My cheatsheet on mysql

Database changed
MariaDB [mysql]> SELECT user, host, password FROM user;
+-----------+-----------+-------------------------------------------+
| user      | host      | password                                  |
+-----------+-----------+-------------------------------------------+
| root      | localhost | *69F4D5A6B14A573595DEE6242DBF475F588C36E2 |
| root      | 127.0.0.1 | *69F4D5A6B14A573595DEE6242DBF475F588C36E2 |
| root      | ::1       | *69F4D5A6B14A573595DEE6242DBF475F588C36E2 |
| admin     | localhost | *061ED82A6E7D5FCE6612ACD128DF5037EEEFA264 |
| wordpress | localhost | *BA777A3D5BB318426F499C26DFA937B15BEAA372 |
+-----------+-----------+-------------------------------------------+
5 rows in set (0.000 sec)

MariaDB [mysql]> UPDATE user SET authentication_string = PASSWORD('xxxxxxxxxxxx')
    -> WHERE User = 'wordpress' AND Host = 'localhost';
Query OK, 1 row affected (0.001 sec)
Rows matched: 1  Changed: 1  Warnings: 0

MariaDB [mysql]> SELECT user, host, password FROM user;
+-----------+-----------+-------------------------------------------+
| user      | host      | password                                  |
+-----------+-----------+-------------------------------------------+
| root      | localhost | *6AF39F4D5A9F4D56B14A95DEE6242DBF475F58E2 |
| root      | 127.0.0.1 | *6AF39F4D59F4D5A6B14A95DEE6242DBF475F58E2 |
| root      | ::1       | *6AF39F4D59F4D5A6B14A95DEE6242DBF475F58E2 |
| admin     | localhost | *0AF361ED82A69F4D5FCE6612ACD128DF5037EE64 |
| wordpress | localhost | *BA7AF377AB318426F499F4D59C26DFA937B15B72 |
+-----------+-----------+-------------------------------------------+
5 rows in set (0.000 sec)

MariaDB [mysql]> 

Followed by:

• GRANT ALL ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY ''xxxxxxxxx';

mysql> select host, user, password from mysql.user; user and see:

MariaDB [mysql]> SELECT user, host, 
 -> password
 -> FROM user;
 +-----------+-----------+-------------------------------------------+
 | User      | Host      | Password                                  |
 +-----------+-----------+-------------------------------------------+
 | root      | localhost | *EACB2E99778C4B927C5E83E3C7E60347A0093FE6 |
 | root      | 127.0.0.1 | *EACB2E99778C4B927C5E83E3C7E60347A0093FE6 |
 | root      | ::1       | *EACB2E99778C4B927C5E83E3C7E60347A0093FE6 |
 | roundcube | localhost | *F72DA04145BB0B9442240279442D2983F41BC34D |
 +-----------+-----------+-------------------------------------------+
 4 rows in set (0.004 sec)

Three root users are generated by default when you first create a database. The are all created without passwords. At that time, the installation also recommends you set a password by running mysqladmin -u root password, which will change the password for 'root'@'%'.

The two that still don't have passwords are local to the host specified in the Host column; in both of these cases, it's the actual DB server. They do both have full access to the database by default. One might correctly surmise that, in many cases, if you were able to log in to the machine (which would be necessary to use either of these root accounts) in the first place, then you probably have access to the actual files on disk. So having passwords on these might not yield any real security.

That being said, I prefer to remove these default accounts, and stick with password-ed accounts.

DELETE FROM mysql.user WHERE Password=''; FLUSH PRIVILEGES

As of March 17th, 2020 MariaDB [(none)]> select user, password from mysql.user;

------------——————————————+

------------——————————————+

------------——————————————+ 4 rows in set (0.002 sec)

MariaDB [(none)]>

man mysqld(8) for documentation (or online at mysql.org ?) mariadb.org or also: https://mariadb.com/kb/en/library/systemd/

systemctl (systemd) control over mariadb

On April 21, 2021 I had a half-installed mariadb. I tried resetting my root password, and ending up just using:

Everything up to and including step 7 worked, however I could still not login to mysql using the new root password. SO, I re-installed mariadb as follows:

sudo systemctl stop mysql sudo systemctl disable mysql sudo dnf remove mysql

mysql # to test that it was uninstalled.

sudo dnf clean all sudo dnf install mariadb-server ( this was also still 10.3 ) sudo systemctl enable mariadb sudo systemctl start mariadb sudo systemctl status mariadb

tried to reset the root password using sudo /usr/bin/mysql_secure_installation

was not working… so will re-install a 2nd time !!!!!!!!!!!!!!!!!!! This time I also removed everthing in /etc/my.cnf.d and my.cnf

Ok, that did it. I had to manually set the root password first, but then it worked. Here's my session log of the second part (after the manual reset as described above):

mysql_{secureinstallation} is used to set the default password, and permissions to make the installation secure (or at least more secure)

zintis@vm1 ~ $
sudo /usr/bin/mysql_secure_installation
sudo /usr/bin/mysql_secure_installation
sudo /usr/bin/mysql_secure_installation
sudo /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] Y
New password: 
Re-enter new password: 
Sorry, passwords do not match.

New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
zintis@vm1 ~ $

See howtoforge.com for an example that mirrors my demo above.

/usr/bin/mysql_secure_installation /usr/bin/mysql_{secureinstallation} /usr/bin/mysql_secure_installation

DO THIS TO SET ROOT PASSWORD

It turns out that php-mysql was not available. apparently php-mysqlnd, for "native drivers" is a direct replacement so I added that: sudo dnf install php-mysqlnd. php-mysqlnd is called the "MySQL native driver for PHP"

If the mysqlnd does not work out, an alternative is mariadb. I installed it: sudo dnf install mariadb sudo dnf install mariadb-server

I decided to try php-mysqlnd first, and leave mariadb installed, but not enabled. So, I only enabled (and started) php-mysqlnd.

Actually I tried systemctl start mysqld and it appears to been linked to mariadb so this command:

sudo systemctl start mysqld sudo systemctl status mysqld

started MariaDB 10.3 database server.

   sudo systemctl status mysqld
● mariadb.service - MariaDB 10.3 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-02-11 23:47:33 EST; 37min ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
 Main PID: 16368 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 30 (limit: 5048)
   Memory: 87.6M
   CGroup: /system.slice/mariadb.service
           └─16368 /usr/libexec/mysqld --basedir=/usr

Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: Please report any problems at http://mariadb.org/jira
Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: The latest information about MariaDB is available at http://mariadb.org/.
Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: You can find additional information about the MySQL part at:
Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: http://dev.mysql.com
Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: Consider joining MariaDB's strong and vibrant community:
Feb 11 23:47:33 vm1.localdomain mysql-prepare-db-dir[16265]: https://mariadb.org/get-involved/
Feb 11 23:47:33 vm1.localdomain mysqld[16368]: 2020-02-11 23:47:33 0 [Note] /usr/libexec/mysqld (mysqld 10.3.17-MariaDB) starting as process 163>
Feb 11 23:47:33 vm1.localdomain mysqld[16368]: 2020-02-11 23:47:33 0 [Warning] Could not increase number of max_open_files to more than 1024 (re>
Feb 11 23:47:33 vm1.localdomain mysqld[16368]: 2020-02-11 23:47:33 0 [Warning] Changed limits: max_open_files: 1024  max_connections: 151 (was 1>
Feb 11 23:47:33 vm1.localdomain systemd[1]: Started MariaDB 10.3 database server.

sudo systemctl start mariadb-server did not work but ... mariadb did work.

So for good measure, I also started (and enabled) mariadb: sudo systemctl start mariadb and shortly after sudo systemctl enable mariadb

Note: You might need to use sudo to get a listing of the files in that directory.

If you don’t find the logs in the default directory, you need to check MariaDB’s configuration. Look in the my.cnf file and look for a log_error line, as in:

lst log_error = /var/log/mariadb/mariadb.log If you don’t see a line like that, create one in the mysqld section so that MariaDB will use its own error log. We recommend using the location in the example and creating the /var/log/mariadb directory if it doesn’t already exist. Apply the change by restarting MariaDB with the following command:

systemctl restart mariadb Make sure that the log directory you choose can be written to by the user controlling the MariaDB process.

======================

You can actually perform any command from your regular BASH command prompt.

echo SET PASSWORD FOR ‘anthony’@’localhost’ = PASSWORD(‘text password’); | mysql

echo “command here” | mysql will “pipe” the command inside of mysql to be executed and the results will output via standard output to your BASH shell!

You can run the following query to check for the existance of the user table.

SELECT * FROM information_schema.TABLES WHERE TABLE_NAME LIKE '%user%' See if you can find a row with the following values in

mysql> show databases;

--------------------

--------------------

-------------------- 4 rows in set (0.05 sec)

mysql> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A

Database changed mysql> show tables; -> ;

---------------------------

---------------------------

des | columns_priv |

--------------------------- 31 rows in set (0.001 sec)

MariaDB [mysql]>

mysql> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A

Database changed mysql> update user set password=PASSWORD("password") where User='root'; ERROR 1054 (42S22): Unknown column 'password' in 'field list' mysql> desc user;

Useful advice on checking (and changing) root password:

1. you can try to reconfigure the mysql-server : sudo dpkg-reconfigure mysql-server
2. check if you have the debian-sys-maint passwd

   cat /etc/mysql/debian.cnf and check for :

   user = debian-sys-maint password = xxxxGx0fSQxxGa debian-sys-maint has all privileges on the mysql server

3. if it do not solve the problem, you can reset the passwd :

   sudo service mysql stop * On a debian system * sudo mysqld_safe --skip-grant-tables & * on a debian syst3em* mysql -u root -p

mysql> use mysql; mysql> update user set password=PASSWORD("NewPasswd") where User='root'; mysql> flush privileges; mysql> quit

sudo systemctl stop mysql sudo systemctl start mysql mysql -u root -p

=============================== I ran into a couple issues with the accepted answer.

First time I ran sudo service mysql stop it didn't stop the service and I didn't realize it. Do a ps -fe | grep mysql. So make sure the process is done before running any of the following commands. After some tries I ended up killing it with sudo kill -KILL <mysqld process id>.

Then after running the sql update, again service mysql stop didn't work. So check your process id with ps -fe | grep mysqld_safe and use sudo kill -TERM <process id> as instructed below. If you have more than one process use the one with the lowest id.

sudo service mysql stop sudo mysqld_safe –skip-grant-tables & mysql -u root

mysql> use mysql; mysql> update user set password=PASSWORD("NewPasswd"), plugin='mysql_{nativepassword}', host='%' where User='root'; mysql> flush privileges; mysql> quit

sudo kill -TERM <mysqld_safe process id> sudo service mysql start mysql -u root -p =========================== This helped me, thanks. Only in my case I used authentication_string instead of password, that is UPDATE user set authentication_string = PASSWORD('101010'), plugin = 'mysql_{nativepassword}', where User = 'root' and Host = 'localhost'; I have MySQL 5.7 installed. And I killed processes with sudo killall mysql and sudo killall mysqld

========================== I had to do this on CentOS 8:

sudo systemctl stop mysqld sudo /usr/sbin/mysqld –skip-grant-tables –skip-networking –user root mysql -u root

use mysql; FLUSH PRIVILEGES; ALTER USER 'root'@'localhost' IDENTIFIED BY 'My^Pass1'; exit

sudo pkill mysqld sudo systemctl start mysqld mysql -u root -p

========================== I've installed MySQL server on a remote Ubuntu machine. The root user is defined in the mysql.user table this way:

mysql> SELECT host, user, password FROM user WHERE user = 'root';

I can access with user root from the same remote machine command-line interface using the standard mysql client. Now I want to allow root access from every host on the internet, so I tried adding following row (it's an exact duplicate of the first row from previous dump, except for the host column):

mysql> SELECT host, user, password FROM user WHERE host = '%';

But my client on my personal PC continues to tell me (I obscured the server IP):

SQL Error (2003): Can't connect to MySQL server on '46.x.x.x' (10061)

I can't tell if it's a authentication error or a network error. On the server firewall I enabled port 3306/TCP for 0.0.0.0/0, and that's ok for me…

341

There's two steps in that process:

a) Grant privileges. As root user execute with this substituting 'password' with your current root password : GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password'; b) bind to all addresses: The easiest way is to comment out the line in your my.cnf file: #bind-address = 127.0.0.1 and restart mysql

service mysql restart By default it binds only to localhost, but if you comment the line it binds to all interfaces it finds. Commenting out the line is equivalent to bind-address=*.

To check where mysql service has binded execute as root:

netstat -tupan | grep mysql Update For Ubuntu 16:

=============================== In order to connect remotely you have to have MySQL bind port 3306 to your machine's IP address in my.cnf. Then you have to have created the user in both localhost and '%' wildcard and grant permissions on all DB's as such . See below:

my.cnf (my.ini on windows)

#Replace xxx with your IP Address bind-address = xxx.xxx.xxx.xxx then

CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'mypass'; CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypass'; Then

GRANT ALL ON . TO 'myuser'@'localhost'; GRANT ALL ON . TO 'myuser'@'%'; GRANT ALL PRIVILEGES ON database.table TO 'user'@'localhost'; flush privileges; Depending on your OS you may have to open port 3306 to allow remote connections.

==========================================

12

for what DB is the user? look at this example

mysql> create database databasename; Query OK, 1 row affected (0.00 sec) mysql> grant all on databasename.* to cmsuser@localhost identified by 'password'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) so to return to you question the "%" operator means all computers in your network.

like aspesa shows I'm also sure that you have to create or update a user. look for all your mysql users:

SELECT user,password,host FROM user; as soon as you got your user set up you should be able to connect like this:

mysql -h localhost -u gmeier -p hope it helps

==========================================

computing for geeks.com has a nice overview on installing MariaDB 10.4 on CentOS8 However, I had already upgraded to 10.4 so I did not follow these instructions.

==========================================

From mariadb.com

root@vm1 ~ [650]$ mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 46 Server version: 10.4.12-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> show databases;

--------------------

--------------------

-------------------- 3 rows in set (0.012 sec)

MariaDB [(none)]>

After intalling, the first step one should do is secure your mysql install. Do this by running mysql_secure_installation as root.

I was getting this error, half-way through:

Remove anonymous users? [Y/n] Y
ERROR 1146 (42S02) at line 1: Table 'mysql.global_priv' doesn't exist
... Failed!
Cleaning up...
root@vm1 ~ [642]$ 

I ran :

root@vm1 ~ [642]$ 
mysql_install_db
mysql.user table already exists!
Run mysql_upgrade, not mysql_install_db
root@vm1 ~ [643]$ 
mysql_upgrade
Version check failed. Got the following error when calling the 'mysql' command line client
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
FATAL ERROR: Upgrade failed

So, mysql_upgrade apparently did not work. It does work, you just need to run it with a proper password; mysql_upgrade -p

.
.
.
mysql.time_zone_transition_type                    OK
mysql.transaction_registry                         OK
mysql.user                                         OK
Phase 2/7: Installing used storage engines... Skipped
Phase 3/7: Fixing views
Phase 4/7: Running 'mysql_fix_privilege_tables'
Phase 5/7: Fixing table and database names
Phase 6/7: Checking and upgrading tables
Processing databases
information_schema
performance_schema
Phase 7/7: Running 'FLUSH PRIVILEGES'
OK

This time I had success, with running mysql_secure_installation as root.

My mariadb upgrade with MariaDB 10.4 was up and ready for use.

To view the users defined on your database, you can query mysql.user table, e.g.

SELECT user, host FROM mysql.user;

select * from mysql.user; # will give you too much. select user, password from mysql.user; # much better what fields are avaiable in a table?? Fields are called columns so better to ask: what columns are available in a table??

SHOW COLUMNS FROM table-name

SELECT * FROM information_{schema.columns} WHERE table_schema = 'your_db' ORDER BY table_{name,ordinalposition};

SELECT COLUMN_NAME FROM information_{schema.columns} WHERE table_schema = 'your_db' ORDER BY table_{name,ordinalposition};

SELECT * FROM information_{schema.columns} WHERE table_schema = 'your_db' # could also try WHERE table_schema = DATABASE() ORDER BY table_{name,ordinalposition};

To look just at one table. SELECT * FROM information_{schema.columns} WHERE table_schema = 'your_db' AND table_name = 'your_tablename';

To just get column names: SELECT column_name FROM information_{schema.columns} WHERE table_schema='your_db' ORDER BY table_name, ordinal_position

Even better: SHOW columns FROM tablename

On the offchance that it's useful to anyone else, this will give you a comma-delimited list of the columns in each table:

SELECT table_{name,GROUPCONCAT}(column_name ORDER BY ordinal_position) FROM information_{schema.columns} WHERE table_schema = DATABASE() GROUP BY table_name ORDER BY table_name ;

# this is not bash but php.
   <?php
       $table = 'orders';
       $query = "SHOW COLUMNS FROM $table";
       if($output = mysql_query($query)):   # mysql_query has been depracted by mysqli
           $columns = array();
           while($result = mysql_fetch_assoc($output)):
               $columns[] = $result['Field'];
           endwhile;
       endif;
       echo '<pre>';
       print_r($columns);
       echo '</pre>';
  ?>

Another apprpoach for some readable php:

# this is not bash, but php code.
  $a = mysqli_query($conn,"select * from information_schema.columns
     where table_schema = 'your_db'
     order by table_name,ordinal_position");
  $b = mysqli_fetch_all($a,MYSQLI_ASSOC);
  $d = array();
  foreach($b as $c){
     if(!is_array($d[$c['TABLE_NAME']])){
         $d[$c['TABLE_NAME']] = array();
     }
     $d[$c['TABLE_NAME']][] = $c['COLUMN_NAME'];
  }

  echo "<pre>",print_r($d),"</pre>";

Could also be to a remote host in which case it would be mysql > TO 'roundcube'@'%'; i.e. replace localhost with % for any host

Rather than providing all privileges to the entire database, perhaps you want to give the tolkien user only the ability to read data (SELECT) from the authors table of the books database. You could accomplish that with:

mysql> GRANT ALL PRIVILEGES ON books.authors TO 'tolkien'@'localhost';

mysql > SHOW GRANTS FOR 'user'@'localhost';

mysql > CREATE USER 'newuser'@'%' IDENTIFIED BY 'user_password';

mysql > CREATE USER 'newuser'@'5.5.5.5' IDENTIFIED BY 'user_password'

DELETE FROM mysql.user WHERE user = 'username';

The most commonly used privileges are:

ALL PRIVILEGES – Grants all privileges to a user account. CREATE – The user account is allowed to create databases and tables. DROP - The user account is allowed to drop databases and tables. DELETE - The user account is allowed to delete rows from a specific table. INSERT - The user account is allowed to insert rows into a specific table. SELECT – The user account is allowed to read a database. UPDATE - The user account is allowed to update table rows. To grant specific privileges to a user account, you can use the following syntax:

GRANT permission1, permission2 ON database_name.table

SHOW GRANTS FOR 'database_user'@'localhost';

---------------------------------------------------------------------------

---------------------------------------------------------------------------

--------------------------------------------------------------------------- 2 rows in set (0.00 sec)

mysql > REVOKE ALL PRIVILEGES ON roundcubemail.* FROM 'fired-user'@'localhost';

mysql > DROP USER 'user'@'localhost'