Dan Nelson wrote:
> In the last episode (Apr 29), Lou Olsten said:
>>I thought I had a handle on this, but now I'm all screwed up.
>>Windows 2000 Server
>> I'm trying to create a user roby with a password of 'foo' with access
>> to everything. Here's what happens:
>>- Sign in as root on the local host.
>>- GRANT ALL PRIVILEGES ON *.* TO roby@'%' IDENTIFIED BY 'foo' WITH GRANT OPTION;
>>- On same machine, try to login with: mysql -u roby -pfoo -h localhost
>>- Receive: ERROR 1045 (28000): Access denied for user: 'roby'@'localhost' (Using
> password: YES)
> Remember that localhost is a special keyword that refers to the
> unix-domain socket, and will not be matched with a wildcard '%' hostname.
> Use -h 127.0.0.1 or -h <publicip> if you are on the same machine as the
> server and want to test remote privs.
This is incorrect. You are right that localhost is the unix socket, but %
will match localhost if there is not a more specific alternative. The
problem is that user@host matching is done host first, and the default mysql
install creates an anonymous user ''@localhost. So, if you have entries for
''@localhost and joe@%, it's ''@localhost which matches when joe connects
from localhost. If joe@% is the only possible match, however (no entries
for ''@localhost or joe@localhost), then it will match.