Daniel López Azaña

Language

English Español

Theme

Contact

daniloaz@gmail.com

Social Media

Blog

GNU/Linux, Open Source, Cloud Computing, DevOps and more...

ᐈ How to create a user in MySQL/MariaDB and grant permissions on a specific database

DevOps , Programming and Web Development

Logos de MariaDB y MySQLCreating a MySQL or MariaDB user and granting permissions to him to access a specific database and be able to write data on it is a very usual task that is necessary to perform each time you install a new application based on any of these database engines, like web applications running on top of LAMP stack. Whether it is a simple WordPress, or a more complex application tailor made, one way or another you will always have to complete these steps at some point before its deployment.

These commands are valid to be executed both from the generic MySQL console or command line interface and from any other tool that allows to execute SQL commands against a MySQL instance such as phpMyAdmin or MySQL Workbench. They can also be run in MariaDB with identical result.

1. Database creation

mysql> CREATE DATABASE `mydb`;

2. User creation

mysql> CREATE USER 'myuser'@localhost IDENTIFIED BY 'mypassword';

3. Grant permissions to access and use the MySQL server

Only allow access from localhost (this is the most secure and common configuration you will use for a web application):

mysql> GRANT USAGE ON *.* TO 'myuser'@localhost IDENTIFIED BY 'mypassword';

To allow access to MySQL server from any other computer on the network:

mysql> GRANT USAGE ON *.* TO 'myuser'@'%' IDENTIFIED BY 'mypassword';

In MySQL 8 or higher we will not add the IDENTIFIED BY ‘mipassword’ part.

4. Grant all privileges to a user on a specific database

MySQL 5.7 and earlier versions:

mysql> GRANT ALL privileges ON `mydb`.* TO 'myuser'@localhost IDENTIFIED BY 'mypassword';

MySQL 8 and higher versions:

mysql> GRANT ALL ON `mydb`.* TO 'myuser'@localhost;

As in the previous command, if you want the user to work with the database from any location you will have to replace localhost with ‘%’.

5. Apply changes made

To be effective the new assigned permissions you must finish with the following command:

mysql> FLUSH PRIVILEGES;

6. Verify your new user has the right permissions

mysql> SHOW GRANTS FOR 'myuser'@localhost;     
+--------------------------------------------------------------+ 
| Grants for myuser@localhost                                  | 
+--------------------------------------------------------------+ 
| GRANT USAGE ON *.* TO 'myuser'@'localhost'                   | 
| GRANT ALL PRIVILEGES ON `mydb`.* TO 'myuser'@'localhost'     | 
+--------------------------------------------------------------+ 
2 rows in set (0,00 sec)

If you made a mistake at some point you can undo all the steps above by executing the following commands, taking the precaution of replacing localhost with ‘%’ if you also changed it in the previous commands:

DROP USER myuser@localhost;
DROP DATABASE mydb;

Finally, here is a very simple and small Linux script in Bash that will help you to do all this in a much faster and direct way. Simply change your user and database names, and that’s it:

#! /bin/bash

newUser='testuser'
newDbPassword='testpwd'
newDb='testdb'
host=localhost
#host='%'

# MySQL 5.7 and earlier versions 
#commands="CREATE DATABASE \`${newDb}\`;CREATE USER '${newUser}'@'${host}' IDENTIFIED BY '${newDbPassword}';GRANT USAGE ON *.* TO '${newUser}'@'${host}' IDENTIFIED BY '${newDbPassword}';GRANT ALL privileges ON \`${newDb}\`.*
TO '${newUser}'@'${host}' IDENTIFIED BY '${newDbPassword}';FLUSH PRIVILEGES;"

# MySQL 8 and higher versions
commands="CREATE DATABASE \`${newDb}\`;CREATE USER '${newUser}'@'${host}' IDENTIFIED BY '${newDbPassword}';GRANT USAGE ON *.* TO '${newUser}'@'${host}';GRANT ALL ON \`${newDb}\`.* TO '${newUser}'@'${host}';FLUSH PRIVILEGES;"

echo "${commands}" | /usr/bin/mysql -u root -p
Bash LAMP MariaDB MySQL Script

Share this article

X.com LinkedIn Facebook WhatsApp Email
Daniel López Azaña

About the author

Daniel López Azaña

Tech entrepreneur and cloud architect with over 20 years of experience transforming infrastructures and automating processes.

Specialist in AI/LLM integration, Rust and Python development, and AWS & GCP architecture. Restless mind, idea generator, and passionate about technological innovation and AI.

Related articles

MySQL/MariaDB mysqldump command

How to perform MySQL/MariaDB backups: mysqldump command examples

Although there are different methods for backing up MySQL and MariaDB databases, the most common and effective one is to use a native tool that both MySQL and MariaDB make available for this purpose: the mysqldump command. As its name suggests, this is a command-line executable program that allows you to perform a complete export (dump) of all the contents of a database or even all the databases in a running MySQL or MariaDB instance. Of course it also allows partial backups, i.e. only some specific tables, or even only only a subset of all the records in a table.

September 14, 2017
diagrama-backup-mysql-php

Using PHP to backup MySQL databases

This post shows how to perform a partial or full backup of MySQL databases using only PHP code. This is very useful for example when a client doesn’t provide you with access data to the database of a web application and you only have an FTP connection available, or when you do have the connection data to the database but you can’t access it through the network (only available from localhost) and you can’t use tools like mysqldump to back up the information you need because you don’t have privileges for this, or simply because you have no access to a shell to which connect and run commands.

February 8, 2012
Script to automatically change all gp2 volumes to gp3 with aws-cli

Script to automatically change all gp2 volumes to gp3 with aws-cli

Last December Amazon announced its new EBS gp3 volumes, which offer better performance and a cost saving of 20% compared to those that have been used until now (gp2). Well, after successfully testing these new volumes with multiple clients, I can do nothing but recommend their use, because they are all advantages and in these 2 and a half months that have passed since the announcement I have not noticed any problems or side effects.

February 16, 2021

Comments

Vinicius February 25, 2018
Excellent article! Thank you very much
Sergio Pérez June 29, 2018
Thank you very much. It worked perfectly.
lara March 25, 2019
Thank it's work with my version.
Michael October 3, 2019
Flush privileges is not necessary if you use GRANT. Only if you update the privileges tables direct.
Kejal June 9, 2020
Thanks Bro.... Working
amin August 26, 2020
Thanks man. saved me!
Ollie October 9, 2020
None of my users have grant privileges and phpadmin also shows no privileges. So, I can’t do anything. How do I create a user and grant that user privileges when I don’t have a user with the privileges to do that.
Daniel October 27, 2020
You can't. PhpMyAdmin is just a layer on top of MySQL, and any action you perform will require the appropriate level of privileges in MySQL to be able to do it. If you need to create a new user first you must have a valid user allowed to create other users.
luk March 15, 2021
great but now ... how to grant only select for specific user. Only ! select. i can not find the solution :(
Daniel March 20, 2021
GRANT SELECT ON database.* TO user@'localhost';

Submit comment

Back to blog