>>>>> "Douglas" == Douglas Brantz <brantzdr@stripped> writes:
Douglas> Sorry if I was not clear on my mail about adding new users. I will try
Douglas> giving a clearer description of what I have done.
Douglas> I am using the latest release of Mysql binary install with Linux
Douglas> Mandrake 6.0.
Douglas> After installing Mysql, I logged in as root user and created a user "me"
Douglas> with all priv. for mysql. So in Mysql Mysql the user me has all priv.
Douglas> host is "%" password("pass") etc. with everything else selected with
Douglas> "Y". Ok, as user "me" I created a database called "database" and then I
Douglas> created a table called "table". Now, I can access this database as user
Douglas> "me" with "me's" password. This works great. Even mysqlaccess tells me
Douglas> that the user "me" must use a password to access the database
Douglas> Now, I want to create more users to access this new database and table
Douglas> created by the user "me". So I log into mysql mysql as "me" and add a
Douglas> few new users with passwords and limited priv. Now, even though these
Douglas> new users have passwords in the user table and I have them added to the
Douglas> database table to access "database" created by "me" when I look at each
Douglas> user through mysqlaccess it seems to report back that anyone can access
Douglas> the database "database" with any of the new users username and no
Douglas> password and it also states that anyone can access the database
Douglas> "database" as anonymous. So, now I have removed all the new user
Douglas> created with the user "me".
Douglas> I am sorry to bother everyone with this again. I'll take another look
Douglas> at the user's manual. I think I am adding the users correctly, I even
Douglas> reload and still it seems that adding new users as user "me" seems to
Douglas> create security problems for my new database titled "database". (By the
Douglas> way- "database", "table" & "me" are not the real names- I am just using
Douglas> them to explain the situation.)
Douglas> So say I create a user titled "john" with password "xyz" in the mysql
Douglas> mysql database with the user "me" and I add john to the table database
Douglas> to use "database". I then type at the command line;
Douglas> mysql -u john -p xyz "database" and it will say access denied.
Douglas> If I type;
Douglas> mysql -u john "database" it will allow john to access the database
Douglas> without supplying a password.
Douglas> I guess my big question is should I be doing all the adding of users and
Douglas> priv of users as the root user in mysql and not as the "me" user?
Douglas> Does Mysql check its users against the linux OS user table? maybe this
Douglas> is my problem. Well, I know my problem is that I am trying to take the
Douglas> easy way out and ask the experts on-line and I am not taking the time to
Douglas> read the manual close enough.
Douglas> I'll probably spend Saturday trying to figure this out and I don't mind
Douglas> because Mysql is worth it.
It would be nice if you had included a full test of what you did and
what didn't work.
mysql> create database foo;
Query OK, 1 row affected (0.01 sec)
mysql> grant all privileges on foo.* to me@localhost with grant option;
Query OK, 0 rows affected (0.07 sec)
mysql> grant all privileges on foo.* to other@localhost identified by "hello";
Query OK, 0 rows affected (3.07 sec)
(/my/monty/sql-3.22) mysql -u other foo
ERROR 1045: Access denied for user: 'other@localhost' (Using password: NO)
(/my/monty/sql-3.22) mysql -u other -p"hello" foo
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4 to server version: 3.23.4-alpha-debug
Type 'help' for help.
At least this works as expected in MySQL 3.23.4