Jump to content

Recommended Posts

There's an --ignore-table option

 

mysqldump -u username -p database --ignore-table=database.table1 --ignore-table=database.table2 > database.sql

 

IS this the only way , i mean is there any other option through which i can pre set my tables to ignored category before anyone takes a complete backup ?

First off, my apology if my English is not good for you.

 

1. Well, before getting into specifics of the GRANT statement, take a look at the statement that grants all rights on the database named test to user jazzman, jazzman's password is "password"

 

mysql > GRANT ALL ON test.* TO jazzman@localhost IDENTIFIED BY "password";

 

The first part of the GRANT statement can take the word - ALL. Most often you will be granting rights to use sql staments ( SELECT, CREATE, DELETE, DROP, INDEX, INSERT and UPDATE).

 

The second one (ON test.*) identifies where privileges will be applied.

Learn more about them at an address -> http://dev.mysql.com...iv_grant-option

 

The third one (TO jazzman@localhost) indicates the user to be given access. Note, that MySQL needs both a name and a host, separated by the "@" symbol.

 

The last one, IDENTIFIED BY gives the user a password.

 

Here is what the user and db tables would look like for the user - "jazzman"

 

Open a mysql console and go to the mysql table:

 

Example:

[jazzman@localhost ~]$ mysql --host=localhost --user=jazzman --password=password --port=3306

mysql> use mysql
Database changed

mysql> SELECT * FROM user WHERE user='jazzman' \G
*************************** 1. row ***************************
			 Host: localhost
			 User: jazzman
		 Password: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
	 Select_priv: Y
	 Insert_priv: Y
	 Update_priv: Y
	 Delete_priv: Y
	 Create_priv: Y
		Drop_priv: Y
	 Reload_priv: Y
	Shutdown_priv: Y
	 Process_priv: Y
		File_priv: Y
	 Grant_priv: Y
 References_priv: Y
	 Index_priv: Y
	 Alter_priv: Y
	 Show_db_priv: Y
	 Super_priv: Y
Create_tmp_table_priv: Y
 Lock_tables_priv: Y
	 Execute_priv: Y
 Repl_slave_priv: Y
 Repl_client_priv: Y
 Create_view_priv: Y
 Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
 Create_user_priv: Y
	 Event_priv: Y
	 Trigger_priv: Y
		 ssl_type:
	 ssl_cipher:
	 x509_issuer:
	 x509_subject:
	max_questions: 0
	 max_updates: 0
 max_connections: 0
max_user_connections: 0
1 row in set (0.00 sec)

mysql> SELECT * FROM db WHERE user='jazzman' \G
*************************** 1. row ***************************
			 Host: localhost
			 Db: test
			 User: jazzman
	 Select_priv: Y
	 Insert_priv: Y
	 Update_priv: Y
	 Delete_priv: Y
	 Create_priv: Y
		Drop_priv: Y
	 Grant_priv: N
 References_priv: Y
	 Index_priv: Y
	 Alter_priv: Y
Create_tmp_table_priv: Y
 Lock_tables_priv: Y
 Create_view_priv: Y
 Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
	 Execute_priv: Y
	 Event_priv: Y
	 Trigger_priv: Y
3 rows in set (0.00 sec)

 

 

As you can see from a log, I retrieve all information that I need to know about the user named - "jazzman".

For my test database, the permissions granted by the above statement may be ok if jazzman is the administrator of that application.

In this particular example jazzman have all rights on the database named - test.

What I want to do is creating a table in this database named - product.

After that I want to remove some of jazzman's privileges on this table, for this example - DELETE statement, to do this you could use REVOKE statement.

mysql > CREATE TABLE `product` (
`id` int(11) NOT NULL,
`name` varchar(40) DEFAULT NULL,
`purchase_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=11 DEFAULT CHARSET=latin1;

mysql > INSERT INTO `test`.`product` VALUES (1,'Lawn Mower',1),(2,'Greenhouse',1),(3,'Paving slab',2),(4,'BBQ',2),(5,'Chainsaw',5),
(6,'Power-MP3 5gb',2),(7,'Super-Player 1gb',3),(8,'Porta CD',3),(9,'36\" TV',1),(10,'Family Talk 360',5);

RESULTS:

mysql> use test;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed

mysql> SELECT * FROM test.product
-> ;
+----+------------------+-------------+
| id | name			 | purchase_id |
+----+------------------+-------------+
| 1 | Lawn Mower	 |		 1 |
| 2 | Greenhouse	 |		 1 |
| 3 | Paving slab	 |		 2 |
| 4 | BBQ			 |		 2 |
| 5 | Chainsaw		 |		 5 |
| 6 | Power-MP3 5gb	|	 2 |
| 7 | Super-Player 1gb |		 3 |
| 8 | Porta CD		 |		 3 |
| 9 | 36" TV		 |		 1 |
| 10 | Family Talk 360 |		 5 |
+----+------------------+-------------+
10 rows in set (0.00 sec)

 

Granting all rights on that table to jazzman I ran that code:

mysql> GRANT ALL ON test.product TO jazzman@localhost IDENTIFIED BY "password";
Query OK, 0 rows affected (0.02 sec)

 

To remove DELETE privileges from jazzman to this particular table you can run the following:

mysql> REVOKE DELETE ON test.product FROM jazzman@localhost;
Query OK, 0 rows affected (0.00 sec)

 

To see the exact grants available at a given time, all you to know is the username and host:

As you can see from the mysql log, there is no delete pivileges to jazzman.

 

mysql> SHOW GRANTS FOR jazzman@localhost

Results:

GRANT SELECT, INSERT, UPDATE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `test`.`product` TO 'jazzman'@'localhost'

 

You need to load the grant table to the MySQL memory to get effect into it.

 

mysql> FLUSH privileges;
Query OK, 0 rows affected (0.00 sec)

 

After all of that , you have to log off then log on from mysql console - CTRL + D

 

Now if I try to delete the username with an id 1 from a test.product table, I got denied access.

 

mysql> DELETE FROM test.product WHERE id=1;
ERROR 1142 (42000): DELETE command denied to user 'jazzman'@'localhost' for table 'product'

 

I think you could use this one as a sample.

 

You can find much more details about privileges at mysql.com website.

 

Good luck

Edited by jazzman1
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.