)
Error in execute: insert command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: INSERT command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
insert into test (b) values (1),(b) insert into test (b) values (1),(b)
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
update test set b=3 where b > 0 update test set b=3 where b > 0
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv
localhost grant_test grant_user test root@localhost Select,Insert,Update localhost grant_test grant_user test root@localhost Select,Insert,Update
...@@ -379,13 +379,13 @@ localhost grant_test grant_user test b Select,Insert,Update ...@@ -379,13 +379,13 @@ localhost grant_test grant_user test b Select,Insert,Update
localhost grant_test grant_user test a Select,Update localhost grant_test grant_user test a Select,Update
insert into test (a,b) values (12,12) insert into test (a,b) values (12,12)
Error in execute: insert command denied to user: 'grant_user@localhost' for column 'a' in table 'test' Error in execute: INSERT command denied to user: 'grant_user@localhost' for column 'a' in table 'test'
grant insert on grant_test.* to grant_user@localhost grant insert on grant_test.* to grant_user@localhost
Connecting grant_user Connecting grant_user
insert into test (a,b) values (13,13) insert into test (a,b) values (13,13)
revoke select(b) on grant_test.test from grant_user@localhost revoke select(b) on grant_test.test from grant_user@localhost
select count(a) from test where a+b > 0 select count(a) from test where a+b > 0
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
update test set b=5 where a=2 update test set b=5 where a=2
grant select on grant_test.test to grant_user@localhost grant select on grant_test.test to grant_user@localhost
Connecting grant_user Connecting grant_user
...@@ -402,7 +402,7 @@ select count(a) from test where a+b > 0 ...@@ -402,7 +402,7 @@ select count(a) from test where a+b > 0
Error in execute: select command denied to user: 'grant_user@localhost' for table 'test' Error in execute: select command denied to user: 'grant_user@localhost' for table 'test'
grant select(a) on grant_test.test to grant_user@localhost grant select(a) on grant_test.test to grant_user@localhost
select count(a) from test where a+b > 0 select count(a) from test where a+b > 0
Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test'
grant select on *.* to grant_user@localhost grant select on *.* to grant_user@localhost
Connecting grant_user Connecting grant_user
select count(a) from test where a+b > 0 select count(a) from test where a+b > 0
...@@ -415,7 +415,7 @@ select count(a) from test where a+b > 0 ...@@ -415,7 +415,7 @@ select count(a) from test where a+b > 0
4 4
select * from mysql.db where user = 'grant_user' select * from mysql.db where user = 'grant_user'
localhost grant_test grant_user N Y N N N N N N N N localhost grant_test grant_user N Y N N N N N N N N N N
select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user' select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user'
localhost grant_test grant_user test root@localhost Select,Insert,Update localhost grant_test grant_user test root@localhost Select,Insert,Update
...@@ -430,7 +430,7 @@ Error in execute: select command denied to user: 'grant_user@localhost' for tabl ...@@ -430,7 +430,7 @@ Error in execute: select command denied to user: 'grant_user@localhost' for tabl
select * from mysql.user select * from mysql.user
Error in execute: select command denied to user: 'grant_user@localhost' for table 'user' Error in execute: select command denied to user: 'grant_user@localhost' for table 'user'
select * from mysql.db where user = 'grant_user' select * from mysql.db where user = 'grant_user'
localhost grant_test grant_user N Y N N N N N N N N localhost grant_test grant_user N Y N N N N N N N N N N
select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user' select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user'
select Host, Db, User, Table_name, Column_name, Column_priv from mysql.columns_priv where user = 'grant_user' select Host, Db, User, Table_name, Column_name, Column_priv from mysql.columns_priv where user = 'grant_user'
...@@ -465,7 +465,7 @@ Error in execute: Access denied for user: 'grant_user@localhost' (Using password ...@@ -465,7 +465,7 @@ Error in execute: Access denied for user: 'grant_user@localhost' (Using password
grant SELECT on grant_test.test3 to grant_user@localhost grant SELECT on grant_test.test3 to grant_user@localhost
Connecting grant_user Connecting grant_user
LOCK TABLES grant_test.test3 READ LOCK TABLES grant_test.test3 READ
Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO) Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test'
grant LOCK TABLES on *.* to grant_user@localhost grant LOCK TABLES on *.* to grant_user@localhost
show grants for grant_user@localhost show grants for grant_user@localhost
GRANT LOCK TABLES ON *.* TO 'grant_user'@'localhost' GRANT LOCK TABLES ON *.* TO 'grant_user'@'localhost'
...@@ -480,8 +480,9 @@ LOCK TABLES grant_test.test3 READ ...@@ -480,8 +480,9 @@ LOCK TABLES grant_test.test3 READ
UNLOCK TABLES UNLOCK TABLES
revoke SELECT,INSERT,UPDATE,DELETE on grant_test.test3 from grant_user@localhost revoke SELECT,INSERT,UPDATE,DELETE on grant_test.test3 from grant_user@localhost
Connecting grant_user Connecting grant_user
Access denied for user: 'grant_user@localhost' to database 'grant_test'
revoke LOCK TABLES on *.* from grant_user@localhost revoke LOCK TABLES on *.* from grant_user@localhost
Connecting grant_user
Access denied for user: 'grant_user@localhost' to database 'grant_test'
drop table grant_test.test3 drop table grant_test.test3
show grants for grant_user@localhost show grants for grant_user@localhost
grant all on *.* to grant_user@localhost WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3 grant all on *.* to grant_user@localhost WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7