Closed
Description
After upgrading to version 5.6.46, the user MYSQL_USER is not allowed to create a new schema. This has been working since a long time for us, even with previous version 5.6.45.
The statement below throws the error Error Code: 1044. Access denied for user 'myUser'@'%' to database 'test' when running 5.6.46.
CREATE SCHEMA IF NOT EXISTS test;MySQL container is spec in docker-file like this:
mysql:
image: mysql:5.6
container_name: mysql.docker
environment:
MYSQL_ROOT_PASSWORD: "password"
MYSQL_USER: "myUser"
MYSQL_PASSWORD: "password"
MYSQL_DATABASE: "sample_db"
ports:
- 3306:3306The privileges for the user MYSQL_USER seems the same in both MySQL versions:
5.6.46:
show grants for 'myUser';
-- Grants for myUser@%
-- 'GRANT USAGE ON *.* TO \'myUser\'@\'%\' IDENTIFIED BY PASSWORD <secret>'
-- 'GRANT ALL PRIVILEGES ON `sample_db`.* TO \'myUser\'@\'%\''
SELECT * FROM information_schema.user_privileges;
-- GRANTEE, TABLE_CATALOG, PRIVILEGE_TYPE, IS_GRANTABLE
-- '\'myUser\'@\'%\'', 'def', 'USAGE', 'NO'SELECT * FROM information_schema.schema_privileges;
-- # GRANTEE, TABLE_CATALOG, TABLE_SCHEMA, PRIVILEGE_TYPE, IS_GRANTABLE
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'SELECT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'INSERT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'UPDATE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'DELETE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'DROP', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'REFERENCES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'INDEX', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'ALTER', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE TEMPORARY TABLES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'LOCK TABLES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'EXECUTE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE VIEW', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'SHOW VIEW', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE ROUTINE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'ALTER ROUTINE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'EVENT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'TRIGGER', 'NO'
5.6.45:
show grants for 'myUser';
-- # Grants for myUser@%
-- 'GRANT USAGE ON *.* TO \'myUser\'@\'%\' IDENTIFIED BY PASSWORD <secret>'
-- 'GRANT ALL PRIVILEGES ON `sample_db`.* TO \'myUser\'@\'%\''SELECT * FROM information_schema.user_privileges;
-- # GRANTEE, TABLE_CATALOG, PRIVILEGE_TYPE, IS_GRANTABLE
-- '\'myUser\'@\'%\'', 'def', 'USAGE', 'NO'SELECT * FROM information_schema.schema_privileges;
-- # GRANTEE, TABLE_CATALOG, TABLE_SCHEMA, PRIVILEGE_TYPE, IS_GRANTABLE
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'SELECT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'INSERT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'UPDATE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'DELETE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'DROP', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'REFERENCES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'INDEX', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'ALTER', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE TEMPORARY TABLES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'LOCK TABLES', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'EXECUTE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE VIEW', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'SHOW VIEW', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'CREATE ROUTINE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'ALTER ROUTINE', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'EVENT', 'NO'
-- '\'myUser\'@\'%\'', 'def', 'sample_db', 'TRIGGER', 'NO'Is this change expected? If so, what should I do to grant MYSQL_USER privileges to create new schemas?
Metadata
Metadata
Assignees
Labels
No labels