Recently, when trying to setup this blog, I got stuck with an unusual error. When granting permission to new user for wordpress database, it gave Access denied error.
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wordpressblog.* TO wordpressuser@localhost;
ERROR 1044 (42000): Access denied for user 'root'@'localhost' to database 'wordpressblog'
This doesn’t make sense, since root is supposed to have all the access. And I have created users before, and given them access, with same user and on same machine.
Searching online, or asking in couple of help channels didn’t help much, so, to debug the exact permission that might be giving me error, I tried checking the GRANTs and it turned out I was missing SHOW CREATE ROUTINE GRANT.
After that it was simple to just replace GRANT ALL with the exact list of GRANTs. Though after finding the problem, it turns out it’s a new GRANT added in Mariadb and is mentioned in the Release Notes for 11.3.2. To quote:
Note that upgrading from earlier versions will leave all users, including root and other users with
ALL PRIVILEGES ON *.*, andALL PRIVILEGES ON db.*, without the SHOW CREATE ROUTINE privilege. While the users with read privileges onmysql.procwill be have the effective privileges ofSHOW CREATE ROUTINE, they are unable toGRANTthem.To gain the privileges back on a global user, e.g.
root@localhost:
- Start server with skip-grant-tables as a configuration option
- Run
mariadb client- Execute
FLUSH PRIVILEGES- Execute
GRANT ALL ON *.* TOroot@localhostWITH GRANT OPTION- Remove the
skip-grant-tablesoption from the configuration file.To re-gain a database level privileges, using a user with
SHOW CREATE ROUTINEon*.*executeGRANT ALL ON db.* TO user].optionallyWITH GRANT OPTION
In hindsight, that’s a very simple issue, but it stumped me for quite a bit. Hence sharing it so it can be helpful to others.
Leave a Reply