Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
f96ee774
Commit
f96ee774
authored
Sep 27, 2000
by
jcole@tetra.spaceapes.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
NuSphere editor's changes to pages 101-150 of manual.texi.
parent
17dec8ea
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
307 additions
and
313 deletions
+307
-313
Docs/manual.texi
Docs/manual.texi
+307
-313
No files found.
Docs/manual.texi
View file @
f96ee774
...
@@ -8403,9 +8403,9 @@ shell> run-all-tests
...
@@ -8403,9 +8403,9 @@ shell> run-all-tests
If you don't have the @file{sql-bench} directory, you are probably using an
If you don't have the @file{sql-bench} directory, you are probably using an
RPM for a binary distribution. (Source distribution RPMs include the
RPM for a binary distribution. (Source distribution RPMs include the
benchmark directory.) In this case, you must first install the benchmark
benchmark directory.) In this case, you must first install the benchmark
suite before you can use it. Beginning with @strong{MySQL}
3.22, there are
suite before you can use it. Beginning with @strong{MySQL}
Version 3.22,
benchmark RPM files named @file{mysql-bench-VERSION-i386.rpm} that contain
there are benchmark RPM files named @file{mysql-bench-VERSION-i386.rpm} that
benchmark code and data.
contain
benchmark code and data.
If you have a source distribution, you can also run the tests in the
If you have a source distribution, you can also run the tests in the
@file{tests} subdirectory. For example, to run @file{auto_increment.tst}, do
@file{tests} subdirectory. For example, to run @file{auto_increment.tst}, do
...
@@ -8419,17 +8419,17 @@ The expected results are shown in the @file{./tests/auto_increment.res} file.
...
@@ -8419,17 +8419,17 @@ The expected results are shown in the @file{./tests/auto_increment.res} file.
@end enumerate
@end enumerate
@node mysql_install_db, Starting server, Post-installation, Post-installation
@node mysql_install_db, Starting server, Post-installation, Post-installation
@subsection Problems
r
unning @code{mysql_install_db}
@subsection Problems
R
unning @code{mysql_install_db}
@cindex mysql_install_db script
@cindex mysql_install_db script
@cindex scripts, mysql_install_db
@cindex scripts, mysql_install_db
The purpose of the @code{mysql_install_db} script is to generate new
The purpose of the @code{mysql_install_db} script is to generate new
@strong{MySQL} privilege tables. It will not affect any other data!
@strong{MySQL} privilege tables. It will not affect any other data!
It will also not do anything if you
have
already have MySQL privilege
It will also not do anything if you already have MySQL privilege
tables installed!
tables installed!
If you want to recreate your privilege tables, you should take down
If you want to re
-
create your privilege tables, you should take down
the mysqld server, if its running, and then do something like:
the mysqld server, if its running, and then do something like:
@example
@example
...
@@ -8460,18 +8460,18 @@ what happened, include the log when you post a bug report using
...
@@ -8460,18 +8460,18 @@ what happened, include the log when you post a bug report using
@item There is already a @code{mysqld} daemon running
@item There is already a @code{mysqld} daemon running
In this case, you
have
probably don't have to run @code{mysql_install_db} at
In this case, you probably don't have to run @code{mysql_install_db} at
all. You have to run @code{mysql_install_db} only once, when you install
all. You have to run @code{mysql_install_db} only once, when you install
@strong{MySQL} the first time.
@strong{MySQL} the first time.
@item Installing a second @code{mysqld} daemon doesn't work when one daemon is running
@item Installing a second @code{mysqld} daemon doesn't work when one daemon is running
This can happen when you already have an existing @strong{MySQL}
This can happen when you already have an existing @strong{MySQL}
installation, but want to put a new installation in a different place (
e.g.,
installation, but want to put a new installation in a different place (
for
for testing, or perhaps you simply want to run two installations at the same
example, for testing, or perhaps you simply want to run two installations at
t
ime). Generally the problem that occurs when you try to run the second
t
he same time). Generally the problem that occurs when you try to run the
se
rver is that it tries to use the same socket and port as the old one. In
se
cond server is that it tries to use the same socket and port as the old one.
this case you will get the error message: @code{Can't start server: Bind on
In
this case you will get the error message: @code{Can't start server: Bind on
TCP/IP port: Address already in use} or @code{Can't start server : Bind on
TCP/IP port: Address already in use} or @code{Can't start server : Bind on
unix socket...} You can start the new server with a different socket and
unix socket...} You can start the new server with a different socket and
port as follows:
port as follows:
...
@@ -8493,7 +8493,7 @@ variables you can use to affect @code{mysqld}. @xref{Environment variables}.
...
@@ -8493,7 +8493,7 @@ variables you can use to affect @code{mysqld}. @xref{Environment variables}.
After this, you should edit your server boot script to start both daemons
After this, you should edit your server boot script to start both daemons
with different sockets and ports. For example, it could invoke
with different sockets and ports. For example, it could invoke
@code{safe_mysqld} twice, but with different @code{--socket}, @code{--port}
@code{safe_mysqld} twice, but with different @code{--socket}, @code{--port}
,
and @code{--basedir} options for each invocation.
and @code{--basedir} options for each invocation.
@item You don't have write access to @file{/tmp}
@item You don't have write access to @file{/tmp}
...
@@ -8531,7 +8531,7 @@ shell> BINDIR/safe_mysqld &
...
@@ -8531,7 +8531,7 @@ shell> BINDIR/safe_mysqld &
@item @code{mysqld} crashes immediately
@item @code{mysqld} crashes immediately
If you are running RedHat 5.0 with a version of @code{glibc} older than
If you are running RedHat
Version
5.0 with a version of @code{glibc} older than
2.0.7-5, you should make sure you have installed all @code{glibc} patches!
2.0.7-5, you should make sure you have installed all @code{glibc} patches!
There is a lot of information about this in the @strong{MySQL} mail
There is a lot of information about this in the @strong{MySQL} mail
archives. Links to the mail archives are available at the online
archives. Links to the mail archives are available at the online
...
@@ -8553,7 +8553,7 @@ reload the grant tables.
...
@@ -8553,7 +8553,7 @@ reload the grant tables.
@end table
@end table
@node Starting server, Automatic start, mysql_install_db, Post-installation
@node Starting server, Automatic start, mysql_install_db, Post-installation
@subsection Problems
starting the MySQL s
erver
@subsection Problems
Starting the MySQL S
erver
@cindex server, starting problems
@cindex server, starting problems
@cindex problems, starting the server
@cindex problems, starting the server
...
@@ -8593,8 +8593,8 @@ Whichever method you use to start the server, if it fails to start up
...
@@ -8593,8 +8593,8 @@ Whichever method you use to start the server, if it fails to start up
correctly, check the log file to see if you can find out why. Log files
correctly, check the log file to see if you can find out why. Log files
are located in the data directory (typically
are located in the data directory (typically
@file{/usr/local/mysql/data} for a binary distribution,
@file{/usr/local/mysql/data} for a binary distribution,
@file{/usr/local/var} for a source distribution
)
,
@file{/usr/local/var} for a source distribution,
@file{\mysql\mysql.err} on Windows. Look in the data directory for
@file{\mysql\mysql.err} on Windows.
)
Look in the data directory for
files with names of the form @file{host_name.err} and
files with names of the form @file{host_name.err} and
@file{host_name.log} where @code{host_name} is the name of your server
@file{host_name.log} where @code{host_name} is the name of your server
host. Then check the last few lines of these files:
host. Then check the last few lines of these files:
...
@@ -8611,7 +8611,7 @@ If you find something like the following in the log file:
...
@@ -8611,7 +8611,7 @@ If you find something like the following in the log file:
000729 14:50:10 Can't init databases
000729 14:50:10 Can't init databases
@end example
@end example
T
his means that you started mysqld with @code{--bdb-recover} and that
t
his means that you started mysqld with @code{--bdb-recover} and that
Berkeley DB found something wrong with it's log files when it tried to
Berkeley DB found something wrong with it's log files when it tried to
recover your databases. To be able to continue, you should move away
recover your databases. To be able to continue, you should move away
the old Berkeley DB log file from the database directory to some other
the old Berkeley DB log file from the database directory to some other
...
@@ -8660,8 +8660,7 @@ the command @code{telnet your-host-name tcp-ip-port-number} and press
...
@@ -8660,8 +8660,7 @@ the command @code{telnet your-host-name tcp-ip-port-number} and press
@code{RETURN} a couple of times. If you don't get an error message like
@code{RETURN} a couple of times. If you don't get an error message like
@code{telnet: Unable to connect to remote host: Connection refused},
@code{telnet: Unable to connect to remote host: Connection refused},
something is using the TCP/IP port @code{mysqld} is trying to use.
something is using the TCP/IP port @code{mysqld} is trying to use.
@xref{mysql_install_db, , @code{mysql_install_db}}, and @ref{Multiple
See @ref{mysql_install_db} and @ref{Multiple servers}.
servers}.
The @code{safe_mysqld} script is written so that it normally is able to start
The @code{safe_mysqld} script is written so that it normally is able to start
a server that was installed from either a source or a binary version of
a server that was installed from either a source or a binary version of
...
@@ -8679,7 +8678,7 @@ distributions). This condition should be met if you execute
...
@@ -8679,7 +8678,7 @@ distributions). This condition should be met if you execute
example, @file{/usr/local/mysql} for a binary distribution).
example, @file{/usr/local/mysql} for a binary distribution).
@item
@item
If the server and databases cannot be found relative to
its
working directory,
If the server and databases cannot be found relative to
the
working directory,
@code{safe_mysqld} attempts to locate them by absolute pathnames. Typical
@code{safe_mysqld} attempts to locate them by absolute pathnames. Typical
locations are @file{/usr/local/libexec} and @file{/usr/local/var}.
locations are @file{/usr/local/libexec} and @file{/usr/local/var}.
The actual locations are determined when the distribution was built from which
The actual locations are determined when the distribution was built from which
...
@@ -8737,12 +8736,12 @@ This will not run in the background and it should also write a trace in
...
@@ -8737,12 +8736,12 @@ This will not run in the background and it should also write a trace in
problems. @xref{Windows}.
problems. @xref{Windows}.
@node Automatic start, Command-line options, Starting server, Post-installation
@node Automatic start, Command-line options, Starting server, Post-installation
@subsection Starting and
stopping MySQL a
utomatically
@subsection Starting and
Stopping MySQL A
utomatically
@cindex starting, the server automatically
@cindex starting, the server automatically
@cindex stopping, the server
@cindex stopping, the server
@cindex server, starting and stopping
@cindex server, starting and stopping
The @code{mysql.server} script can be used to start or stop the server
,
The @code{mysql.server} script can be used to start or stop the server
by invoking it with @code{start} or @code{stop} arguments:
by invoking it with @code{start} or @code{stop} arguments:
@example
@example
...
@@ -8751,7 +8750,7 @@ shell> mysql.server stop
...
@@ -8751,7 +8750,7 @@ shell> mysql.server stop
@end example
@end example
@code{mysql.server} can be found in the @file{share/mysql} directory
@code{mysql.server} can be found in the @file{share/mysql} directory
under the @strong{MySQL} installation directory
,
or in the @file{support-files}
under the @strong{MySQL} installation directory or in the @file{support-files}
directory of the @strong{MySQL} source tree.
directory of the @strong{MySQL} source tree.
Before @code{mysql.server} starts the server, it changes directory to
Before @code{mysql.server} starts the server, it changes directory to
...
@@ -8764,15 +8763,14 @@ user, you can change the @code{mysql_daemon_user=root} line to use
...
@@ -8764,15 +8763,14 @@ user, you can change the @code{mysql_daemon_user=root} line to use
another user. You can also modify @code{mysql.server} to pass other
another user. You can also modify @code{mysql.server} to pass other
options to @code{safe_mysqld}.
options to @code{safe_mysqld}.
@code{mysql.server stop} brings down server by sending a signal to it.
@code{mysql.server stop} brings down
the
server by sending a signal to it.
You can take down the server manually by executing @code{mysqladmin shutdown}.
You can take down the server manually by executing @code{mysqladmin shutdown}.
You might want to add these start and stop commands to the appropriate places
You might want to add these start and stop commands to the appropriate places
in your @file{/etc/rc*} files when you start using @strong{MySQL} for
in your @file{/etc/rc*} files when you start using @strong{MySQL} for
production applications. Note that if you modify @code{mysql.server}, then
production applications. Note that if you modify @code{mysql.server}, then
if you upgrade @strong{MySQL} sometime, your modified version will be
upgrade @strong{MySQL} sometime, your modified version will be overwritten,
overwritten, so you should make a copy of your edited version that you can
so you should make a copy of your edited version that you can reinstall.
reinstall.
If your system uses @file{/etc/rc.local} to start external scripts, you
If your system uses @file{/etc/rc.local} to start external scripts, you
should append the following to it:
should append the following to it:
...
@@ -8796,14 +8794,15 @@ basedir=/usr/local/mysql
...
@@ -8796,14 +8794,15 @@ basedir=/usr/local/mysql
@end example
@end example
The @code{mysql.server} script uses the following variables:
The @code{mysql.server} script uses the following variables:
@code{user}, @code{datadir}, @code{basedir}, @code{bindir} and @code{pid-file}.
@code{user}, @code{datadir}, @code{basedir}, @code{bindir}, and
@code{pid-file}.
@xref{Option files}.
@xref{Option files}.
@findex command-line options
@findex command-line options
@cindex options, command-line
@cindex options, command-line
@node Command-line options, Option files, Automatic start, Post-installation
@node Command-line options, Option files, Automatic start, Post-installation
@subsection Command-line
o
ptions
@subsection Command-line
O
ptions
@code{mysqld} accepts the following command-line options:
@code{mysqld} accepts the following command-line options:
...
@@ -8819,7 +8818,7 @@ usually resolved relative to this.
...
@@ -8819,7 +8818,7 @@ usually resolved relative to this.
@item --big-tables
@item --big-tables
Allow big result sets by saving all temporary sets on file. It solves
Allow big result sets by saving all temporary sets on file. It solves
most 'table full' errors, but also slows down the queries where
most 'table full' errors, but also slows down the queries where
in-memory tables would suffice. Since
version 3.23.2
@strong{MySQL} is
in-memory tables would suffice. Since
Version 3.23.2,
@strong{MySQL} is
able to solve it automaticaly by using memory for small temporary
able to solve it automaticaly by using memory for small temporary
tables and switching to disk tables where necessary.
tables and switching to disk tables where necessary.
...
@@ -8854,8 +8853,8 @@ Enable system locking.
...
@@ -8854,8 +8853,8 @@ Enable system locking.
Print some debug info at exit.
Print some debug info at exit.
@item --flush
@item --flush
Flush all changes to disk after each SQL command
s;
Normally @strong{MySQL}
Flush all changes to disk after each SQL command
.
Normally @strong{MySQL}
only does a write of all changes to disk after each SQL command
,
and lets
only does a write of all changes to disk after each SQL command and lets
the operating system handle the syncing to disk.
the operating system handle the syncing to disk.
@xref{Crashing}.
@xref{Crashing}.
...
@@ -8870,7 +8869,7 @@ Client error messages in given language. May be given as a full path.
...
@@ -8870,7 +8869,7 @@ Client error messages in given language. May be given as a full path.
@xref{Languages}.
@xref{Languages}.
@item -l, --log[=file]
@item -l, --log[=file]
Log connections and queries to file
Log connections and queries to file
.
@item --log-isam[=file]
@item --log-isam[=file]
Log all ISAM/MyISAM changes to file (only used when debugging ISAM/MyISAM).
Log all ISAM/MyISAM changes to file (only used when debugging ISAM/MyISAM).
...
@@ -8914,7 +8913,7 @@ Use the 3.20 protocol for compatibility with some very old clients.
...
@@ -8914,7 +8913,7 @@ Use the 3.20 protocol for compatibility with some very old clients.
Only use one thread (for debugging under Linux). @xref{Debugging server}.
Only use one thread (for debugging under Linux). @xref{Debugging server}.
@item -O, --set-variable var=option
@item -O, --set-variable var=option
Give a variable a
n
value. @code{--help} lists variables.
Give a variable a value. @code{--help} lists variables.
You can find a full description for all variables in the @code{SHOW VARIABLES}
You can find a full description for all variables in the @code{SHOW VARIABLES}
section in this manual. @xref{SHOW VARIABLES}.
section in this manual. @xref{SHOW VARIABLES}.
The tuning server parameters section includes information of how to optimize
The tuning server parameters section includes information of how to optimize
...
@@ -8935,13 +8934,13 @@ IP numbers returned by the @code{gethostbyname()} system call are
...
@@ -8935,13 +8934,13 @@ IP numbers returned by the @code{gethostbyname()} system call are
checked to make sure they resolve back to the original hostname. This
checked to make sure they resolve back to the original hostname. This
makes it harder for someone on the outside to get access by pretending
makes it harder for someone on the outside to get access by pretending
to be another host. This option also adds some sanity checks of
to be another host. This option also adds some sanity checks of
hostnames. The option is turned off by default in @strong{MySQL} 3.21
hostnames. The option is turned off by default in @strong{MySQL}
Version
3.21
because sometimes it takes a long time to perform backward resolutions.
because sometimes it takes a long time to perform backward resolutions.
@strong{MySQL}
3.22 caches hostnames (unless @code{--skip-host-cache} is
@strong{MySQL}
Version 3.22 caches hostnames (unless @code{--skip-host-cache}
used) and has this option enabled by default.
is
used) and has this option enabled by default.
@item --skip-concurrent-insert
@item --skip-concurrent-insert
Turn of
that one can insert and selec
t at the same time on @code{MyISAM}
Turn of
f the ability to select and inser
t at the same time on @code{MyISAM}
tables. (This is only to be used if you think you have found a bug
tables. (This is only to be used if you think you have found a bug
in this feature).
in this feature).
...
@@ -8950,9 +8949,9 @@ Ignore the @code{delay_key_write} option for all tables.
...
@@ -8950,9 +8949,9 @@ Ignore the @code{delay_key_write} option for all tables.
@xref{Server parameters}.
@xref{Server parameters}.
@item --skip-locking
@item --skip-locking
Don't use system locking. To use @code{isamchk} or @code{myisamchk}
one has
Don't use system locking. To use @code{isamchk} or @code{myisamchk}
you must
to shut down the server. @xref{Stability}. Note that in @strong{MySQL} 3.23
shut down the server. @xref{Stability}. Note that in @strong{MySQL} Version
one
can use @code{REPAIR} and @code{CHECK} to repair/check @code{MyISAM}
3.23 you
can use @code{REPAIR} and @code{CHECK} to repair/check @code{MyISAM}
tables.
tables.
@item --skip-name-resolve
@item --skip-name-resolve
...
@@ -8961,7 +8960,7 @@ tables must be IP numbers or @code{localhost}.
...
@@ -8961,7 +8960,7 @@ tables must be IP numbers or @code{localhost}.
@item --skip-networking
@item --skip-networking
Don't listen for TCP/IP connections at all.
Don't listen for TCP/IP connections at all.
All interaction with @code{mysqld} must be made via U
nix
sockets.
All interaction with @code{mysqld} must be made via U
NIX
sockets.
This option is highly recommended for systems where only local requests
This option is highly recommended for systems where only local requests
are allowed. However, this option is unsuitable for systems that use
are allowed. However, this option is unsuitable for systems that use
MIT-pthreads, because the MIT-pthreads package doesn't support Unix
MIT-pthreads, because the MIT-pthreads package doesn't support Unix
...
@@ -8981,7 +8980,7 @@ Don't allow 'SHOW DATABASE' commands, unless the user has
...
@@ -8981,7 +8980,7 @@ Don't allow 'SHOW DATABASE' commands, unless the user has
@strong{process} privilege.
@strong{process} privilege.
@item --skip-thread-priority
@item --skip-thread-priority
Disable using thread priorities for faster respon
c
e time.
Disable using thread priorities for faster respon
s
e time.
@item --socket=path
@item --socket=path
Socket file to use for local connections instead of default
Socket file to use for local connections instead of default
...
@@ -8996,7 +8995,7 @@ Run @code{mysqld} daemon as user @code{user_name}. This option is
...
@@ -8996,7 +8995,7 @@ Run @code{mysqld} daemon as user @code{user_name}. This option is
@emph{mandatory} when starting @code{mysqld} as root.
@emph{mandatory} when starting @code{mysqld} as root.
@item -V, --version
@item -V, --version
output version information and exit
Output version information and exit.
@end table
@end table
...
@@ -9005,12 +9004,12 @@ output version information and exit
...
@@ -9005,12 +9004,12 @@ output version information and exit
@cindex creating, default startup options
@cindex creating, default startup options
@cindex startup options, default
@cindex startup options, default
@node Option files, , Command-line options, Post-installation
@node Option files, , Command-line options, Post-installation
@subsection Option
f
iles
@subsection Option
F
iles
@strong{MySQL} 3.22 can read default startup options for the server and
@strong{MySQL}
Version
3.22 can read default startup options for the server and
for clients from option files.
for clients from option files.
@strong{MySQL} reads default options from the following files on U
nix
:
@strong{MySQL} reads default options from the following files on U
NIX
:
@tindex .my.cnf file
@tindex .my.cnf file
@multitable @columnfractions .3 .7
@multitable @columnfractions .3 .7
...
@@ -9021,7 +9020,7 @@ for clients from option files.
...
@@ -9021,7 +9020,7 @@ for clients from option files.
@end multitable
@end multitable
@code{DATADIR} is the @strong{MySQL} data directory (typically
@code{DATADIR} is the @strong{MySQL} data directory (typically
@file{/usr/local/mysql/data} for a binary installation
,
or
@file{/usr/local/mysql/data} for a binary installation or
@file{/usr/local/var} for a source installation). Note that this is the
@file{/usr/local/var} for a source installation). Note that this is the
directory that was specified at configuration time, not the one specified
directory that was specified at configuration time, not the one specified
with @code{--datadir} when @code{mysqld} starts up! (@code{--datadir} has no
with @code{--datadir} when @code{mysqld} starts up! (@code{--datadir} has no
...
@@ -9037,7 +9036,7 @@ before it processes any command-line arguments.)
...
@@ -9037,7 +9036,7 @@ before it processes any command-line arguments.)
@item @code{C:\mysql\data\my.cnf} @tab Server-specific options
@item @code{C:\mysql\data\my.cnf} @tab Server-specific options
@end multitable
@end multitable
Note that
you on Windows
should specify all paths with @code{/} instead of
Note that
on Windows, you
should specify all paths with @code{/} instead of
@code{\}. If you use @code{\}, you need to specify this twice, as
@code{\}. If you use @code{\}, you need to specify this twice, as
@code{\} is the escape character in @strong{MySQL}.
@code{\} is the escape character in @strong{MySQL}.
...
@@ -9052,7 +9051,7 @@ environment variable values. @xref{Environment variables}.
...
@@ -9052,7 +9051,7 @@ environment variable values. @xref{Environment variables}.
The following programs support option files: @code{mysql},
The following programs support option files: @code{mysql},
@code{mysqladmin}, @code{mysqld}, @code{mysqldump}, @code{mysqlimport},
@code{mysqladmin}, @code{mysqld}, @code{mysqldump}, @code{mysqlimport},
@code{mysql.server}, @code{myisamchk} and @code{myisampack}.
@code{mysql.server}, @code{myisamchk}
,
and @code{myisampack}.
You can use option files to specify any long option that a program supports!
You can use option files to specify any long option that a program supports!
Run the program with @code{--help} to get a list of available options.
Run the program with @code{--help} to get a list of available options.
...
@@ -9087,7 +9086,7 @@ sure the option file is readable and writable only to yourself.)
...
@@ -9087,7 +9086,7 @@ sure the option file is readable and writable only to yourself.)
Note that for options and values, all leading and trailing blanks are
Note that for options and values, all leading and trailing blanks are
automatically deleted. You may use the escape sequences @samp{\b},
automatically deleted. You may use the escape sequences @samp{\b},
@samp{\t}, @samp{\n}, @samp{\r}, @samp{\\} and @samp{\s} in your value string
@samp{\t}, @samp{\n}, @samp{\r}, @samp{\\}
,
and @samp{\s} in your value string
(@samp{\s} == blank).
(@samp{\s} == blank).
Here is a typical global option file:
Here is a typical global option file:
...
@@ -9124,7 +9123,7 @@ files named @file{my-xxxx.cnf} in the @file{support-files} directory.
...
@@ -9124,7 +9123,7 @@ files named @file{my-xxxx.cnf} in the @file{support-files} directory.
If you have a binary distribution, look in the @file{DIR/share/mysql}
If you have a binary distribution, look in the @file{DIR/share/mysql}
directory, where @code{DIR} is the pathname to the @strong{MySQL}
directory, where @code{DIR} is the pathname to the @strong{MySQL}
installation directory (typically @file{/usr/local/mysql}). Currently
installation directory (typically @file{/usr/local/mysql}). Currently
there
is sample configuration files for small, medium, large
and very
there
are sample configuration files for small, medium, large,
and very
large systems. You can copy @file{my-xxxx.cnf} to your home directory
large systems. You can copy @file{my-xxxx.cnf} to your home directory
(rename the copy to @file{.my.cnf}) to experiment with this.
(rename the copy to @file{.my.cnf}) to experiment with this.
...
@@ -9139,8 +9138,8 @@ If you want to force the use of a specific config file, you can use the option
...
@@ -9139,8 +9138,8 @@ If you want to force the use of a specific config file, you can use the option
specified file will be read.
specified file will be read.
Note for developers: Option file handling is implemented simply by
Note for developers: Option file handling is implemented simply by
processing all matching options (
i.e.
, options in the appropriate group)
processing all matching options (
that is
, options in the appropriate group)
before any command
line arguments. This works nicely for programs that use
before any command
-
line arguments. This works nicely for programs that use
the last instance of an option that is specified multiple times. If you have
the last instance of an option that is specified multiple times. If you have
an old program that handles multiply-specified options this way but doesn't
an old program that handles multiply-specified options this way but doesn't
read option files, you need add only two lines to give it that capability.
read option files, you need add only two lines to give it that capability.
...
@@ -9148,7 +9147,7 @@ Check the source code of any of the standard @strong{MySQL} clients to see
...
@@ -9148,7 +9147,7 @@ Check the source code of any of the standard @strong{MySQL} clients to see
how to do this.
how to do this.
@node Upgrade, , Post-installation, Installing
@node Upgrade, , Post-installation, Installing
@section Is
there anything special to do when upgrading/d
owngrading MySQL?
@section Is
There Anything Special to Do when Upgrading/D
owngrading MySQL?
@cindex upgrading
@cindex upgrading
@cindex downgrading
@cindex downgrading
...
@@ -9159,15 +9158,14 @@ base version of @strong{MySQL}. The current base version is
...
@@ -9159,15 +9158,14 @@ base version of @strong{MySQL}. The current base version is
also change the sort order), you must run @code{myisamchk -r -q} on all
also change the sort order), you must run @code{myisamchk -r -q} on all
tables. Otherwise your indexes may not be ordered correctly.
tables. Otherwise your indexes may not be ordered correctly.
If you are
paranoid and/or afraid of new versions, you can always rename your
If you are
afraid of new versions, you can always rename your old
old
@code{mysqld} to something like @code{mysqld}-'old-version-number'. If
@code{mysqld} to something like @code{mysqld}-'old-version-number'. If
your new @code{mysqld} then does something unexpected, you can simply shut it
your new @code{mysqld} then does something unexpected, you can simply shut it
down and restart with your old @code{mysqld}!
down and restart with your old @code{mysqld}!
When you do an upgrade you should also backup your old databases, of course.
When you do an upgrade you should also back up your old databases, of course.
Sometimes it's good to be a little paranoid!
After an upgrade, if
you experience problems with recompiled client programs,
If after an upgrade,
you experience problems with recompiled client programs,
like @code{Commands out of sync} or unexpected core dumps, you probably have
like @code{Commands out of sync} or unexpected core dumps, you probably have
used an old header or library file when compiling your programs. In this
used an old header or library file when compiling your programs. In this
case you should check the date for your @file{mysql.h} file and
case you should check the date for your @file{mysql.h} file and
...
@@ -9196,19 +9194,21 @@ dumping core after you upgrade @strong{MySQL}.
...
@@ -9196,19 +9194,21 @@ dumping core after you upgrade @strong{MySQL}.
@cindex compatibility, between @strong{MySQL} versions
@cindex compatibility, between @strong{MySQL} versions
@cindex upgrading, 3.22 to 3.23
@cindex upgrading, 3.22 to 3.23
@node Upgrading-from-3.22, Upgrading-from-3.21, Upgrade, Upgrade
@node Upgrading-from-3.22, Upgrading-from-3.21, Upgrade, Upgrade
@subsection Upgrading
from a 3.22 version to
3.23
@subsection Upgrading
From Version 3.22 to Version
3.23
@strong{MySQL} 3.23 supports tables of the new @code{MyISAM} type and
@strong{MySQL}
Version
3.23 supports tables of the new @code{MyISAM} type and
the old @code{ISAM} type. You don't have to convert your old tables to
the old @code{ISAM} type. You don't have to convert your old tables to
use these with 3.23. By default, all new tables will be created with
use these with
Version
3.23. By default, all new tables will be created with
type @code{MyISAM} (unless you start @code{mysqld} with the
type @code{MyISAM} (unless you start @code{mysqld} with the
@code{--default-table-type=isam} option. You can change an @code{ISAM}
@code{--default-table-type=isam} option
)
. You can change an @code{ISAM}
table to a @code{MyISAM} table with @code{ALTER TABLE} or the Perl script
table to a @code{MyISAM} table with @code{ALTER TABLE} or the Perl script
@code{mysql_convert_table_format}.
@code{mysql_convert_table_format}.
3.22 and 3.21 clients will work without any problems with a 3.23 server.
Version 3.22 and 3.21 clients will work without any problems with a Version
3.23 server.
The following lists tell what you have to watch out for when upgrading to 3.23:
The following lists tell what you have to watch out for when upgrading to
Version 3.23:
@itemize @bullet
@itemize @bullet
@item
@item
...
@@ -9245,11 +9245,11 @@ flag.
...
@@ -9245,11 +9245,11 @@ flag.
or @code{myisamchk} for @code{MyISAM} tables (@code{.MYI}) and
or @code{myisamchk} for @code{MyISAM} tables (@code{.MYI}) and
@code{isamchk} for ISAM (@code{.ISM}) tables.
@code{isamchk} for ISAM (@code{.ISM}) tables.
@item If you want your @code{mysqldump} files to be compatible between
@item If you want your @code{mysqldump} files to be compatible between
@strong{MySQL}
3.22 and 3.23, you should not use the @code{--opt} or
@strong{MySQL}
Version 3.22 and Version 3.23, you should not use the
@code{--full} option to @code{mysqldump}.
@code{--
opt} or @code{--
full} option to @code{mysqldump}.
@item Check all your calls to @code{DATE_FORMAT()} to make sure there is a
@item Check all your calls to @code{DATE_FORMAT()} to make sure there is a
@samp{%} before each format character. (Later @strong{MySQL} 3.22
@samp{%} before each format character. (Later @strong{MySQL}
Version
3.22
version
did allow this syntax.)
did allow this syntax.)
@item
@item
@code{mysql_fetch_fields_direct} is now a function (it was a macro) and
@code{mysql_fetch_fields_direct} is now a function (it was a macro) and
it returns a pointer to a @code{MYSQL_FIELD} instead of a
it returns a pointer to a @code{MYSQL_FIELD} instead of a
...
@@ -9259,34 +9259,33 @@ it returns a pointer to a @code{MYSQL_FIELD} instead of a
...
@@ -9259,34 +9259,33 @@ it returns a pointer to a @code{MYSQL_FIELD} instead of a
now a function that takes @code{MYSQL_RES*} as an argument. You should now
now a function that takes @code{MYSQL_RES*} as an argument. You should now
use @code{mysql_field_count()} instead.
use @code{mysql_field_count()} instead.
@item
@item
In @strong{MySQL} 3.22, the output of @code{SELECT DISTINCT ...} was
In @strong{MySQL}
Version
3.22, the output of @code{SELECT DISTINCT ...} was
almost always sorted. In 3.23, you must use @code{GROUP BY} or
almost always sorted. In
Version
3.23, you must use @code{GROUP BY} or
@code{ORDER BY} to obtain sorted output.
@code{ORDER BY} to obtain sorted output.
@item
@item
@code{SUM()} now returns @code{NULL}, instead of 0, if there is no matching
@code{SUM()} now returns @code{NULL}, instead of 0, if there is no matching
rows. This is according to ANSI SQL.
rows. This is according to ANSI SQL.
@item
@item New restricted words: @code{CASE, THEN, WHEN, ELSE, END, and RIGHT}.
New restricted words: @code{CASE, THEN, WHEN, ELSE, END and RIGHT}
@item An @code{AND} or @code{OR} with @code{NULL} values will now return
@item An @code{AND} or @code{OR} with @code{NULL} values will now return
@code{NULL} instead of 0. This mostly affects queries that use
s
@code{NOT}
@code{NULL} instead of 0. This mostly affects queries that use @code{NOT}
on an @code{AND/OR} expression as @code{NOT NULL} = @code{NULL}.
on an @code{AND/OR} expression as @code{NOT NULL} = @code{NULL}.
@end itemize
@end itemize
@cindex compatibility, between MySQL versions
@cindex compatibility, between MySQL versions
@node Upgrading-from-3.21, Upgrading-from-3.20, Upgrading-from-3.22, Upgrade
@node Upgrading-from-3.21, Upgrading-from-3.20, Upgrading-from-3.22, Upgrade
@subsection Upgrading from
a 3.21 version to
3.22
@subsection Upgrading from
Version 3.21 to Version
3.22
@cindex upgrading, 3.21 to 3.22
@cindex upgrading, 3.21 to 3.22
Nothing that affects compatibility has changed between
3.21 and 3.22. The
Nothing that affects compatibility has changed between
Version 3.21 and 3.22.
only pitfall is that new tables that are created with @code{DATE} type
The
only pitfall is that new tables that are created with @code{DATE} type
columns will use the new way to store the date. You can't access these new
columns will use the new way to store the date. You can't access these new
fields from an old version of @code{mysqld}.
fields from an old version of @code{mysqld}.
After installing @strong{MySQL}
3.22, you should start the new server and
After installing @strong{MySQL}
Version 3.22, you should start the new server
then run the @code{mysql_fix_privilege_tables} script. This will add the new
and then run the @code{mysql_fix_privilege_tables} script. This will add the
privileges that you need to use the @code{GRANT} command. If you forget
new
privileges that you need to use the @code{GRANT} command. If you forget
this, you will get @code{Access denied} when you try to use @code{ALTER
this, you will get @code{Access denied} when you try to use @code{ALTER
TABLE}, @code{CREATE INDEX} or @code{DROP INDEX}. If your @strong{MySQL} root
TABLE}, @code{CREATE INDEX}
,
or @code{DROP INDEX}. If your @strong{MySQL} root
user requires a password, you should give this as an argument to
user requires a password, you should give this as an argument to
@code{mysql_fix_privilege_tables}.
@code{mysql_fix_privilege_tables}.
...
@@ -9303,17 +9302,17 @@ The @code{mysqld} variable @code{key_buffer} has changed names to
...
@@ -9303,17 +9302,17 @@ The @code{mysqld} variable @code{key_buffer} has changed names to
startup files.
startup files.
@node Upgrading-from-3.20, Upgrading-to-arch, Upgrading-from-3.21, Upgrade
@node Upgrading-from-3.20, Upgrading-to-arch, Upgrading-from-3.21, Upgrade
@subsection Upgrading from
a 3.20 version to
3.21
@subsection Upgrading from
Version 3.20 to Version
3.21
@cindex upgrading, 3.20
2
to 3.21
@cindex upgrading, 3.20 to 3.21
If you are running a version older than 3.20.28 and want to
If you are running a version older than
Version
3.20.28 and want to
switch to
3.21.x
, you need to do the following:
switch to
Version 3.21
, you need to do the following:
You can start the @code{mysqld} 3.21 server with @code{safe_mysqld
You can start the @code{mysqld}
Version
3.21 server with @code{safe_mysqld
--old-protocol} to use it with clients from
the
3.20 distribution.
--old-protocol} to use it with clients from
a Version
3.20 distribution.
In this case, the new client function @code{mysql_errno()} will not
In this case, the new client function @code{mysql_errno()} will not
return any server error, only @code{CR_UNKNOWN_ERROR}
,
(but it
return any server error, only @code{CR_UNKNOWN_ERROR} (but it
works for client errors) and the server uses the old @code{password()}
works for client errors)
,
and the server uses the old @code{password()}
checking rather than the new one.
checking rather than the new one.
If you are @strong{NOT} using the @code{--old-protocol} option to
If you are @strong{NOT} using the @code{--old-protocol} option to
...
@@ -9333,11 +9332,11 @@ rather than 31-bit passwords).
...
@@ -9333,11 +9332,11 @@ rather than 31-bit passwords).
The table format hasn't changed, so you don't have to convert any tables.
The table format hasn't changed, so you don't have to convert any tables.
@end itemize
@end itemize
@strong{MySQL}
3.20.28 and above can handle the new @code{user} table format
@strong{MySQL}
Version 3.20.28 and above can handle the new @code{user} table
without affecting clients. If you have a @strong{MySQL} version earlier than
format without affecting clients. If you have a @strong{MySQL} version earlier
3.20.28, passwords will no longer work with it if you convert the @code{user}
than Version 3.20.28, passwords will no longer work with it if you convert the
table. So to be safe, you should first upgrade to at least 3.20.28 and then
@code{user} table. So to be safe, you should first upgrade to at least Version
upgrade to 3.21.x
.
3.20.28 and then upgrade to Version 3.21
.
@cindex Protocol mismatch
@cindex Protocol mismatch
The new client code works with a 3.20.x @code{mysqld} server, so
The new client code works with a 3.20.x @code{mysqld} server, so
...
@@ -9368,20 +9367,21 @@ The following changes may affect queries in old applications:
...
@@ -9368,20 +9367,21 @@ The following changes may affect queries in old applications:
The parameters to @code{LOCATE()} have been swapped.
The parameters to @code{LOCATE()} have been swapped.
@item
@item
There are some new reserved words. The most notable are @code{DATE},
There are some new reserved words. The most notable are @code{DATE},
@code{TIME} and @code{TIMESTAMP}.
@code{TIME}
,
and @code{TIMESTAMP}.
@end itemize
@end itemize
@node Upgrading-to-arch, , Upgrading-from-3.20, Upgrade
@subsection Upgrading to another architecture
@cindex upgrading, different architecture
@cindex upgrading, different architecture
@node Upgrading-to-arch, , Upgrading-from-3.20, Upgrade
@subsection Upgrading to Another Architecture
If you are using @strong{MySQL} 3.23, you can copy the @code{.frm}, the
@code{.MYI} and the @code{.MYD} files between different architectures
that support the same floating point format. (@strong{MySQL} takes care
of any byte swapping issues).
The @strong{MySQL} @code{ISAM} data @file{*.ISD} and the index files
If you are using @strong{MySQL} Version 3.23, you can copy the @code{.frm},
@file{*.ISM} files) are architecture-dependent and in some case
@code{.MYI}, and @code{.MYD} files between different architectures that
support the same floating point format. (@strong{MySQL} takes care of any
byte swapping issues.)
The @strong{MySQL} @code{ISAM} data and index files (@file{.ISD} and
@file{*.ISM}, respectively) are architecture-dependent and in some case
OS-dependent. If you want to move your applications to another machine
OS-dependent. If you want to move your applications to another machine
that has a different architecture or OS than your current machine, you
that has a different architecture or OS than your current machine, you
should not try to move a database by simply copying the files to the
should not try to move a database by simply copying the files to the
...
@@ -9470,7 +9470,7 @@ information.
...
@@ -9470,7 +9470,7 @@ information.
@cindex extensions, to ANSI SQL
@cindex extensions, to ANSI SQL
@cindex ANSI SQL92, extensions to
@cindex ANSI SQL92, extensions to
@node Compatibility, Privilege system, Installing, Top
@node Compatibility, Privilege system, Installing, Top
@chapter How
standards-compatible i
s MySQL?
@chapter How
Standards-compatible I
s MySQL?
@menu
@menu
* Extensions to ANSI:: @strong{MySQL} extensions to ANSI SQL92
* Extensions to ANSI:: @strong{MySQL} extensions to ANSI SQL92
...
@@ -9482,7 +9482,7 @@ information.
...
@@ -9482,7 +9482,7 @@ information.
@end menu
@end menu
@node Extensions to ANSI, Ansi mode, Compatibility, Compatibility
@node Extensions to ANSI, Ansi mode, Compatibility, Compatibility
@section MySQL
e
xtensions to ANSI SQL92
@section MySQL
E
xtensions to ANSI SQL92
@strong{MySQL} includes some extensions that you probably will not find in
@strong{MySQL} includes some extensions that you probably will not find in
other SQL databases. Be warned that if you use them, your code will not be
other SQL databases. Be warned that if you use them, your code will not be
...
@@ -9497,26 +9497,26 @@ SELECT /*! STRAIGHT_JOIN */ col_name FROM table1,table2 WHERE ...
...
@@ -9497,26 +9497,26 @@ SELECT /*! STRAIGHT_JOIN */ col_name FROM table1,table2 WHERE ...
@end example
@end example
If you add a version number after the @code{'!'}, the syntax will only be
If you add a version number after the @code{'!'}, the syntax will only be
executed if the @strong{MySQL} version is equal or newer than the used
executed if the @strong{MySQL} version is equal
to
or newer than the used
version number:
version number:
@example
@example
CREATE /*!32302 TEMPORARY */ TABLE (a int);
CREATE /*!32302 TEMPORARY */ TABLE (a int);
@end example
@end example
The above means that if you have
3.23.02 or newer, then @strong{MySQL} will use
The above means that if you have
Version 3.23.02 or newer, then @strong{MySQL}
the @code{TEMPORARY} keyword.
will use
the @code{TEMPORARY} keyword.
@strong{MySQL} extensions are listed below:
@strong{MySQL} extensions are listed below:
@itemize @bullet
@itemize @bullet
@item
@item
The field types @code{MEDIUMINT}, @code{SET}, @code{ENUM} and the
The field types @code{MEDIUMINT}, @code{SET}, @code{ENUM}
,
and the
different @code{BLOB} and @code{TEXT} types.
different @code{BLOB} and @code{TEXT} types.
@item
@item
The field attributes @code{AUTO_INCREMENT}, @code{BINARY}, @code{NULL},
The field attributes @code{AUTO_INCREMENT}, @code{BINARY}, @code{NULL},
@code{UNSIGNED} and @code{ZEROFILL}.
@code{UNSIGNED}
,
and @code{ZEROFILL}.
@item
@item
All string comparisons are case insensitive by default, with sort
All string comparisons are case insensitive by default, with sort
...
@@ -9533,25 +9533,27 @@ directory.
...
@@ -9533,25 +9533,27 @@ directory.
This has a few implications:
This has a few implications:
@itemize @minus
@item
@cindex Database names, case sensitivity
@cindex Database names, case sensitivity
@cindex Table names, case sensitivity
@cindex Table names, case sensitivity
@cindex Case sensitivity, of database names
@cindex Case sensitivity, of database names
@cindex Case sensitivity, of table names
@cindex Case sensitivity, of table names
@itemize @minus
@item
Database names and table names are case sensitive in @strong{MySQL} on
Database names and table names are case sensitive in @strong{MySQL} on
operating systems that have case
sensitive filenames (like most Unix
operating systems that have case
-sensitive filenames (like most UNIX
systems). If you have a problem remembering table names, adopt a consistent
systems). If you have a problem remembering table names, adopt a consistent
convention, such as always creating databases and tables using lowercase
convention, such as always creating databases and tables using lowercase
names.
names.
@item
@item
Database, table, index, column or alias names may begin with a digit
Database, table, index, column
,
or alias names may begin with a digit
(but may not consist solely of digits).
(but may not consist solely of digits).
@item
@item
You can use standard system commands to backup, rename, move, delete and copy
You can use standard system commands to backup, rename, move, delete
,
and copy
tables. For example, to rename a table, rename the @file{.MYD}, @file{.MYI}
tables. For example, to rename a table, rename the @file{.MYD}, @file{.MYI}
,
and @file{.frm} files to which the table corresponds.
and @file{.frm} files to which the table corresponds.
@end itemize
@end itemize
...
@@ -9559,7 +9561,7 @@ and @file{.frm} files to which the table corresponds.
...
@@ -9559,7 +9561,7 @@ and @file{.frm} files to which the table corresponds.
In SQL statements, you can access tables from different databases
In SQL statements, you can access tables from different databases
with the @code{db_name.tbl_name} syntax. Some SQL servers provide
with the @code{db_name.tbl_name} syntax. Some SQL servers provide
the same functionality but call this @code{User space}.
the same functionality but call this @code{User space}.
@strong{MySQL} doesn't support tablespaces
like
in:
@strong{MySQL} doesn't support tablespaces
as
in:
@code{create table ralph.my_table...IN my_tablespace}.
@code{create table ralph.my_table...IN my_tablespace}.
@item
@item
...
@@ -9587,7 +9589,7 @@ Use of @code{TEMPORARY} or @code{IF NOT EXISTS} with @code{CREATE TABLE}.
...
@@ -9587,7 +9589,7 @@ Use of @code{TEMPORARY} or @code{IF NOT EXISTS} with @code{CREATE TABLE}.
Use of @code{COUNT(DISTINCT list)} where 'list' is more than one element.
Use of @code{COUNT(DISTINCT list)} where 'list' is more than one element.
@item
@item
Use of @code{CHANGE col_name}, @code{DROP col_name} or @code{DROP
Use of @code{CHANGE col_name}, @code{DROP col_name}
,
or @code{DROP
INDEX}, @code{IGNORE} or @code{RENAME} in an @code{ALTER TABLE}
INDEX}, @code{IGNORE} or @code{RENAME} in an @code{ALTER TABLE}
statement. @xref{ALTER TABLE, , @code{ALTER TABLE}}.
statement. @xref{ALTER TABLE, , @code{ALTER TABLE}}.
...
@@ -9595,7 +9597,7 @@ statement. @xref{ALTER TABLE, , @code{ALTER TABLE}}.
...
@@ -9595,7 +9597,7 @@ statement. @xref{ALTER TABLE, , @code{ALTER TABLE}}.
Use of @code{RENAME TABLE}. @xref{RENAME TABLE, , @code{RENAME TABLE}}.
Use of @code{RENAME TABLE}. @xref{RENAME TABLE, , @code{RENAME TABLE}}.
@item
@item
Use of multiple @code{ADD}, @code{ALTER}, @code{DROP} or @code{CHANGE}
Use of multiple @code{ADD}, @code{ALTER}, @code{DROP}
,
or @code{CHANGE}
clauses in an @code{ALTER TABLE} statement.
clauses in an @code{ALTER TABLE} statement.
@item
@item
...
@@ -9613,7 +9615,7 @@ statements.
...
@@ -9613,7 +9615,7 @@ statements.
@item
@item
The @code{LOW_PRIORITY} clause of the @code{INSERT}, @code{REPLACE},
The @code{LOW_PRIORITY} clause of the @code{INSERT}, @code{REPLACE},
@code{DELETE} and @code{UPDATE} statements.
@code{DELETE}
,
and @code{UPDATE} statements.
@cindex Oracle compatibility
@cindex Oracle compatibility
@cindex Compatibility, with Oracle
@cindex Compatibility, with Oracle
...
@@ -9622,7 +9624,7 @@ Use of @code{LOAD DATA INFILE}. In many cases, this syntax is compatible with
...
@@ -9622,7 +9624,7 @@ Use of @code{LOAD DATA INFILE}. In many cases, this syntax is compatible with
Oracle's @code{LOAD DATA INFILE}. @xref{LOAD DATA, , @code{LOAD DATA}}.
Oracle's @code{LOAD DATA INFILE}. @xref{LOAD DATA, , @code{LOAD DATA}}.
@item
@item
The @code{ANALYZE TABLE}, @code{CHECK TABLE}, @code{OPTIMIZE TABLE} and
The @code{ANALYZE TABLE}, @code{CHECK TABLE}, @code{OPTIMIZE TABLE}
,
and
@code{REPAIR TABLE} statements.
@code{REPAIR TABLE} statements.
@item
@item
...
@@ -9645,7 +9647,7 @@ queries.
...
@@ -9645,7 +9647,7 @@ queries.
@xref{Group by functions}.
@xref{Group by functions}.
@item
@item
To make it easier for users
that
come from other SQL environments,
To make it easier for users
who
come from other SQL environments,
@strong{MySQL} supports aliases for many functions. For example, all
@strong{MySQL} supports aliases for many functions. For example, all
string functions support both ANSI SQL syntax and ODBC syntax.
string functions support both ANSI SQL syntax and ODBC syntax.
...
@@ -9672,7 +9674,7 @@ for C programmers and for compatibility with PostgreSQL.
...
@@ -9672,7 +9674,7 @@ for C programmers and for compatibility with PostgreSQL.
@item
@item
The @code{=}, @code{<>}, @code{<=} ,@code{<}, @code{>=},@code{>},
The @code{=}, @code{<>}, @code{<=} ,@code{<}, @code{>=},@code{>},
@code{<<}, @code{>>}, @code{<=>}, @code{AND}, @code{OR} or @code{LIKE}
@code{<<}, @code{>>}, @code{<=>}, @code{AND}, @code{OR}
,
or @code{LIKE}
operators may be used in column comparisons to the left of the
operators may be used in column comparisons to the left of the
@code{FROM} in @code{SELECT} statements. For example:
@code{FROM} in @code{SELECT} statements. For example:
...
@@ -9704,7 +9706,7 @@ Use of @code{TRIM()} to trim substrings. ANSI SQL only supports removal
...
@@ -9704,7 +9706,7 @@ Use of @code{TRIM()} to trim substrings. ANSI SQL only supports removal
of single characters.
of single characters.
@item
@item
The @code{GROUP BY} functions @code{STD()}, @code{BIT_OR()} and
The @code{GROUP BY} functions @code{STD()}, @code{BIT_OR()}
,
and
@code{BIT_AND()}.
@code{BIT_AND()}.
@item
@item
...
@@ -9724,18 +9726,18 @@ SELECT @@t1:=(@@t2:=1)+@@t3:=4,@@t1,@@t2,@@t3;
...
@@ -9724,18 +9726,18 @@ SELECT @@t1:=(@@t2:=1)+@@t3:=4,@@t1,@@t2,@@t3;
@end itemize
@end itemize
@node Ansi mode, Differences from ANSI, Extensions to ANSI, Compatibility
@node Ansi mode, Differences from ANSI, Extensions to ANSI, Compatibility
@section Running MySQL in ANSI
m
ode
@section Running MySQL in ANSI
M
ode
@cindex running, ANSI mode
@cindex running, ANSI mode
@cindex ANSI mode, running
@cindex ANSI mode, running
If you start mysqld with the @code{--ansi} option, the following behavio
u
r
If you start mysqld with the @code{--ansi} option, the following behavior
of @strong{MySQL} changes
.
of @strong{MySQL} changes
:
@itemize @bullet
@itemize @bullet
@item
@item
@code{||} is string concatenation instead of @code{OR}.
@code{||} is string concatenation instead of @code{OR}.
@item
@item
One
can have any number of spaces between a function name and the @samp{(}.
You
can have any number of spaces between a function name and the @samp{(}.
This makes also all function names reserved words.
This makes also all function names reserved words.
@item
@item
@samp{"} will be an identifier quote character (like the @strong{MySQL}
@samp{"} will be an identifier quote character (like the @strong{MySQL}
...
@@ -9746,7 +9748,7 @@ This makes also all function names reserved words.
...
@@ -9746,7 +9748,7 @@ This makes also all function names reserved words.
@end itemize
@end itemize
@node Differences from ANSI, Missing functions, Ansi mode, Compatibility
@node Differences from ANSI, Missing functions, Ansi mode, Compatibility
@section MySQL
differences c
ompared to ANSI SQL92
@section MySQL
Differences C
ompared to ANSI SQL92
We try to make @strong{MySQL} follow the ANSI SQL standard and the
We try to make @strong{MySQL} follow the ANSI SQL standard and the
ODBC SQL standard, but in some cases @strong{MySQL} does some things
ODBC SQL standard, but in some cases @strong{MySQL} does some things
...
@@ -9762,7 +9764,7 @@ stored. @xref{Bugs}.
...
@@ -9762,7 +9764,7 @@ stored. @xref{Bugs}.
In some cases, @code{CHAR} columns are silently changed to @code{VARCHAR}
In some cases, @code{CHAR} columns are silently changed to @code{VARCHAR}
columns. @xref{Silent column changes}.
columns. @xref{Silent column changes}.
@item
@item
Privileges for a table
is
not automatically revoked when you delete a
Privileges for a table
are
not automatically revoked when you delete a
table. You must explicitly issue a @code{REVOKE} to revoke privileges for
table. You must explicitly issue a @code{REVOKE} to revoke privileges for
a table. @xref{GRANT, , @code{GRANT}}.
a table. @xref{GRANT, , @code{GRANT}}.
@item
@item
...
@@ -9772,7 +9774,7 @@ extra conditions in this case.
...
@@ -9772,7 +9774,7 @@ extra conditions in this case.
@end itemize
@end itemize
@node Missing functions, Standards, Differences from ANSI, Compatibility
@node Missing functions, Standards, Differences from ANSI, Compatibility
@section Functionality
m
issing from MySQL
@section Functionality
M
issing from MySQL
@cindex missing functionality
@cindex missing functionality
@cindex functionality, missing
@cindex functionality, missing
...
@@ -9804,7 +9806,7 @@ SELECT * FROM table1 WHERE id IN (SELECT id FROM table2);
...
@@ -9804,7 +9806,7 @@ SELECT * FROM table1 WHERE id IN (SELECT id FROM table2);
SELECT * FROM table1 WHERE id NOT IN (SELECT id FROM table2);
SELECT * FROM table1 WHERE id NOT IN (SELECT id FROM table2);
@end example
@end example
However, in many cases you can rewrite the query without a sub
select:
However, in many cases you can rewrite the query without a sub
-
select:
@example
@example
SELECT table1.* FROM table1,table2 WHERE table1.id=table2.id;
SELECT table1.* FROM table1,table2 WHERE table1.id=table2.id;
...
@@ -9844,8 +9846,8 @@ prompt> mysql --skip-column-names mydb < myscript.sql | mysql mydb
...
@@ -9844,8 +9846,8 @@ prompt> mysql --skip-column-names mydb < myscript.sql | mysql mydb
@end example
@end example
@strong{MySQL} only supports @code{INSERT ... SELECT ...} and
@strong{MySQL} only supports @code{INSERT ... SELECT ...} and
@code{REPLACE ... SELECT ...} Independent sub-selects will
be
probably
@code{REPLACE ... SELECT ...} Independent sub-selects will probably
be available in
3.2
4.0. You can now use the function @code{IN()} in
be available in
Version
4.0. You can now use the function @code{IN()} in
other contexts, however.
other contexts, however.
@node Missing SELECT INTO TABLE, Missing Transactions, Missing Sub-selects, Missing functions
@node Missing SELECT INTO TABLE, Missing Transactions, Missing Sub-selects, Missing functions
...
@@ -9889,7 +9891,7 @@ First, in the transactional paradigm, if your applications are written
...
@@ -9889,7 +9891,7 @@ First, in the transactional paradigm, if your applications are written
in a way that is dependent on the calling of ``rollback'' instead of
in a way that is dependent on the calling of ``rollback'' instead of
``commit'' in critical situations, then transactions are more
``commit'' in critical situations, then transactions are more
convenient. Moreover, transactions ensure that unfinished updates or
convenient. Moreover, transactions ensure that unfinished updates or
corrupting activities are not commited to the database; the server is
corrupting activities are not commit
t
ed to the database; the server is
given the opportunity to do an automatic rollback and your database is
given the opportunity to do an automatic rollback and your database is
saved.
saved.
...
@@ -9900,7 +9902,7 @@ repair or warn if such occurs. Note that just by using the
...
@@ -9900,7 +9902,7 @@ repair or warn if such occurs. Note that just by using the
@strong{MySQL} log or even adding one extra log, one can normally fix
@strong{MySQL} log or even adding one extra log, one can normally fix
tables perfectly with no data integrity loss.
tables perfectly with no data integrity loss.
Moreover,
``fatal''
transactional updates can be rewritten to be
Moreover,
fatal
transactional updates can be rewritten to be
atomic. In fact,we will go so far as to say that all integrity problems
atomic. In fact,we will go so far as to say that all integrity problems
that transactions solve can be done with @code{LOCK TABLES} or atomic updates,
that transactions solve can be done with @code{LOCK TABLES} or atomic updates,
ensuring that you never will get an automatic abort from the database,
ensuring that you never will get an automatic abort from the database,
...
@@ -9921,17 +9923,17 @@ use.
...
@@ -9921,17 +9923,17 @@ use.
The transactional paradigm has its benefits and its drawbacks. Many
The transactional paradigm has its benefits and its drawbacks. Many
users and application developers depend on the ease with which they can
users and application developers depend on the ease with which they can
code around problems where an
``abort'' appears
or is necessary, and they
code around problems where an
abort appears to be,
or is necessary, and they
may have to do a little more work with @strong{MySQL} to either think
may have to do a little more work with @strong{MySQL} to either think
differently or write more. If you are new to the atomic operations
differently or write more. If you are new to the atomic operations
paradigm, or more familiar or more comfortable with transactions, do not
paradigm, or more familiar or more comfortable with transactions, do not
jump to the conclusion that @strong{MySQL} has not addressed these
jump to the conclusion that @strong{MySQL} has not addressed these
issues. Reliability and integrity are foremost in our minds. Recent
issues. Reliability and integrity are foremost in our minds. Recent
estimates
ar
e that there are more than 1,000,000 mysqld servers
estimates
indicat
e that there are more than 1,000,000 mysqld servers
currently running, many of which are in production environments. We
currently running, many of which are in production environments. We
hear very, very seldom from our users that they have lost any data, and
hear very, very seldom from our users that they have lost any data, and
in almost all of those cases user error is involved. This is in our
in almost all of those cases user error is involved. This is
,
in our
opinion the best proof of @strong{MySQL}'s stability and reliability.
opinion
,
the best proof of @strong{MySQL}'s stability and reliability.
Lastly, in situations where integrity is of highest importance,
Lastly, in situations where integrity is of highest importance,
@strong{MySQL}'s current features allow for transaction-level or better
@strong{MySQL}'s current features allow for transaction-level or better
...
@@ -9939,43 +9941,43 @@ reliability and integrity. If you lock tables with @code{LOCK TABLES}, all
...
@@ -9939,43 +9941,43 @@ reliability and integrity. If you lock tables with @code{LOCK TABLES}, all
updates will stall until any integrity checks are made. If you only obtain
updates will stall until any integrity checks are made. If you only obtain
a read lock (as opposed to a write lock), then reads and inserts are
a read lock (as opposed to a write lock), then reads and inserts are
still allowed to happen. The new inserted records will not be seen by
still allowed to happen. The new inserted records will not be seen by
any of the clients that have a @code{READ} lock until they rel
a
ease their read
any of the clients that have a @code{READ} lock until they release their read
locks. With @code{INSERT DELAYED} you can queue inserts into a local queue,
locks. With @code{INSERT DELAYED} you can queue inserts into a local queue,
until the locks are released, without having t
o have the client wait
until the locks are released, without having t
he client wait for the insert
for the insert
to complete.
to complete.
``Atomic,'' in the sense that we mean it, is nothing magical. It only means
``Atomic,'' in the sense that we mean it, is nothing magical. It only means
that you can be sure that while each specific update is running no other
that you can be sure that while each specific update is running
,
no other
user can interfere with it
and that
there will never be an automatic
user can interfere with it
, and
there will never be an automatic
rollback (which can happen on transaction based systems if you are not
rollback (which can happen on transaction based systems if you are not
very careful). @strong{MySQL} also guarantees that there will not be
very careful). @strong{MySQL} also guarantees that there will not be
any dirty reads. You can find some example of how to write atomic updates
any dirty reads. You can find some example of how to write atomic updates
in the
in the
commit-rollback section. @xref{Commit-rollback}.
in the commit-rollback section. @xref{Commit-rollback}.
We have thought quite a bit about integrity and performance and we
We have thought quite a bit about integrity and performance
,
and we
believe that our atomic operations paradigm allows for both high
believe that our atomic operations paradigm allows for both high
reliability and extremely high performance, on the order of three to
reliability and extremely high performance, on the order of three to
five times the speed of the fastest and most optimally tuned of
five times the speed of the fastest and most optimally tuned of
transactional databases. We didn't leave out transactions because they
transactional databases. We didn't leave out transactions because they
are hard to do
;
The main reason we went with atomic operations as
are hard to do
.
The main reason we went with atomic operations as
opposed to transactions is that by doing this we could apply many speed
opposed to transactions is that by doing this we could apply many speed
optimizations that would not otherwise have been possible.
optimizations that would not otherwise have been possible.
Many of our users who have speed foremost in their minds are not at all
Many of our users who have speed foremost in their minds are not at all
concerned about transactions. For them transactions are not an
concerned about transactions. For them transactions are not an
issue. For those of our users who are concerned with or have wondered
issue. For those of our users who are concerned with or have wondered
about transactions vis
a
vis @strong{MySQL}, there is a ``@strong{MySQL}
about transactions vis
-a-
vis @strong{MySQL}, there is a ``@strong{MySQL}
way'' as we have outlined above. For those where safety is more important
way'' as we have outlined above. For those where safety is more important
than speed, we recommend them to use the @code{BDB} tables for all their
than speed, we recommend them to use the @code{BDB} tables for all their
critical data. @xref{BDB}.
critical data. @xref{BDB}.
One final note:
w
e are currently working on a safe replication schema
One final note:
W
e are currently working on a safe replication schema
that we believe to be better than any commercial replication system we
that we believe to be better than any commercial replication system we
know of. This system will work most reliably under the atomic
know of. This system will work most reliably under the atomic
operations, non-transactional, paradigm. Stay tuned.
operations, non-transactional, paradigm. Stay tuned.
@node Missing Triggers, Missing Foreign Keys, Missing Transactions, Missing functions
@node Missing Triggers, Missing Foreign Keys, Missing Transactions, Missing functions
@subsection Stored
procedures and t
riggers
@subsection Stored
Procedures and T
riggers
@cindex stored procedures and triggers, defined
@cindex stored procedures and triggers, defined
@cindex procedures, stored
@cindex procedures, stored
@cindex triggers, stored
@cindex triggers, stored
...
@@ -9984,7 +9986,7 @@ operations, non-transactional, paradigm. Stay tuned.
...
@@ -9984,7 +9986,7 @@ operations, non-transactional, paradigm. Stay tuned.
A stored procedure is a set of SQL commands that can be compiled and stored
A stored procedure is a set of SQL commands that can be compiled and stored
in the server. Once this has been done, clients don't need to keep reissuing
in the server. Once this has been done, clients don't need to keep reissuing
the entire query but can refer to the stored procedure. This provides better
the entire query but can refer to the stored procedure. This provides better
performance because the query has to be parsed only once and less information
performance because the query has to be parsed only once
,
and less information
needs to be sent between the server and the client. You can also raise the
needs to be sent between the server and the client. You can also raise the
conceptual level by having libraries of functions in the server.
conceptual level by having libraries of functions in the server.
...
@@ -10008,11 +10010,12 @@ To see when @strong{MySQL} might get stored procedures, see @ref{TODO}.
...
@@ -10008,11 +10010,12 @@ To see when @strong{MySQL} might get stored procedures, see @ref{TODO}.
Note that foreign keys in SQL are not used to join tables, but are used
Note that foreign keys in SQL are not used to join tables, but are used
mostly for checking referential integrity. If you want to get results from
mostly for checking referential integrity. If you want to get results from
multiple tables from a @code{SELECT} statement, you do this by joining
multiple tables from a @code{SELECT} statement, you do this by joining
tables
!
tables
:
@example
@example
SELECT * from table1,table2 where table1.id = table2.id;
SELECT * from table1,table2 where table1.id = table2.id;
@end example
@end example
@xref{JOIN, , @code{JOIN}}. @xref{example-Foreign keys}.
@xref{JOIN, , @code{JOIN}}. @xref{example-Foreign keys}.
The @code{FOREIGN KEY} syntax in @strong{MySQL} exists only for compatibility
The @code{FOREIGN KEY} syntax in @strong{MySQL} exists only for compatibility
...
@@ -10024,7 +10027,7 @@ override. @code{FOREIGN KEY} is sometimes used as a constraint check, but
...
@@ -10024,7 +10027,7 @@ override. @code{FOREIGN KEY} is sometimes used as a constraint check, but
this check is unnecessary in practice if rows are inserted into the tables in
this check is unnecessary in practice if rows are inserted into the tables in
the right order. @strong{MySQL} only supports these clauses because some
the right order. @strong{MySQL} only supports these clauses because some
applications require them to exist (regardless of whether or not they
applications require them to exist (regardless of whether or not they
work
!
).
work).
In @strong{MySQL}, you can work around the problem of @code{ON DELETE
In @strong{MySQL}, you can work around the problem of @code{ON DELETE
...} not being implemented by adding the appropriate @code{DELETE} statement to
...} not being implemented by adding the appropriate @code{DELETE} statement to
...
@@ -10041,17 +10044,17 @@ and may be retrieved by @code{mysqldump} and ODBC.
...
@@ -10041,17 +10044,17 @@ and may be retrieved by @code{mysqldump} and ODBC.
@end menu
@end menu
@node Broken Foreign KEY, , Missing Foreign Keys, Missing Foreign Keys
@node Broken Foreign KEY, , Missing Foreign Keys, Missing Foreign Keys
@subsubsection Reasons NOT to
use foreign k
eys
@subsubsection Reasons NOT to
Use Foreign K
eys
@cindex foreign keys, reasons not to use
@cindex foreign keys, reasons not to use
There are so many problems with
@code{FOREIGN KEY}
s that we don't
There are so many problems with
foreign key
s that we don't
know where to start:
know where to start:
@itemize @bullet
@itemize @bullet
@item
@item
Foreign keys make life very complicated, because the foreign key definitions
Foreign keys make life very complicated, because the foreign key definitions
must be stored in a database and implementing them would destroy the whole
must be stored in a database and implementing them would destroy the whole
``nice approach'' of using files that can be moved, copied and removed.
``nice approach'' of using files that can be moved, copied
,
and removed.
@item
@item
The speed impact is terrible for @code{INSERT} and @code{UPDATE} statements,
The speed impact is terrible for @code{INSERT} and @code{UPDATE} statements,
...
@@ -10074,7 +10077,7 @@ in a very specific order.
...
@@ -10074,7 +10077,7 @@ in a very specific order.
@item
@item
It's very easy to do ``allowed'' circular definitions that make the
It's very easy to do ``allowed'' circular definitions that make the
tables impossible to recreate each table with a single create statement,
tables impossible to re
-
create each table with a single create statement,
even if the definition works and is usable.
even if the definition works and is usable.
@end itemize
@end itemize
...
@@ -10083,8 +10086,8 @@ other client programs the ability to see how a table is connected and to use
...
@@ -10083,8 +10086,8 @@ other client programs the ability to see how a table is connected and to use
this to show connection diagrams and to help in building applicatons.
this to show connection diagrams and to help in building applicatons.
@strong{MySQL} will soon store @code{FOREIGN KEY} definitions so that
@strong{MySQL} will soon store @code{FOREIGN KEY} definitions so that
a client can ask for and receive an answer
how the original connection was
a client can ask for and receive an answer
about how the original connection
made. The current @file{.frm} file format does not have any place for it.
was
made. The current @file{.frm} file format does not have any place for it.
@node Missing Views, Missing comments, Missing Foreign Keys, Missing functions
@node Missing Views, Missing comments, Missing Foreign Keys, Missing functions
@subsection Views
@subsection Views
...
@@ -10093,18 +10096,18 @@ made. The current @file{.frm} file format does not have any place for it.
...
@@ -10093,18 +10096,18 @@ made. The current @file{.frm} file format does not have any place for it.
@strong{MySQL} doesn't support views, but this is on the TODO.
@strong{MySQL} doesn't support views, but this is on the TODO.
@node Missing comments, , Missing Views, Missing functions
@node Missing comments, , Missing Views, Missing functions
@subsection @samp{--} as the
start of a c
omment
@subsection @samp{--} as the
Start of a C
omment
@cindex comments, starting
@cindex comments, starting
@cindex starting, comments
@cindex starting, comments
Some other SQL databases use @samp{--} to start comments. @strong{MySQL}
Some other SQL databases use @samp{--} to start comments. @strong{MySQL}
has @samp{#} as the start comment character, even if the @code{mysql}
has @samp{#} as the start comment character, even if the @code{mysql}
command
line tool removes all lines that start with @samp{--}.
command
-
line tool removes all lines that start with @samp{--}.
You can also use the C comment style @code{/* this is a comment */} with
You can also use the C comment style @code{/* this is a comment */} with
@strong{MySQL}.
@strong{MySQL}.
@xref{Comments}.
@xref{Comments}.
@strong{MySQL} 3.23.3 and above supports the @samp{--} comment style
@strong{MySQL}
Version
3.23.3 and above supports the @samp{--} comment style
only if the comment is followed by a space. This is because this
only if the comment is followed by a space. This is because this
degenerate comment style has caused many problems with automatically
degenerate comment style has caused many problems with automatically
generated SQL queries that have used something like the following code,
generated SQL queries that have used something like the following code,
...
@@ -10120,10 +10123,11 @@ What do you think will happen when the value of @code{payment} is negative?
...
@@ -10120,10 +10123,11 @@ What do you think will happen when the value of @code{payment} is negative?
Because @code{1--1} is legal in SQL, we think it is terrible that
Because @code{1--1} is legal in SQL, we think it is terrible that
@samp{--} means start comment.
@samp{--} means start comment.
In @strong{MySQL} 3.23 you can however use: @code{1-- This is a comment}
In @strong{MySQL} Version 3.23 you can, however, use:
@code{1-- This is a comment}
The following discussi
ng only concerns you if you are running an
The following discussi
on only concerns you if you are running a @strong{MySQL}
@strong{MySQL} version earlier tha
n 3.23:
version earlier than Versio
n 3.23:
If you have a SQL program in a text file that contains @samp{--} comments
If you have a SQL program in a text file that contains @samp{--} comments
you should use:
you should use:
...
@@ -10153,12 +10157,12 @@ shell> replace " #" " --" -- text-file-with-funny-comments.sql
...
@@ -10153,12 +10157,12 @@ shell> replace " #" " --" -- text-file-with-funny-comments.sql
@end example
@end example
@node Standards, Commit-rollback, Missing functions, Compatibility
@node Standards, Commit-rollback, Missing functions, Compatibility
@section What
standards does MySQL f
ollow?
@section What
Standards Does MySQL F
ollow?
Entry level SQL92. ODBC levels 0-2.
Entry level SQL92. ODBC levels 0-2.
@node Commit-rollback, , Standards, Compatibility
@node Commit-rollback, , Standards, Compatibility
@section How to
cope w
ithout @code{COMMIT}/@code{ROLLBACK}
@section How to
Cope W
ithout @code{COMMIT}/@code{ROLLBACK}
@findex COMMIT
@findex COMMIT
@findex ROLLBACK
@findex ROLLBACK
@cindex transaction safe tables
@cindex transaction safe tables
...
@@ -10167,22 +10171,21 @@ Entry level SQL92. ODBC levels 0-2.
...
@@ -10167,22 +10171,21 @@ Entry level SQL92. ODBC levels 0-2.
@cindex BDB tables
@cindex BDB tables
The following mostly appl
y only for @code{ISAM}, @code{MyISAM}
and
The following mostly appl
ies only for @code{ISAM}, @code{MyISAM},
and
@code{HEAP} tables
;
If you only use transaction safe tables (@code{BDB}
@code{HEAP} tables
.
If you only use transaction safe tables (@code{BDB}
tables) in an a update you can do @code{COMMIT} and @code{ROLLBACK} also
tables) in an a update
,
you can do @code{COMMIT} and @code{ROLLBACK} also
with @strong{MySQL}. @xref{COMMIT}.
with @strong{MySQL}. @xref{COMMIT}.
The problem with handling @code{COMMIT}-@code{ROLLBACK} efficiently with
The problem with handling @code{COMMIT}-@code{ROLLBACK} efficiently with
the above table types would require a completely different table layout
the above table types would require a completely different table layout
than @strong{MySQL} uses today. The table type would also need extra
than @strong{MySQL} uses today. The table type would also need extra
threads that do automatic cleanups on the tables and the disk usage
threads that do automatic cleanups on the tables
,
and the disk usage
would be much higher. This would these table types about 2-4 times
would be much higher. This would
make
these table types about 2-4 times
slower than they are today.
slower than they are today.
For the moment, we are much more for implementing the SQL server
For the moment, we prefer implementing the SQL server language (something
language (something like stored procedures). With this you would very
like stored procedures). With this you would very seldom really need
seldom really need @code{COMMIT}-@code{ROLLBACK.} This would also give much
@code{COMMIT}-@code{ROLLBACK.} This would also give much better performance.
better performance.
Loops that need transactions normally can be coded with the help of
Loops that need transactions normally can be coded with the help of
@code{LOCK TABLES}, and you don't need cursors when you can update records
@code{LOCK TABLES}, and you don't need cursors when you can update records
...
@@ -10228,16 +10231,13 @@ You can also use functions to update records in a single operation.
...
@@ -10228,16 +10231,13 @@ You can also use functions to update records in a single operation.
You can get a very efficient application by using the following techniques:
You can get a very efficient application by using the following techniques:
@itemize @bullet
@itemize @bullet
@item
@item Modify fields relative to their current value.
Modify fields relative to their current value
@item Update only those fields that actually have changed.
@item
Update only those fields that actually have changed
@end itemize
@end itemize
For example, when we are doing updates to some customer information, we
For example, when we are doing updates to some customer information, we
update only the customer data that ha
ve
changed and test only that none of
update only the customer data that ha
s
changed and test only that none of
the changed data, or data that depend on the changed data, ha
ve
changed
the changed data, or data that depend on the changed data, ha
s
changed
compared to the original row. The test for changed data is done with the
compared to the original row. The test for changed data is done with the
@code{WHERE} clause in the @code{UPDATE} statement. If the record wasn't
@code{WHERE} clause in the @code{UPDATE} statement. If the record wasn't
updated, we give the client a message: "Some of the data you have changed
updated, we give the client a message: "Some of the data you have changed
...
@@ -10245,7 +10245,7 @@ have been changed by another user". Then we show the old row versus the new
...
@@ -10245,7 +10245,7 @@ have been changed by another user". Then we show the old row versus the new
row in a window, so the user can decide which version of the customer record
row in a window, so the user can decide which version of the customer record
he should use.
he should use.
This gives us something that is similar to
``column locking''
but is actually
This gives us something that is similar to
column locking
but is actually
even better, because we only update some of the columns, using values that
even better, because we only update some of the columns, using values that
are relative to their current values. This means that typical @code{UPDATE}
are relative to their current values. This means that typical @code{UPDATE}
statements look something like these:
statements look something like these:
...
@@ -10294,7 +10294,7 @@ UPDATE tbl_name SET row_flag=1 WHERE id=ID and row_flag <> 1;
...
@@ -10294,7 +10294,7 @@ UPDATE tbl_name SET row_flag=1 WHERE id=ID and row_flag <> 1;
@end example
@end example
@node Privilege system, Reference, Compatibility, Top
@node Privilege system, Reference, Compatibility, Top
@chapter The MySQL
access privilege s
ystem
@chapter The MySQL
Access Privilege S
ystem
@cindex system, security
@cindex system, security
@cindex access privileges
@cindex access privileges
@cindex privleges, access
@cindex privleges, access
...
@@ -10324,20 +10324,20 @@ system. This section describes how it works.
...
@@ -10324,20 +10324,20 @@ system. This section describes how it works.
@end menu
@end menu
@node General security, Security, Privilege system, Privilege system
@node General security, Security, Privilege system, Privilege system
@section General
s
ecurity
@section General
S
ecurity
Anyone using @strong{MySQL} on a computer connected to the Internet
Anyone using @strong{MySQL} on a computer connected to the Internet
should read this section to avoid the most common security mistakes.
should read this section to avoid the most common security mistakes.
In discussing
``security''
, we emphasize the necessity of fully protecting the
In discussing
security
, we emphasize the necessity of fully protecting the
entire server host (not simply the @strong{MySQL} server) against all types
entire server host (not simply the @strong{MySQL} server) against all types
of applicable attacks: eavesdropping, altering, playback
and D
enial of
of applicable attacks: eavesdropping, altering, playback
, and d
enial of
S
ervice. We do not cover all aspects of availability and fault tolerance
s
ervice. We do not cover all aspects of availability and fault tolerance
here.
here.
@strong{MySQL} uses Access Control Lists (ACLs) security for all
@strong{MySQL} uses Access Control Lists (ACLs) security for all
connections, queries, and other operations
which
a user may attempt to
connections, queries, and other operations
that
a user may attempt to
perform. There is also some support for SSL
encrypted connections
perform. There is also some support for SSL
-
encrypted connections
between @strong{MySQL} clients and servers. Many of the concepts
between @strong{MySQL} clients and servers. Many of the concepts
discussed here are not specific to @strong{MySQL} at all; the same
discussed here are not specific to @strong{MySQL} at all; the same
general ideas apply to almost all applications.
general ideas apply to almost all applications.
...
@@ -10348,7 +10348,7 @@ When running @strong{MySQL}, follow these guidelines whenever possible:
...
@@ -10348,7 +10348,7 @@ When running @strong{MySQL}, follow these guidelines whenever possible:
@item
@item
DON'T EVER GIVE ANYONE (EXCEPT THE @strong{MySQL} ROOT USER) ACCESS TO THE
DON'T EVER GIVE ANYONE (EXCEPT THE @strong{MySQL} ROOT USER) ACCESS TO THE
mysql.user TABLE! The encrypted password is the real password in
mysql.user TABLE! The encrypted password is the real password in
@strong{MySQL}
;
If you know this for one user you can easily login as
@strong{MySQL}
.
If you know this for one user you can easily login as
him if you have access to his 'host'.
him if you have access to his 'host'.
@item
@item
...
@@ -10358,7 +10358,7 @@ not grant any more privileges than necessary. Never grant privileges to all
...
@@ -10358,7 +10358,7 @@ not grant any more privileges than necessary. Never grant privileges to all
hosts.
hosts.
Checklist:
Checklist:
@itemize @
bullet
@itemize @
minus
@item
@item
Try @code{mysql -u root}. If you are able to connect successfully to the
Try @code{mysql -u root}. If you are able to connect successfully to the
server without being asked for a password, you have problems. Any user (not
server without being asked for a password, you have problems. Any user (not
...
@@ -10367,7 +10367,7 @@ Review the @strong{MySQL} installation instructions, paying particular
...
@@ -10367,7 +10367,7 @@ Review the @strong{MySQL} installation instructions, paying particular
attention to the item about setting a @code{root} password.
attention to the item about setting a @code{root} password.
@item
@item
Use the command @code{SHOW GRANTS} and check to see who has access to
Use the command @code{SHOW GRANTS} and check to see who has access to
what. Remove those privileges
which
are not necessary using the @code{REVOKE}
what. Remove those privileges
that
are not necessary using the @code{REVOKE}
command.
command.
@end itemize
@end itemize
...
@@ -10381,21 +10381,21 @@ Do not use passwords from dictionaries. There are special programs to
...
@@ -10381,21 +10381,21 @@ Do not use passwords from dictionaries. There are special programs to
break them. Even passwords like ``xfish98'' are very bad. Much better is
break them. Even passwords like ``xfish98'' are very bad. Much better is
``duag98'' which contains the same word ``fish'' but typed one key to the
``duag98'' which contains the same word ``fish'' but typed one key to the
left on a standard QWERTY keyboard. Another method is to use ``Mhall'' which
left on a standard QWERTY keyboard. Another method is to use ``Mhall'' which
is taken from
first characters of sentence ``Mary had a little lamb''. This
is taken from
the first characters of of each word in the sentence ``Mary had
is easy to remember and type, but hard to guess for someone who does not know
a little lamb.'' This is easy to remember and type, but hard to guess for
it.
someone who does not know
it.
@item
@item
Invest in a firewall. This protects from at least 50% of all types of
Invest in a firewall. This protects from at least 50% of all types of
exploits in any software. Put @strong{MySQL} behind the firewall or in
exploits in any software. Put @strong{MySQL} behind the firewall or in
a demilitarized zone (DMZ).
a demilitarized zone (DMZ).
Checklist:
Checklist:
@itemize @
bullet
@itemize @
minus
@item
@item
Try to scan your ports from the Internet using a tool such as
Try to scan your ports from the Internet using a tool such as
@code{nmap}. @strong{MySQL} uses port 3306 by default. This port should
@code{nmap}. @strong{MySQL} uses port 3306 by default. This port should
be inaccessible from untrusted hosts. Another simple way to check whether or
not
be inaccessible from untrusted hosts. Another simple way to check whether or
your @strong{MySQL} port is open is to type @code{telnet
not
your @strong{MySQL} port is open is to type @code{telnet
server_host 3306} from some remote machine, where
server_host 3306} from some remote machine, where
@code{server_host} is the hostname of your @strong{MySQL}
@code{server_host} is the hostname of your @strong{MySQL}
server. If you get a connection and some garbage characters, the port is
server. If you get a connection and some garbage characters, the port is
...
@@ -10406,25 +10406,25 @@ everything is OK, the port is blocked.
...
@@ -10406,25 +10406,25 @@ everything is OK, the port is blocked.
@item
@item
Do not trust any data entered by your users. They can try to trick your
Do not trust any data entered by your users. They can try to trick your
code by entering special or escaped character sequences in
w
eb forms,
code by entering special or escaped character sequences in
W
eb forms,
URLs, or whatever application you have built. Be sure that your
URLs, or whatever application you have built. Be sure that your
application remains secure if
user enters something like
@code{; DROP
application remains secure if
a user enters something like ``
@code{; DROP
DATABASE mysql;}. This is an extreme example, but large security leaks
DATABASE mysql;}
''
. This is an extreme example, but large security leaks
and data loss may occur as a result of hackers using similar techniques,
and data loss may occur as a result of hackers using similar techniques,
if you do not prepare for them.
if you do not prepare for them.
Also remember to check numeric data. A common mistake is to protect only
Also remember to check numeric data. A common mistake is to protect only
strings. Sometimes people think that if a database contains only publicly
strings. Sometimes people think that if a database contains only publicly
available data that it need not be protected. This is incorrect. At least
available data that it need not be protected. This is incorrect. At least
Denial-of-S
ervice type attacks can be performed on such
denial-of-s
ervice type attacks can be performed on such
databases. The simplest way to protect from this type of attack is to use
databases. The simplest way to protect from this type of attack is to use
apostrophes around the numeric constants: @code{SELECT * FROM table
apostrophes around the numeric constants: @code{SELECT * FROM table
WHERE ID='234'} instead of @code{SELECT * FROM table WHERE ID=234}.
WHERE ID='234'} instead of @code{SELECT * FROM table WHERE ID=234}.
@strong{MySQL} automatically converts this string to a number and
@strong{MySQL} automatically converts this string to a number and
meanwhile
strips all non-numeric symbols from it.
strips all non-numeric symbols from it.
Checklist:
Checklist:
@itemize @
bullet
@itemize @
minus
@item
@item
All WWW applications:
All WWW applications:
@itemize @bullet
@itemize @bullet
...
@@ -10433,13 +10433,13 @@ Try to enter @samp{'} and @samp{"} in all your Web forms. If you get any kind
...
@@ -10433,13 +10433,13 @@ Try to enter @samp{'} and @samp{"} in all your Web forms. If you get any kind
of @strong{MySQL} error, investigate the problem right away.
of @strong{MySQL} error, investigate the problem right away.
@item
@item
Try to modify any dynamic URLs by adding @code{%22} (@samp{"}), @code{%23}
Try to modify any dynamic URLs by adding @code{%22} (@samp{"}), @code{%23}
(@samp{#}) and @code{%27} (@samp{'}) in the URL.
(@samp{#})
,
and @code{%27} (@samp{'}) in the URL.
@item
@item
Try to modify datatypes in dynamic URLs from numeric ones to character
Try to modify datatypes in dynamic URLs from numeric ones to character
ones containing characters from previous example. Your application
ones containing characters from previous example
s
. Your application
should be safe against this and similar attacks.
should be safe against this and similar attacks.
@item
@item
Try to enter characters, spaces, special symbols instead of numbers in
Try to enter characters, spaces,
and
special symbols instead of numbers in
numeric fields. Your application should remove them before passing them to
numeric fields. Your application should remove them before passing them to
@strong{MySQL} or your application should generate an error. Passing
@strong{MySQL} or your application should generate an error. Passing
unchecked values to @strong{MySQL} is very dangerous!
unchecked values to @strong{MySQL} is very dangerous!
...
@@ -10448,32 +10448,27 @@ Check data sizes before passing them to @strong{MySQL}.
...
@@ -10448,32 +10448,27 @@ Check data sizes before passing them to @strong{MySQL}.
@item
@item
Consider having your application connect to the database using a
Consider having your application connect to the database using a
different user name than the one you use for administrative purposes. Do
different user name than the one you use for administrative purposes. Do
not give your applications any more access privileges than what they
not give your applications any more access privileges than they need.
need.
@end itemize
@end itemize
@item
@item
Users of PHP:
Users of PHP:
@itemize @bullet
@itemize @bullet
@item
@item Check out the @code{addslashes()} function.
Check out the @code{addslashes()} function.
@end itemize
@end itemize
@item
@item
Users of @strong{MySQL} C API:
Users of @strong{MySQL} C API:
@itemize @bullet
@itemize @bullet
@item
@item Check out the @code{mysql_escape()} API call.
Check out the @code{mysql_escape()} API call.
@end itemize
@end itemize
@item
@item
Users of @strong{MySQL}++:
Users of @strong{MySQL}++:
@itemize @bullet
@itemize @bullet
@item
@item Check out the @code{escape} and @code{quote} modifiers for query streams.
Check out the @code{escape} and @code{quote} modifiers for query streams.
@end itemize
@end itemize
@item
@item
Users of Perl DBI
Users of Perl DBI
:
@itemize @bullet
@itemize @bullet
@item
@item Check out the @code{quote()} method.
Check out the @code{quote()} method.
@end itemize
@end itemize
@end itemize
@end itemize
...
@@ -10481,7 +10476,7 @@ Check out the @code{quote()} method.
...
@@ -10481,7 +10476,7 @@ Check out the @code{quote()} method.
Do not transmit plain (unencrypted) data over the Internet. These data are
Do not transmit plain (unencrypted) data over the Internet. These data are
accessible to everyone who has the time and ability to intercept it and use
accessible to everyone who has the time and ability to intercept it and use
it for their own purposes. Instead, use an encrypted protocol such as SSL or
it for their own purposes. Instead, use an encrypted protocol such as SSL or
SSH. @strong{MySQL} supports internal SSL connections as of
v
ersion 3.23.9.
SSH. @strong{MySQL} supports internal SSL connections as of
V
ersion 3.23.9.
SSH port-forwarding can be used to create an encrypted (and compressed)
SSH port-forwarding can be used to create an encrypted (and compressed)
tunnel for the communication.
tunnel for the communication.
@item
@item
...
@@ -10500,7 +10495,7 @@ consult with a security expert.
...
@@ -10500,7 +10495,7 @@ consult with a security expert.
@end itemize
@end itemize
@node Security, What Privileges, General security, Privilege system
@node Security, What Privileges, General security, Privilege system
@section How to
make MySQL secure against c
rackers
@section How to
Make MySQL Secure Against C
rackers
@cindex crackers, security against
@cindex crackers, security against
@cindex security, against crackers
@cindex security, against crackers
...
@@ -10509,8 +10504,8 @@ password. The password is not transmitted in clear text over the
...
@@ -10509,8 +10504,8 @@ password. The password is not transmitted in clear text over the
connection.
connection.
All other information is transferred as text that can be read by anyone
All other information is transferred as text that can be read by anyone
that
is able to watch the connection. If you are concerned about this,
who
is able to watch the connection. If you are concerned about this,
you can use the compressed protocol (in @strong{MySQL} 3.22 and above)
you can use the compressed protocol (in @strong{MySQL}
Version
3.22 and above)
to make things much harder. To make things even more secure you should
to make things much harder. To make things even more secure you should
use @code{ssh} (see @uref{http://www.cs.hut.fi/ssh}). With this, you
use @code{ssh} (see @uref{http://www.cs.hut.fi/ssh}). With this, you
can get an encrypted TCP/IP connection between a @strong{MySQL} server
can get an encrypted TCP/IP connection between a @strong{MySQL} server
...
@@ -10537,7 +10532,7 @@ mysql> FLUSH PRIVILEGES;
...
@@ -10537,7 +10532,7 @@ mysql> FLUSH PRIVILEGES;
@end example
@end example
@item
@item
Don't run the @strong{MySQL} daemon as the U
nix
@code{root} user.
Don't run the @strong{MySQL} daemon as the U
NIX
@code{root} user.
It is very dangerous as any user with @code{FILE} privileges will be able to
It is very dangerous as any user with @code{FILE} privileges will be able to
create files
create files
as @code{root} (e.g. @code{~root/.bashrc}). To prevent this
as @code{root} (e.g. @code{~root/.bashrc}). To prevent this
...
@@ -10545,24 +10540,24 @@ as @code{root} (e.g. @code{~root/.bashrc}). To prevent this
...
@@ -10545,24 +10540,24 @@ as @code{root} (e.g. @code{~root/.bashrc}). To prevent this
directly via @code{--user=root} option.
directly via @code{--user=root} option.
@code{mysqld} can be run as any user instead. You can also create a new
@code{mysqld} can be run as any user instead. You can also create a new
U
nix
user @code{mysql} to make everything even more secure. If you run
U
NIX
user @code{mysql} to make everything even more secure. If you run
@code{mysqld} as another U
nix
user, you don't need to change the
@code{mysqld} as another U
NIX
user, you don't need to change the
@code{root} user name in the @code{user} table, because @strong{MySQL}
@code{root} user name in the @code{user} table, because @strong{MySQL}
user names have nothing to do with U
nix
user names. You can edit the
user names have nothing to do with U
NIX
user names. You can edit the
@code{mysql.server} script to start @code{mysqld} as another U
nix
user.
@code{mysql.server} script to start @code{mysqld} as another U
NIX
user.
Normally this is done with the @code{su} command. For more details, see
Normally this is done with the @code{su} command. For more details, see
@ref{Changing MySQL user, , Changing @strong{MySQL} user}.
@ref{Changing MySQL user, , Changing @strong{MySQL} user}.
@item
@item
If you put a password for the U
nix
@code{root} user in the @code{mysql.server}
If you put a password for the U
NIX
@code{root} user in the @code{mysql.server}
script, make sure this script is readable only by @code{root}.
script, make sure this script is readable only by @code{root}.
@item
@item
Check that the U
nix
user that @code{mysqld} runs as is the only user with
Check that the U
NIX
user that @code{mysqld} runs as is the only user with
read/write privileges in the database directories.
read/write privileges in the database directories.
@item
@item
On U
nix
platforms, do not run @code{mysqld} as root unless you really
On U
NIX
platforms, do not run @code{mysqld} as root unless you really
need to. Consider creating a user named @code{mysql} for that purpose.
need to. Consider creating a user named @code{mysql} for that purpose.
@item
@item
...
@@ -10585,7 +10580,7 @@ overwrite existing files.
...
@@ -10585,7 +10580,7 @@ overwrite existing files.
@tindex /etc/passwd
@tindex /etc/passwd
The @strong{file} privilege may also be used to read any file accessible
The @strong{file} privilege may also be used to read any file accessible
to the U
nix
user that the server runs as. This could be abused, for example,
to the U
NIX
user that the server runs as. This could be abused, for example,
by using @code{LOAD DATA} to load @file{/etc/passwd} into a table, which
by using @code{LOAD DATA} to load @file{/etc/passwd} into a table, which
can then be read with @code{SELECT}.
can then be read with @code{SELECT}.
...
@@ -10594,7 +10589,7 @@ If you don't trust your DNS, you should use IP numbers instead of hostnames
...
@@ -10594,7 +10589,7 @@ If you don't trust your DNS, you should use IP numbers instead of hostnames
in the grant tables. In principle, the @code{--secure} option to
in the grant tables. In principle, the @code{--secure} option to
@code{mysqld} should make hostnames safe. In any case, you should be very
@code{mysqld} should make hostnames safe. In any case, you should be very
careful about creating grant table entries using hostname values that
careful about creating grant table entries using hostname values that
contain wildcards!
contain wild
cards!
@end itemize
@end itemize
The following @code{mysqld} options affect networking security:
The following @code{mysqld} options affect networking security:
...
@@ -10605,9 +10600,9 @@ IP numbers returned by the @code{gethostbyname()} system call are
...
@@ -10605,9 +10600,9 @@ IP numbers returned by the @code{gethostbyname()} system call are
checked to make sure they resolve back to the original hostname. This
checked to make sure they resolve back to the original hostname. This
makes it harder for someone on the outside to get access by pretending
makes it harder for someone on the outside to get access by pretending
to be another host. This option also adds some sanity checks of
to be another host. This option also adds some sanity checks of
hostnames. The option is turned off by default in @strong{MySQL}
3.21
hostnames. The option is turned off by default in @strong{MySQL}
Version
because sometimes it takes a long time to perform backward resolutions.
3.21
because sometimes it takes a long time to perform backward resolutions.
@strong{MySQL} 3.22 caches hostnames and has this option enabled by
@strong{MySQL}
Version
3.22 caches hostnames and has this option enabled by
default.
default.
@item --skip-grant-tables
@item --skip-grant-tables
...
@@ -10622,13 +10617,13 @@ tables must be IP numbers or @code{localhost}.
...
@@ -10622,13 +10617,13 @@ tables must be IP numbers or @code{localhost}.
@item --skip-networking
@item --skip-networking
Don't allow TCP/IP connections over the network. All connections to
Don't allow TCP/IP connections over the network. All connections to
@code{mysqld} must be made via U
nix
sockets. This option is unsuitable for
@code{mysqld} must be made via U
NIX
sockets. This option is unsuitable for
systems that use MIT-pthreads, because the MIT-pthreads package doesn't
systems that use MIT-pthreads, because the MIT-pthreads package doesn't
support U
nix
sockets.
support U
NIX
sockets.
@end table
@end table
@node What Privileges, User names, Security, Privilege system
@node What Privileges, User names, Security, Privilege system
@section What the
privilege system d
oes
@section What the
Privilege System D
oes
@cindex system, privilege
@cindex system, privilege
@cindex privilege system
@cindex privilege system
@cindex passwords, security
@cindex passwords, security
...
@@ -10644,19 +10639,19 @@ to grant privileges for @strong{MySQL}-specific functions such as @code{LOAD
...
@@ -10644,19 +10639,19 @@ to grant privileges for @strong{MySQL}-specific functions such as @code{LOAD
DATA INFILE} and administrative operations.
DATA INFILE} and administrative operations.
@node User names, Connecting, What Privileges, Privilege system
@node User names, Connecting, What Privileges, Privilege system
@section MySQL
user names and p
asswords
@section MySQL
User Names and P
asswords
@cindex user names, and passwords
@cindex user names, and passwords
@cindex passwords, for users
@cindex passwords, for users
There are several distinctions between the way user names and passwords are
There are several distinctions between the way user names and passwords are
used by @strong{MySQL}
, and the way they are used by Unix
or Windows:
used by @strong{MySQL}
and the way they are used by UNIX
or Windows:
@itemize @bullet
@itemize @bullet
@item
@item
User names, as used by @strong{MySQL} for authentication purposes, have
User names, as used by @strong{MySQL} for authentication purposes, have
nothing to do with U
nix
user names (login names) or Windows user names. Most
nothing to do with U
NIX
user names (login names) or Windows user names. Most
@strong{MySQL} clients by default try to log in using the current U
nix
user
@strong{MySQL} clients by default try to log in using the current U
NIX
user
name as the @strong{MySQL} user name, but that is for convenience only.
name as the @strong{MySQL} user name, but that is for convenience only.
Client programs allow a different name to be specified with the @code{-u} or
Client programs allow a different name to be specified with the @code{-u} or
@code{--user} options. This means that you can't make a database secure in
@code{--user} options. This means that you can't make a database secure in
...
@@ -10665,25 +10660,25 @@ attempt to connect to the server using any name, and they will succeed if
...
@@ -10665,25 +10660,25 @@ attempt to connect to the server using any name, and they will succeed if
they specify any name that doesn't have a password.
they specify any name that doesn't have a password.
@item
@item
@strong{MySQL} user names can be up to 16 characters long; U
nix
user names
@strong{MySQL} user names can be up to 16 characters long; U
NIX
user names
typically are limited to 8 characters.
typically are limited to 8 characters.
@item
@item
@strong{MySQL} passwords have nothing to do with U
nix
passwords. There is no
@strong{MySQL} passwords have nothing to do with U
NIX
passwords. There is no
necessary connection between the password you use to log in to a U
nix
machine
necessary connection between the password you use to log in to a U
NIX
machine
and the password you use to access a database on that machine.
and the password you use to access a database on that machine.
@item
@item
@strong{MySQL} encrypts passwords using a different algorithm than the
@strong{MySQL} encrypts passwords using a different algorithm than the
one used during the U
nix
login process. See the descriptions of the
one used during the U
NIX
login process. See the descriptions of the
@code{PASSWORD()} and @code{ENCRYPT()} functions in @ref{Miscellaneous
@code{PASSWORD()} and @code{ENCRYPT()} functions in @ref{Miscellaneous
functions}. Note that even if the password is stored 'scrambled', a
s
functions}. Note that even if the password is stored 'scrambled', a
nd
it's enough to know your 'scrambled' password
to be able to connect to
knowing your 'scrambled' password is enough
to be able to connect to
the the @strong{MySQL} server
!
the the @strong{MySQL} server!
@end itemize
@end itemize
@node Connecting, Password security, User names, Privilege system
@node Connecting, Password security, User names, Privilege system
@section Connecting to the MySQL
s
erver
@section Connecting to the MySQL
S
erver
@cindex connecting, to the server
@cindex connecting, to the server
@cindex default hostname
@cindex default hostname
@cindex hostname, default
@cindex hostname, default
...
@@ -10691,7 +10686,7 @@ the the @strong{MySQL} server !
...
@@ -10691,7 +10686,7 @@ the the @strong{MySQL} server !
@strong{MySQL} client programs generally require that you specify connection
@strong{MySQL} client programs generally require that you specify connection
parameters when you want to access a @strong{MySQL} server: the host you want
parameters when you want to access a @strong{MySQL} server: the host you want
to connect to, your user name and your password. For example, the
to connect to, your user name
,
and your password. For example, the
@code{mysql} client can be started like this (optional arguments are enclosed
@code{mysql} client can be started like this (optional arguments are enclosed
between @samp{[} and @samp{]}):
between @samp{[} and @samp{]}):
...
@@ -10699,8 +10694,8 @@ between @samp{[} and @samp{]}):
...
@@ -10699,8 +10694,8 @@ between @samp{[} and @samp{]}):
shell> mysql [-h host_name] [-u user_name] [-pyour_pass]
shell> mysql [-h host_name] [-u user_name] [-pyour_pass]
@end example
@end example
Alternate forms of the @code{-h}, @code{-u} and @code{-p} options are
Alternate forms of the @code{-h}, @code{-u}
,
and @code{-p} options are
@code{--host=host_name}, @code{--user=user_name} and
@code{--host=host_name}, @code{--user=user_name}
,
and
@code{--password=your_pass}. Note that there is @emph{no space} between
@code{--password=your_pass}. Note that there is @emph{no space} between
@code{-p} or @code{--password=} and the password following it.
@code{-p} or @code{--password=} and the password following it.
...
@@ -10716,13 +10711,13 @@ from the command line:
...
@@ -10716,13 +10711,13 @@ from the command line:
The default hostname is @code{localhost}.
The default hostname is @code{localhost}.
@item
@item
The default user name is your U
nix
login name.
The default user name is your U
NIX
login name.
@item
@item
No password is supplied if @code{-p} is missing.
No password is supplied if @code{-p} is missing.
@end itemize
@end itemize
Thus, for a U
nix
user @code{joe}, the following commands are equivalent:
Thus, for a U
NIX
user @code{joe}, the following commands are equivalent:
@example
@example
shell> mysql -h localhost -u joe
shell> mysql -h localhost -u joe
...
@@ -10733,7 +10728,7 @@ shell> mysql
...
@@ -10733,7 +10728,7 @@ shell> mysql
Other @strong{MySQL} clients behave similarly.
Other @strong{MySQL} clients behave similarly.
On U
nix
systems, you can specify different default values to be used when you
On U
NIX
systems, you can specify different default values to be used when you
make a connection, so that you need not enter them on the command line each
make a connection, so that you need not enter them on the command line each
time you invoke a client program. This can be done in a couple of ways:
time you invoke a client program. This can be done in a couple of ways:
...
@@ -10764,11 +10759,11 @@ You can specify connection parameters using environment variables. The
...
@@ -10764,11 +10759,11 @@ You can specify connection parameters using environment variables. The
host can be specified for @code{mysql} using @code{MYSQL_HOST}. The
host can be specified for @code{mysql} using @code{MYSQL_HOST}. The
@strong{MySQL} user name can be specified using @code{USER} (this is for
@strong{MySQL} user name can be specified using @code{USER} (this is for
Windows only). The password can be specified using @code{MYSQL_PWD}
Windows only). The password can be specified using @code{MYSQL_PWD}
(but this is insecure; see next section). @xref{Environment variables}.
(but this is insecure; see
the
next section). @xref{Environment variables}.
@end itemize
@end itemize
@node Password security, Privileges provided, Connecting, Privilege system
@node Password security, Privileges provided, Connecting, Privilege system
@section Keeping
your password s
ecure
@section Keeping
Your Password S
ecure
It is inadvisable to specify your password in a way that exposes it to
It is inadvisable to specify your password in a way that exposes it to
discovery by other users. The methods you can use to specify your password
discovery by other users. The methods you can use to specify your password
...
@@ -10788,7 +10783,7 @@ Use a @code{-pyour_pass} or @code{--password=your_pass} option on the command
...
@@ -10788,7 +10783,7 @@ Use a @code{-pyour_pass} or @code{--password=your_pass} option on the command
line. This is convenient but insecure, because your password becomes visible
line. This is convenient but insecure, because your password becomes visible
to system status programs (such as @code{ps}) that may be invoked by other
to system status programs (such as @code{ps}) that may be invoked by other
users to display command lines. (@strong{MySQL} clients typically overwrite
users to display command lines. (@strong{MySQL} clients typically overwrite
the command
line argument with zeroes during their initialization sequence,
the command
-
line argument with zeroes during their initialization sequence,
but there is still a brief interval during which the value is visible.)
but there is still a brief interval during which the value is visible.)
@item
@item
...
@@ -10840,18 +10835,18 @@ environments. @xref{Environment variables}.
...
@@ -10840,18 +10835,18 @@ environments. @xref{Environment variables}.
@end itemize
@end itemize
All in all, the safest methods are to have the client program prompt for the
All in all, the safest methods are to have the client program prompt for the
password or to specify the password in a properly
-
protected @file{.my.cnf}
password or to specify the password in a properly
protected @file{.my.cnf}
file.
file.
@node Privileges provided, Privileges, Password security, Privilege system
@node Privileges provided, Privileges, Password security, Privilege system
@section Privileges
p
rovided by MySQL
@section Privileges
P
rovided by MySQL
@cindex privilege information, location
@cindex privilege information, location
Privilege information is stored in the @code{user}, @code{db}, @code{host},
Information about user privileges is stored in the @code{user}, @code{db},
@code{
tables_priv} and @code{columns_priv} tables in the @code{mysql}
@code{
host}, @code{tables_priv}, and @code{columns_priv} tables in the
database (that is, in the database named @code{mysql}). The @strong{MySQL}
@code{mysql} database (that is, in the database named @code{mysql}). The
server reads the contents of these tables when it starts up and under the
@strong{MySQL} server reads the contents of these tables when it starts up
circumstances indicated in @ref{Privilege changes}.
and under the
circumstances indicated in @ref{Privilege changes}.
The names used in this manual to refer to the privileges provided by
The names used in this manual to refer to the privileges provided by
@strong{MySQL} are shown below, along with the table column name associated
@strong{MySQL} are shown below, along with the table column name associated
...
@@ -10866,7 +10861,7 @@ privilege applies:
...
@@ -10866,7 +10861,7 @@ privilege applies:
@item @strong{delete} @tab @code{Delete_priv} @tab tables
@item @strong{delete} @tab @code{Delete_priv} @tab tables
@item @strong{index} @tab @code{Index_priv} @tab tables
@item @strong{index} @tab @code{Index_priv} @tab tables
@item @strong{alter} @tab @code{Alter_priv} @tab tables
@item @strong{alter} @tab @code{Alter_priv} @tab tables
@item @strong{create} @tab @code{Create_priv} @tab databases, tables or indexes
@item @strong{create} @tab @code{Create_priv} @tab databases, tables
,
or indexes
@item @strong{drop} @tab @code{Drop_priv} @tab databases or tables
@item @strong{drop} @tab @code{Drop_priv} @tab databases or tables
@item @strong{grant} @tab @code{Grant_priv} @tab databases or tables
@item @strong{grant} @tab @code{Grant_priv} @tab databases or tables
@item @strong{references} @tab @code{References_priv} @tab databases or tables
@item @strong{references} @tab @code{References_priv} @tab databases or tables
...
@@ -10876,7 +10871,7 @@ privilege applies:
...
@@ -10876,7 +10871,7 @@ privilege applies:
@item @strong{file} @tab @code{File_priv} @tab file access on server
@item @strong{file} @tab @code{File_priv} @tab file access on server
@end multitable
@end multitable
The @strong{select}, @strong{insert}, @strong{update} and @strong{delete}
The @strong{select}, @strong{insert}, @strong{update}
,
and @strong{delete}
privileges allow you to perform operations on rows in existing tables in
privileges allow you to perform operations on rows in existing tables in
a database.
a database.
...
@@ -10918,13 +10913,13 @@ execute:
...
@@ -10918,13 +10913,13 @@ execute:
@multitable @columnfractions .15 .85
@multitable @columnfractions .15 .85
@item @strong{Privilege} @tab @strong{Commands permitted to privilege holders}
@item @strong{Privilege} @tab @strong{Commands permitted to privilege holders}
@item @strong{reload} @tab @code{reload}, @code{refresh},
@item @strong{reload} @tab @code{reload}, @code{refresh},
@code{flush-privileges},
@code{flush-privileges},
@code{flush-hosts}, @code{flush-logs}, and
@code{flush-
hosts}, @code{flush-logs}, @code{flush-
tables}
@code{flush-tables}
@item @strong{shutdown} @tab @code{shutdown}
@item @strong{shutdown} @tab @code{shutdown}
@item @strong{process} @tab @code{processlist}, @code{kill}
@item @strong{process} @tab @code{processlist}, @code{kill}
@end multitable
@end multitable
The @code{reload} command tells the server to reread the grant tables. The
The @code{reload} command tells the server to re
-
read the grant tables. The
@code{refresh} command flushes all tables and opens and closes the log
@code{refresh} command flushes all tables and opens and closes the log
files. @code{flush-privileges} is a synonym for @code{reload}. The other
files. @code{flush-privileges} is a synonym for @code{reload}. The other
@code{flush-*} commands perform functions similar to @code{refresh} but are
@code{flush-*} commands perform functions similar to @code{refresh} but are
...
@@ -10973,7 +10968,7 @@ Privileges on the @code{mysql} database can be used to change passwords
...
@@ -10973,7 +10968,7 @@ Privileges on the @code{mysql} database can be used to change passwords
and other access privilege information. (Passwords are stored
and other access privilege information. (Passwords are stored
encrypted, so a malicious user cannot simply read them to know the plain
encrypted, so a malicious user cannot simply read them to know the plain
text password). If they can access the @code{mysql.user} password
text password). If they can access the @code{mysql.user} password
column, they can use it to log
in
into the @strong{MySQL} server
column, they can use it to log into the @strong{MySQL} server
for the given user. (With sufficient privileges, the same user can
for the given user. (With sufficient privileges, the same user can
replace a password with a different one.)
replace a password with a different one.)
@end itemize
@end itemize
...
@@ -10992,7 +10987,7 @@ in a database but not to create or drop the database itself.
...
@@ -10992,7 +10987,7 @@ in a database but not to create or drop the database itself.
@end itemize
@end itemize
@node Privileges, Connection access, Privileges provided, Privilege system
@node Privileges, Connection access, Privileges provided, Privilege system
@section How the
privilege system w
orks
@section How the
Privilege System W
orks
@cindex privilege system, described
@cindex privilege system, described
The @strong{MySQL} privilege system ensures that all users may do exactly the
The @strong{MySQL} privilege system ensures that all users may do exactly the
...
@@ -11025,7 +11020,7 @@ from the database, the server makes sure you have the @strong{select}
...
@@ -11025,7 +11020,7 @@ from the database, the server makes sure you have the @strong{select}
privilege for the table or the @strong{drop} privilege for the database.
privilege for the table or the @strong{drop} privilege for the database.
@end itemize
@end itemize
The server uses the @code{user}, @code{db} and @code{host} tables in the
The server uses the @code{user}, @code{db}
,
and @code{host} tables in the
@code{mysql} database at both stages of access control. The fields in these
@code{mysql} database at both stages of access control. The fields in these
grant tables are shown below:
grant tables are shown below:
...
@@ -11075,12 +11070,12 @@ tables are shown below:
...
@@ -11075,12 +11070,12 @@ tables are shown below:
Each grant table contains scope fields and privilege fields.
Each grant table contains scope fields and privilege fields.
Scope fields determine the scope of each entry in the tables,
i.e.
, the
Scope fields determine the scope of each entry in the tables,
that is
, the
context in which the entry applies. For example, a @code{user} table entry
context in which the entry applies. For example, a @code{user} table entry
with @code{Host} and @code{User} values of @code{'thomas.loc.gov'} and
with @code{Host} and @code{User} values of @code{'thomas.loc.gov'} and
@code{'bob'} would be used for authenticating connections made to the server
@code{'bob'} would be used for authenticating connections made to the server
by @code{bob} from the host @code{thomas.loc.gov}. Similarly, a @code{db}
by @code{bob} from the host @code{thomas.loc.gov}. Similarly, a @code{db}
table entry with @code{Host}, @code{User} and @code{Db} fields of
table entry with @code{Host}, @code{User}
,
and @code{Db} fields of
@code{'thomas.loc.gov'}, @code{'bob'} and @code{'reports'} would be used when
@code{'thomas.loc.gov'}, @code{'bob'} and @code{'reports'} would be used when
@code{bob} connects from the host @code{thomas.loc.gov} to access the
@code{bob} connects from the host @code{thomas.loc.gov} to access the
@code{reports} database. The @code{tables_priv} and @code{columns_priv}
@code{reports} database. The @code{tables_priv} and @code{columns_priv}
...
@@ -11089,10 +11084,10 @@ to which each entry applies.
...
@@ -11089,10 +11084,10 @@ to which each entry applies.
@cindex Case sensitivity, in access checking
@cindex Case sensitivity, in access checking
For access-checking purposes, comparisons of @code{Host} values are
For access-checking purposes, comparisons of @code{Host} values are
case insensitive. @code{User}, @code{Password}, @code{Db} and
case insensitive. @code{User}, @code{Password}, @code{Db}
,
and
@code{Table_name} values are case sensitive.
@code{Table_name} values are case sensitive.
@code{Column_name} values are case insensitive in @strong{MySQL}
3.22.12
@code{Column_name} values are case insensitive in @strong{MySQL}
Version
or later.
3.22.12
or later.
Privilege fields indicate the privileges granted by a table entry, that is,
Privilege fields indicate the privileges granted by a table entry, that is,
what operations can be performed. The server combines the information in the
what operations can be performed. The server combines the information in the
...
@@ -11160,7 +11155,7 @@ hosts. This mechanism is described more detail in @ref{Request access}.
...
@@ -11160,7 +11155,7 @@ hosts. This mechanism is described more detail in @ref{Request access}.
@item
@item
The @code{tables_priv} and @code{columns_priv} tables are similar to
The @code{tables_priv} and @code{columns_priv} tables are similar to
the @code{db} table, but are more fine-grained: they apply at the
the @code{db} table, but are more fine-grained: they apply at the
table and column level rather than at the database level.
table and column level
s
rather than at the database level.
@end itemize
@end itemize
Note that administrative privileges (@strong{reload}, @strong{shutdown},
Note that administrative privileges (@strong{reload}, @strong{shutdown},
...
@@ -11183,7 +11178,7 @@ starts up. Changes to the grant tables take effect as indicated in
...
@@ -11183,7 +11178,7 @@ starts up. Changes to the grant tables take effect as indicated in
When you modify the contents of the grant tables, it is a good idea to make
When you modify the contents of the grant tables, it is a good idea to make
sure that your changes set up privileges the way you want. For help in
sure that your changes set up privileges the way you want. For help in
diagnosing problems, see @ref{Access denied}. For advice on security issues,
diagnosing problems, see @ref{Access denied}. For advice on security issues,
@ref{Security}.
@
px
ref{Security}.
A useful
A useful
diagnostic tool is the @code{mysqlaccess} script, which Yves Carlier has
diagnostic tool is the @code{mysqlaccess} script, which Yves Carlier has
...
@@ -11194,7 +11189,7 @@ Note that @code{mysqlaccess} checks access using only the @code{user},
...
@@ -11194,7 +11189,7 @@ Note that @code{mysqlaccess} checks access using only the @code{user},
privileges.
privileges.
@node Connection access, Request access, Privileges, Privilege system
@node Connection access, Request access, Privileges, Privilege system
@section Access control,
stage 1: Connection v
erification
@section Access control,
Stage 1: Connection V
erification
@cindex access control
@cindex access control
@cindex control access
@cindex control access
@cindex connecting, verification
@cindex connecting, verification
...
@@ -11204,7 +11199,7 @@ When you attempt to connect to a @strong{MySQL} server, the server accepts or
...
@@ -11204,7 +11199,7 @@ When you attempt to connect to a @strong{MySQL} server, the server accepts or
rejects the connection based on your identity and whether or not you can
rejects the connection based on your identity and whether or not you can
verify your identity by supplying the correct password. If not, the server
verify your identity by supplying the correct password. If not, the server
denies access to you completely. Otherwise, the server accepts the
denies access to you completely. Otherwise, the server accepts the
connection, then enters
s
tage 2 and waits for requests.
connection, then enters
S
tage 2 and waits for requests.
Your identity is based on two pieces of information:
Your identity is based on two pieces of information:
...
@@ -11230,7 +11225,7 @@ to indicate the local host.
...
@@ -11230,7 +11225,7 @@ to indicate the local host.
@item
@item
@cindex Wildcards, in @code{mysql.user} table
@cindex Wildcards, in @code{mysql.user} table
You can use the wildcard characters @samp{%} and @samp{_} in the @code{Host}
You can use the wild
card characters @samp{%} and @samp{_} in the @code{Host}
field.
field.
@item
@item
...
@@ -11240,7 +11235,7 @@ host that can create a connection to your server!}
...
@@ -11240,7 +11235,7 @@ host that can create a connection to your server!}
@cindex Netmask notation, in @code{mysql.user} table
@cindex Netmask notation, in @code{mysql.user} table
@item
@item
As of MySQL 3.23, for @code{Host} values specified as IP numbers, you
As of MySQL
Version
3.23, for @code{Host} values specified as IP numbers, you
can specify a netmask indicating how many address bits to use for the
can specify a netmask indicating how many address bits to use for the
network number. For example:
network number. For example:
...
@@ -11259,13 +11254,13 @@ In the above example all IP:s in the interval 192.58.197.0 -
...
@@ -11259,13 +11254,13 @@ In the above example all IP:s in the interval 192.58.197.0 -
@item
@item
@cindex Anonymous user
@cindex Anonymous user
Wildcard characters are not allowed in the @code{User} field, but you can
Wild
card characters are not allowed in the @code{User} field, but you can
specify a blank value, which matches any name. If the @code{user} table
specify a blank value, which matches any name. If the @code{user} table
entry that matches an incoming connection has a blank user name, the user is
entry that matches an incoming connection has a blank user name, the user is
considered to be the anonymous user (the user with no name), rather than the
considered to be the anonymous user (the user with no name), rather than the
name that the client actually specified. This means that a blank user name
name that the client actually specified. This means that a blank user name
is used for all further access checking for the duration of the connection
is used for all further access checking for the duration of the connection
(that is, during
s
tage 2).
(that is, during
S
tage 2).
@item
@item
The @code{Password} field can be blank. This does not mean that any password
The @code{Password} field can be blank. This does not mean that any password
...
@@ -11279,7 +11274,7 @@ see. Rather, the password supplied by a user who is attempting to
...
@@ -11279,7 +11274,7 @@ see. Rather, the password supplied by a user who is attempting to
connect is encrypted (using the @code{PASSWORD()} function). The
connect is encrypted (using the @code{PASSWORD()} function). The
encrypted password is then used when the client/server is checking if
encrypted password is then used when the client/server is checking if
the password is correct (This is done without the encrypted password
the password is correct (This is done without the encrypted password
ever traveling over the connection
).
Note that from @strong{MySQL}'s
ever traveling over the connection
.)
Note that from @strong{MySQL}'s
point of view the encrypted password is the REAL password, so you should
point of view the encrypted password is the REAL password, so you should
not give anyone access to it! In particular, don't give normal users
not give anyone access to it! In particular, don't give normal users
read access to the tables in the @code{mysql} database!
read access to the tables in the @code{mysql} database!
...
@@ -11301,14 +11296,14 @@ connections:
...
@@ -11301,14 +11296,14 @@ connections:
@item @code{'144.155.166.0/24'} @tab @code{'fred'} @tab Same as previous example
@item @code{'144.155.166.0/24'} @tab @code{'fred'} @tab Same as previous example
@end multitable
@end multitable
Because you can use IP wild
card values in the @code{Host} field (e.g.
,
Because you can use IP wild
card values in the @code{Host} field (for example
,
@code{'144.155.166.%'} to match every host on a subnet), there is the
@code{'144.155.166.%'} to match every host on a subnet), there is the
possibility that someone might try to exploit this capability by naming a
possibility that someone might try to exploit this capability by naming a
host @code{144.155.166.somewhere.com}. To foil such attempts, @strong{MySQL}
host @code{144.155.166.somewhere.com}. To foil such attempts, @strong{MySQL}
disallows matching on hostnames that start with digits and a dot. Thus, if
disallows matching on hostnames that start with digits and a dot. Thus, if
you have a host named something like @code{1.2.foo.com}, its name will never
you have a host named something like @code{1.2.foo.com}, its name will never
match the @code{Host} column of the grant tables. Only an IP number can
match the @code{Host} column of the grant tables. Only an IP number can
match an IP wildcard value.
match an IP wild
card value.
An incoming connection may be matched by more than one entry in the
An incoming connection may be matched by more than one entry in the
@code{user} table. For example, a connection from @code{thomas.loc.gov} by
@code{user} table. For example, a connection from @code{thomas.loc.gov} by
...
@@ -11397,14 +11392,14 @@ If you have problems connecting to the server, print out the @code{user}
...
@@ -11397,14 +11392,14 @@ If you have problems connecting to the server, print out the @code{user}
table and sort it by hand to see where the first match is being made.
table and sort it by hand to see where the first match is being made.
@node Request access, Privilege changes, Connection access, Privilege system
@node Request access, Privilege changes, Connection access, Privilege system
@section Access control,
stage 2: Request v
erification
@section Access control,
Stage 2: Request V
erification
Once you establish a connection, the server enters
s
tage 2. For each request
Once you establish a connection, the server enters
S
tage 2. For each request
that comes in on the connection, the server checks whether you have
that comes in on the connection, the server checks whether you have
sufficient privileges to perform it, based on the type of operation you wish
sufficient privileges to perform it, based on the type of operation you wish
to perform. This is where the privilege fields in the grant tables come into
to perform. This is where the privilege fields in the grant tables come into
play. These privileges can come from any of the @code{user}, @code{db},
play. These privileges can come from any of the @code{user}, @code{db},
@code{host}, @code{tables_priv} or @code{columns_priv} tables. The grant
@code{host}, @code{tables_priv}
,
or @code{columns_priv} tables. The grant
tables are manipulated with @code{GRANT} and @code{REVOKE} commands.
tables are manipulated with @code{GRANT} and @code{REVOKE} commands.
@xref{GRANT, , @code{GRANT}}. (You may find it helpful to refer to
@xref{GRANT, , @code{GRANT}}. (You may find it helpful to refer to
@ref{Privileges}, which lists the fields present in each of the grant
@ref{Privileges}, which lists the fields present in each of the grant
...
@@ -11421,16 +11416,15 @@ in the @code{user} table set to @code{'N'} and grant privileges on a
...
@@ -11421,16 +11416,15 @@ in the @code{user} table set to @code{'N'} and grant privileges on a
database-specific basis only, using the @code{db} and @code{host} tables.
database-specific basis only, using the @code{db} and @code{host} tables.
@cindex Anonymous user
@cindex Anonymous user
@cindex Wildcards, in @code{mysql.db} table
@cindex Wild
cards, in @code{mysql.db} table
@cindex Wildcards, in @code{mysql.host} table
@cindex Wild
cards, in @code{mysql.host} table
The @code{db} and @code{host} tables grant database-specific privileges.
The @code{db} and @code{host} tables grant database-specific privileges.
Values in the scope fields may be specified as follows:
Values in the scope fields may be specified as follows:
@itemize @bullet
@itemize @bullet
@item
@item
The
The wild card characters @samp{%} and @samp{_} can be used in the @code{Host}
wildcard characters @samp{%} and @samp{_} can be used in the @code{Host} and
and @code{Db} fields of either table.
@code{Db} fields of either table.
@item
@item
A @code{'%'} @code{Host} value in the @code{db} table means ``any host.'' A
A @code{'%'} @code{Host} value in the @code{db} table means ``any host.'' A
...
@@ -11454,22 +11448,22 @@ A blank @code{User} value in either table matches the anonymous user.
...
@@ -11454,22 +11448,22 @@ A blank @code{User} value in either table matches the anonymous user.
@cindex @code{host} table, sorting
@cindex @code{host} table, sorting
The @code{db} and @code{host} tables are read in and sorted when the server
The @code{db} and @code{host} tables are read in and sorted when the server
starts up (at the same time that it reads the @code{user} table). The
starts up (at the same time that it reads the @code{user} table). The
@code{db} table is sorted on the @code{Host}, @code{Db} and @code{User} scope
@code{db} table is sorted on the @code{Host}, @code{Db}
,
and @code{User} scope
fields, and the @code{host} table is sorted on the @code{Host} and @code{Db}
fields, and the @code{host} table is sorted on the @code{Host} and @code{Db}
scope fields. As with the @code{user} table, sorting puts the most-specific
scope fields. As with the @code{user} table, sorting puts the most-specific
values first and least-specific values last, and when the server looks for
values first and least-specific values last, and when the server looks for
matching entries, it uses the first match that it finds.
matching entries, it uses the first match that it finds.
@cindex Wildcards, in @code{mysql.tables_priv} table
@cindex Wild
cards, in @code{mysql.tables_priv} table
@cindex Wildcards, in @code{mysql.columns_priv} table
@cindex Wild
cards, in @code{mysql.columns_priv} table
The @code{tables_priv} and @code{columns_priv} tables grant table- and
The @code{tables_priv} and @code{columns_priv} tables grant table- and
column-specific privileges. Values in the scope fields may be specified as
column-specific privileges. Values in the scope fields may be specified as
follows:
follows:
@itemize @bullet
@itemize @bullet
@item
@item
The wildcard characters @samp{%} and @samp{_}
The wild
card characters @samp{%} and @samp{_}
can be used in the @code{Host} field of either table.
can be used in the @code{Host} field of either table.
@item
@item
...
@@ -11477,7 +11471,7 @@ A @code{'%'} or blank @code{Host} value in either table means ``any host.''
...
@@ -11477,7 +11471,7 @@ A @code{'%'} or blank @code{Host} value in either table means ``any host.''
@item
@item
The @code{Db}, @code{Table_name} and @code{Column_name} fields cannot contain
The @code{Db}, @code{Table_name} and @code{Column_name} fields cannot contain
wildcards or be blank in either table.
wild
cards or be blank in either table.
@end itemize
@end itemize
The @code{tables_priv} and @code{columns_priv} tables are sorted on
The @code{tables_priv} and @code{columns_priv} tables are sorted on
...
@@ -11510,7 +11504,7 @@ by checking the @code{db} and @code{host} tables:
...
@@ -11510,7 +11504,7 @@ by checking the @code{db} and @code{host} tables:
@enumerate
@enumerate
@item
@item
The server looks in the @code{db} table for a match on the @code{Host},
The server looks in the @code{db} table for a match on the @code{Host},
@code{Db} and @code{User} fields. The @code{Host} and @code{User} fields are
@code{Db}
,
and @code{User} fields. The @code{Host} and @code{User} fields are
matched to the connecting user's hostname and @strong{MySQL} user name. The
matched to the connecting user's hostname and @strong{MySQL} user name. The
@code{Db} field is matched to the database the user wants to access. If
@code{Db} field is matched to the database the user wants to access. If
there is no entry for the @code{Host} and @code{User}, access is denied.
there is no entry for the @code{Host} and @code{User}, access is denied.
...
@@ -11527,7 +11521,7 @@ access to the database. In this case, a further lookup is done in the
...
@@ -11527,7 +11521,7 @@ access to the database. In this case, a further lookup is done in the
If no @code{host} table entry matches, access is denied. If there is a
If no @code{host} table entry matches, access is denied. If there is a
match, the user's database-specific privileges are computed as the
match, the user's database-specific privileges are computed as the
intersection (@emph{not} the union!) of the privileges in the @code{db} and
intersection (@emph{not} the union!) of the privileges in the @code{db} and
@code{host} table entries,
i.e.
, the privileges that are @code{'Y'} in both
@code{host} table entries,
that is
, the privileges that are @code{'Y'} in both
entries. (This way you can grant general privileges in the @code{db} table
entries. (This way you can grant general privileges in the @code{db} table
entry and then selectively restrict them on a host-by-host basis using the
entry and then selectively restrict them on a host-by-host basis using the
@code{host} table entries.)
@code{host} table entries.)
...
@@ -11553,7 +11547,7 @@ OR column privileges
...
@@ -11553,7 +11547,7 @@ OR column privileges
It may not be apparent why, if the global @code{user} entry privileges are
It may not be apparent why, if the global @code{user} entry privileges are
initially found to be insufficient for the requested operation, the server
initially found to be insufficient for the requested operation, the server
adds those privileges to the database-, table- and column-specific privileges
adds those privileges to the database-, table-
,
and column-specific privileges
later. The reason is that a request might require more than one type of
later. The reason is that a request might require more than one type of
privilege. For example, if you execute an @code{INSERT ... SELECT}
privilege. For example, if you execute an @code{INSERT ... SELECT}
statement, you need both @strong{insert} and @strong{select} privileges.
statement, you need both @strong{insert} and @strong{select} privileges.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment