At 9:25 -0800 12/8/02, Ryan McDougall wrote:
>Hi thanx for the details... Ok I know I am thick... and for some reason I
>cannot get my head around this, let me try to explain what I want to do then
>maybe you can tell me its possible and how it is possible.
>I want to create a user that can be creative as he wants... allow
>him to create
>ANY databases he wants and delete them if he no longer needs them, but at that
>same time not be able to mess with ANY other privileges or anyone elses DBs.
That's not how it works. You can grant privileges for "any database",
but you can't grant privileges for "any database except certain databases".
One thing that may help is that you can use a pattern to specify the
database name in the GRANT statement. Then the user can create any database
that has a name matching the pattern. For example, GRANT ALL ON "xyz%".* ...
will allow the user to create and mess with any database having a name
that begins with "xyz".
>The only other way I can think of it to compare it to a windows
>say I'm in Windows and I start up MS Access... Now with me being a
>I can create any DB I want and do whatever I want to the DBs I've created (as
>long as its not in a read only folder) but I can't see or do
>anything to to the
>other peoples creations becuase I don't have permissions to do so.
>Am I going to have to, as root or another super user, create his DBs for him
>and then give him privileges to them? I just don't get how that sort of
>situation works in a production environment. But then again in a production
>environment you don't usually have people just creating DBs at will.
>Again sorry for my complete lack of understanding on this and
>stupidity, but my
>brain just will not wrap itself around this issue.
You're probably trying to understand the MySQL privilege system as analogous
to some other type of privilege system. Try to understand it as itself and
you'll probably get farther.
>Thanx for all the help so far,