Global Information Incorporated
195 Farmington Ave.
Farmington, CT 06032
860.674.8796 / FAX: 860.674.8341
Web site: www.the-infoshop.com
>From: Joerg Bruehe [mailto:joerg.bruehe@stripped]
>Sent: Wednesday, January 19, 2011 2:56 PM
>To: Jerry Schwartz
>Subject: Re: Can't read dir of '.' (errno: 13)
>Jerry Schwartz wrote:
>>> -----Original Message-----
>>> From: Joerg Bruehe [mailto:joerg.bruehe@stripped]
>>> Sent: Wednesday, January 19, 2011 10:43 AM
>>> To: mysql@stripped
>>> Cc: Jerry Schwartz
>>> Subject: Re: Can't read dir of '.' (errno: 13)
>>> Jerry Schwartz wrote:
>>>> [JS] I have a related question: how can MySQL authenticate a user if
>>>> system permissions won't let it read any databases?
>>> To me, your question sounds like you forgot the difference between
>>> server and client:
>> [JS] I don't think so, but perhaps I misunderstood the source of the error
>> mysql> show databases ;
>> ERROR 1018 (HY000): Can't read dir of '.' (errno: 13)
>> Are you saying that the mysql CLI needs to read some directory ('.', in
>> case) in order to send mysqld a simple query like SHOW DATABASES? I would
>> it doesn't need a temporary file for that.
>No, I didn't say that.
>You say that "the mysql CLI ... send(s) mysqld a simple query ...", and
>that is correct: the client ("mysql") sends the command "show databases"
>to the server ("mysqld").
>To process this, the server has to check the file(s) and directory(ies)
>used to store the database contents, and one of those actions is to read
>the current directory.
>> Who is issuing the errno 13, the client or the daemon?
>AIUI, it is the server, encountering a permission problem.
>So the server encounters a problem, and it reports this back to the
>client who will then output the message.
>Your question that triggered my original reply was:
> how can MySQL authenticate a user if file system permissions
> won't let it read any databases?
>My original reply tried to make it obvious that the user (who is to be
>authenticated) is just a database concept, so this (maybe non-existing)
>user's (possibly missing) permissions in the operating system to read
>any OS object (file, directory) do not matter at all when the MySQL
>server does the authentication.
>It is the server (process) that needs the permissions to read (and
>write) database directories and files.
>Of course, if these permissions are missing, then the server cannot
>operate (and so also cannot authenticate a user), but that is a question
>of server setup and not of database user privileges.
[JS] Sorry, that still doesn't make sense to em. To authenticate the user,
mysqld needs to read the mysql database. That is also where the databases are
listed (in `mysql`.`db`). If the daemon can read `mysql`.`user`, why can't it
read `mysql`.`db`? It's a MyISAM database, so everything is in the same file.
What am I missing? Does SHOW DATABASES do something other than pull the
database names out of `mysql`.`db`?
>Joerg Bruehe, MySQL Build Team, joerg.bruehe@stripped
>ORACLE Deutschland B.V. & Co. KG, Komturstrasse 18a, D-12099 Berlin
>Geschaeftsfuehrer: Juergen Kunz, Marcel v.d. Molen, Alexander v.d. Ven
>Amtsgericht Muenchen: HRA 95603