April 12

MySQL: How to GRANT privileges in MySQL

For the purpose of this article, we are going to use the ‘SELECT’ privilege. All code provided are examples. You will want to make sure that you change:

database to the database name you are using.
username to your database user.
password to a strong password unique to that user. Please read our article: Strong Password Guidelines.

Start by logging into your server via SSH and logging into MySQL entering the following:

mysql -u admin -p`cat /etc/psa/.psa.shadow`

The prompt should now look like this:

mysql>

Enter the following if the database user already exists.:
GRANT SELECT ON database.* TO user@’localhost’;

If you intend to create a brand new user, then run this:
GRANT SELECT ON database.* TO user@’localhost’ IDENTIFIED BY ‘password’;

To enable more options, you would separate them with a comma. So to enable SELECT, INSERT, and DELETE your syntax would look like this:
GRANT SELECT, INSERT, DELETE ON database TO username@’localhost’ IDENTIFIED BY ‘password’;

Once you have given the desired privileges for your user, you will need to run this command within the MySQL command prompt:
FLUSH PRIVILEGES;

To see a list of the privileges that have been granted to a specific user:
select * from mysql.user where User=’username’;

This is a list of privileges that you can grant:
Privilege Meaning
ALL [PRIVILEGES] Sets all simple privileges except GRANT OPTION
ALTER Enables use of ALTER TABLE
CREATE Enables use of CREATE TABLE
CREATE TEMPORARY TABLES Enables use of CREATE TEMPORARY TABLE
DELETE Enables use of DELETE
DROP Enables use of DROP TABLE
EXECUTE Not implemented
FILE Enables use of SELECT … INTO OUTFILE and LOAD DATA INFILE
INDEX Enables use of CREATE INDEX and DROP INDEX
INSERT Enables use of INSERT
LOCK TABLES Enables use of LOCK TABLES on tables for which you have the SELECT privilege
PROCESS Enables the user to see all processes with SHOW PROCESSLIST
REFERENCES Not implemented
RELOAD Enables use of FLUSH
REPLICATION CLIENT Enables the user to ask where slave or master servers are
REPLICATION SLAVE Needed for replication slaves (to read binary log events from the master)
SELECT Enables use of SELECT
SHOW DATABASES SHOW DATABASES shows all databases
SHUTDOWN Enables use of MySQLadmin shutdown
SUPER Enables use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL statements, the MySQLadmin debug command; allows you to connect (once) even if max_connections is reached
UPDATE Enables use of UPDATE
USAGE Synonym for privileges
GRANT OPTION Enables privileges to be granted


Copyright 2021. All rights reserved.

Posted April 12, 2012 by Timothy Conrad in category "Databases

About the Author

If I were to describe myself with one word it would be, creative. I am interested in almost everything which keeps me rather busy. Here you will find some of my technical musings. Securely email me using - PGP: 4CB8 91EB 0C0A A530 3BE9 6D76 B076 96F1 6135 0A1B