Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!eternal-september.org!feeder.eternal-september.org!.POSTED!not-for-mail From: Tim Watts Newsgroups: comp.databases.mysql Subject: Re: MySQL user management vs PostgreSQL Followup-To: comp.databases.mysql Date: Mon, 18 Apr 2011 07:21:06 +0100 Organization: A noiseless patient Spider Lines: 37 Message-ID: References: <5drr78-heq.ln1@squidward.dionic.net> Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7Bit Injection-Info: mx03.eternal-september.org; posting-host="kHX9rhoSmWiebfP2nANw7w"; logging-data="32208"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Aw6pWbmn7Bvb5DZvhtDmUCsk6bkS5ROI=" User-Agent: KNode/4.4.6 Cancel-Lock: sha1:2kat3JnmV3pHgIAuiB7uTm9Fkdw= Xref: x330-a1.tempe.blueboxinc.net comp.databases.mysql:569 Jerry Stuckle wrote: Hi Jerry, > You don't. If you want them to have to use a password, you need to > specify the password in the grant for that host. Right - so I was right in thinking that was how it was behaving... > MySQL is not PostGres and it's authentication works differently. And > DB2, Oracle and SQL Server each work differently, also. Yep. > Now, with that said, you *could* just insert the row into the > mysql.users table, taking the password from an existing row for that > user. But you have to be very careful and know what you're doing when > dealing with the mysql.xxx tables - you can easily leave yourself with > an non-working system. > I think I will have to do that - as a sysadmin, I don't want to be calling the user for their password everytime this happens (often). Sounds like a handy stored procedure could be written to do this - I'll look into that. Longer term, I'll probably rationalise the whole thing so accounts have access from entire sub-networks instead of host by host. Pity they didn't have a nice option for "dup the password" on grant :( Thanks for your help. Cheers, Tim -- Tim Watts