Thursday, November 15, 2007

Adding New Users to MySQL

by Jeff Hunter, Sr. Database Administrator

You can add new users to MySQL in two different ways: by using the GRANT statement or my manipulating the MySQL grant tables directly. The preferred method is to use the GRANT statement because they are more concise and less error-prone.

The following examples show how to use the mysql client to set up new users. These examples assume that privileges are set up according to the defaults provided in the previous MySQL DBA Tip, "Setting Up the Initial MySQL Privileges". This means that to make changes, you must be on the same machine where mysqld is running, you must connect as teh MySQL root user, and the root user must have the insert privilege for the mysql database and the reload administrative privilege. Also, if you have changed the root user password, you must specify it for the following mysql commands:

You can add new users by issuing GRANT statements:

  % mysql -u root mysql
mysql> GRANT ALL PRIVILEGES ON *.* TO oracle@localhost
-> IDENTIFIED BY 'manager' WITH GRANT OPTION;

mysql> GRANT ALL PRIVILEGES ON *.* TO oracle@"%"
-> IDENTIFIED BY 'manager' WITH GRANT OPTION;

mysql> GRANT RELOAD, PROCESS ON *.* TO admin@localhost;

mysql> GRANT USAGE ON *.* TO dummy@localhost;

The GRANT statements (above) create and set up three new users:

  • oracle
    A full superuser who can connect to the server from anywhere, but who must use a password 'manager' to do so. Note that we must issue GRANT statements for both oracle@localhost and oracle@"%". If we don't add the entry with localhost, the anonymous user entry for localhost that is create by mysql_install_db will take precedence when we connect from the local host because it has a more specific Host field value and thus comes earlier in the user table sort order.
  • admin
    A user who can connect from localhost without a password and who is granted the reload and process administrative privileges. This allows the user to execute the mysqladmin reload, mysqladmin refresh, and mysqladmin flush_* commands, as well as mysqladmin processlist. No database-related privileges are granted. (They can be granted later by issuing additional GRANT statements.)
  • dummy
    A user who can connect without a password, but only from the local host. The global privileges are all set to 'N' - the usage privilege type allows you to create a user with no privileges. It is assumed that you will grant database-specific privileges later

Centos 7 reset root/ any user lost password / lockout due to cant remember password

1. Need to be in front of the terminal. (Physically if not vm). 2. Reboot the server 3. Press 'e' in the GRUB2 boot screen. 3. bunch...