8.8. mysqlaccess — Client for Checking Access Privileges

MySQL 5.0

previous page next page

8.8. mysqlaccess — Client for Checking Access Privileges

mysqlaccess is a diagnostic tool that Yves Carlier has provided for the MySQL distribution. It checks the access privileges for a hostname, username, and database combination. Note that mysqlaccess checks access using only the user, db, and host tables. It does not check table, column, or routine privileges specified in the tables_priv, columns_priv, or procs_priv tables.

Invoke mysqlaccess like this:

shell> mysqlaccess [host_name [user_name [db_name]]] [options]

mysqlaccess understands the following options:

--help, -?

Display a help message and exit.

--brief, -b

Generate reports in single-line tabular format.

--commit

Copy the new access privileges from the temporary tables to the original grant tables. The grant tables must be flushed for the new privileges to take effect. (For example, execute a mysqladmin reload command.)

--copy

Reload the temporary grant tables from original ones.

--db=db_name, -d db_name

Specify the database name.

--debug=N

Specify the debug level. N can be an integer from 0 to 3.

--host=host_name, -h host_name

The hostname to use in the access privileges.

--howto

Display some examples that show how to use mysqlaccess.

--old_server

Assume that the server is an old MySQL server (before MySQL 3.21) that does not yet know how to handle full WHERE clauses.

--password[=password], -p[password]

The password to use when connecting to the server. If you omit the password value following the --password or -p option on the command line, you are prompted for one.

Specifying a password on the command line should be considered insecure. See Section 5.9.6, “Keeping Your Password Secure”.

--plan

Display suggestions and ideas for future releases.

--preview

Show the privilege differences after making changes to the temporary grant tables.

--relnotes

Display the release notes.

--rhost=host_name, -H host_name

Connect to the MySQL server on the given host.

--rollback

Undo the most recent changes to the temporary grant tables.

--spassword[=password], -P[password]

The password to use when connecting to the server as the superuser. If you omit the password value following the --password or -p option on the command line, you are prompted for one.

Specifying a password on the command line should be considered insecure. See Section 5.9.6, “Keeping Your Password Secure”.

--superuser=user_name, -U user_name

Specify the username for connecting as the superuser.

--table, -t

Generate reports in table format.

--user=user_name, -u user_name

The username to use in the access privileges.

--version, -v

Display version information and exit.

If your MySQL distribution is installed in some non-standard location, you must change the location where mysqlaccess expects to find the mysql client. Edit the mysqlaccess script at approximately line 18. Search for a line that looks like this:

$MYSQL = '/usr/local/bin/mysql'; # path to mysql executable

Change the path to reflect the location where mysql actually is stored on your system. If you do not do this, a Broken pipe error will occur when you run mysqlaccess.

previous page start next page