patternsqlMinor
What is the mysql.db table used for?
Viewed 0 times
thewhatusedmysqlfortable
Problem
Related to my MySQL issue
I have a user with USAGE grant in mysql.user, but in mysql.db this user has Select, Insert, Update, Delete. Thus the user can successfully query the database.
I can't find any information about how this mysql.db works, is it like some kind of cached permission in there ? Will a mysqld restart flush it ?
I have a user with USAGE grant in mysql.user, but in mysql.db this user has Select, Insert, Update, Delete. Thus the user can successfully query the database.
I can't find any information about how this mysql.db works, is it like some kind of cached permission in there ? Will a mysqld restart flush it ?
mysql> show grants for user@'xx.xx.xx.%';
+-------------------------------------------------------------------------------------------------------------------------------+
| Grants for user@xx.xx.xx.% |
+-------------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user'@'xx.xx.xx.%' IDENTIFIED BY PASSWORD 'xxx' REQUIRE SSL |
mysql> select host,db,user, select_priv,update_priv,delete_priv from
mysql.db where user='user';
| host | db | user | select_priv | update_priv | delete_priv |
| xx.xx.xx.1 | myDB | user | Y | Y | YSolution
From the docs,
So the user
To remove entries from this table, likewise you need to specify the database:
Issuing a
Also, a
mysql.db is the table that handles database-specific GRANTS. That is to say, if you explicitly indicated a database in your GRANT command, it would show up in this table:GRANT SELECT, INSERT ON foo.* TO `bar`@`localhost`;So the user
bar@localhost would have SELECT and INSERT marked as 'Y' in the mysql.db table.To remove entries from this table, likewise you need to specify the database:
REVOKE SELECT, INSERT ON foo.* FROM `bar`@`localhost`;Issuing a
REVOKE INSERT ON . statement (all databases) will not affect this table.Also, a
DROP USER statement will clean up all the entries in the various mysql.* tables that deal with user authentication, such as mysql.db.Code Snippets
GRANT SELECT, INSERT ON foo.* TO `bar`@`localhost`;REVOKE SELECT, INSERT ON foo.* FROM `bar`@`localhost`;Context
StackExchange Database Administrators Q#13327, answer score: 7
Revisions (0)
No revisions yet.