ERROR 1044 (42000) ... 'root'@'%' 给mysql的root %用户添加grant权限

 

ERROR 1044 (42000): Access denied for user 'root'@'%'

--给mysql的root %用户添加grant权限。并给创建的用户赋予权限
select user,host,grant_priv from user;
update user set grant_priv='Y' where user='root';
flush privileges
show grants for 'root'@'%';
--mysql_upgrade -u root -p
--insert into mysql.user(Host,User,Password) values("localhost","root",password("1234"));

 

从供应商那边接手一个 MySQL 数据库（数据库版本为 5.7.21 MySQL Community Server (GPL) ），在创建账号时遇到了 “ ERROR 1044 (42000): Access denied for user 'root'@'localhost' to database xxx ” 错误，如下所示

 

 

mysql> grant all on xxx.* to xxx@'192.168.%' identified by 'xxx';

ERROR 1044 (42000): Access denied for user 'root'@'localhost' to database 'xxxx'

mysql>

 

照理说， root 用户应该有任何权限，那么为什么出现这个错误呢？ 查看当前用户为 root@localhost ，顺便查看了一下各个 root 账号的权限。如下所示：

 

 

mysql> select current_user() from dual;

+----------------+

| current_user() |

+----------------+

| root@localhost |

+----------------+

1 row in set (0.00 sec

mysql> select host,user from user where user='root';

+-----------+----------+

| host      | user     |

+-----------+----------+

| %         | root     |

| 127.0.0.1 | root     |

| ::1       | root     |

| localhost | root     |

+-----------+----------+

7 rows in set (0.00 sec)

mysql>  show grants for root@'localhost';

+--------------------------------------------------------------+

| Grants for root@localhost                                    |

+--------------------------------------------------------------+

| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost'            |

| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |

+--------------------------------------------------------------+

2 rows in set (0.00 sec)

mysql> show grants for root@'127.0.0.1';

+---------------------------------------------------------------------+

| Grants for root@127.0.0.1                                           |

+---------------------------------------------------------------------+

| GRANT ALL PRIVILEGES ON *.* TO 'root'@'127.0.0.1' WITH GRANT OPTION |

+---------------------------------------------------------------------+

1 row in set (0.00 sec)

mysql> show grants for root@'%';

+-------------------------------------------+

| Grants for root@%                         |

+-------------------------------------------+

| GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' |

+-------------------------------------------+

1 row in set (0.00 sec)

 

 

 

    如上所示， root@localhost 账号没有 WITH GRANT OPTION 选项，关于 WITH GRANT OPTION 选项，如果想让授权的用户，也可以将这些权限授予给其他用户，需要选项  “ WITH GRANT OPTION “   。也就是说有这个选项就可以将权限传递给第三方。这也是上面 root@localhost 用户 给其它用后授权报错的原因，如果以  root@127.0.0.1 登录（此账号拥有 WITHGRANT OPTION 选项），创建用户并授权就不会有这个错误，如下所示：

 

 

# mysql -host 127.0.0.1 -u root -p

Enter password:

mysql>  grant all on xxx.* to xxx@'192.168.%' identified by 'test1249';

Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

 

当然还有其它方面的原因也可能会引起这个错误，不过在这个案例当中，确实仅仅是因为上面原因引起。特此记录一下这个案例 @ ！

 

 

 

 

---

---

About Me