I want to create a user, which will be an admin in my classicmodels
database. I want that my admin user can create other user accounts and assign them only to classicmodels
database. I have already done the following steps:
create user admin@'%' identified by 'qwerty';
grant all privileges on classicmodels.* to admin@'%' with grant option;
flush privileges;
show grants for admin@'%':
GRANT USAGE ON *.*
TO 'admin'@'%' IDENTIFIED BY PASSWORD
GRANT ALL PRIVILEGES ON classicmodels.* TO 'admin'@'%' WITH GRANT OPTION
Now logged in as admin:
use classicmodels;
create user user1@'%' identified by 'qwerty';
ERROR 1227 (42000): Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
I don't see, where I'm doing mistake. I've given all privileges to admin in step 3, when I was logged in as root. Thanks in advance.
You have given all privileges for a database (schema) in specific and not globally.
Run the following queries and check the results.
SELECT * FROM `mysql`.`db` WHERE `User` = 'admin' AND `Host` = '%';
SELECT * FROM `mysql`.`user` WHERE `User` = 'admin' AND `Host` = '%';
...
... To use this statement, you must have the global CREATE USER privilege or the INSERT privilege for the mysql database. ...
...
UPDATE
...
The CREATE TABLESPACE, CREATE USER, FILE, PROCESS, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW DATABASES, SHUTDOWN, and SUPER privileges are administrative and can only be granted globally.
...
You need to do the following:
GRANT CREATE USER ON *.* TO 'admin'@'%';
FLUSH PRIVILEGES;
mysql> SHOW GRANTS FOR 'admin'@'%';
+------------------------------------------------------------------------------------------------------------+
| Grants for admin@% |
+------------------------------------------------------------------------------------------------------------+
| GRANT CREATE USER ON *.* TO 'admin'@'%' IDENTIFIED BY PASSWORD '*AA1420F182E88B9E5F874F6FBE7459291E8F4601' |
| GRANT ALL PRIVILEGES ON `classicmodels`.* TO 'admin'@'%' WITH GRANT OPTION |
+------------------------------------------------------------------------------------------------------------+
2 rows in set (0,00 sec)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.