Allowing wildcard (%) access on MySQL db, getting error "access denied for '<user>'@'localhost'"

mysql

I've created a database and a user, and allowed access via the following:

create user 'someuser'@'%' identified by 'password';
grant all privileges on somedb.* to 'someuser' with grant option;

however, when I try to connect to MySQL I get the following error:

$ mysql -u someuser -p
> Enter Password:
> ERROR 1045 (28000): Access denied for user 'someuser'@'localhost' (using password: YES)

If "%" is the wildcard, then wouldn't it also enable localhost? However, if I do not specify that I want to use a password, then I can connect just fine to the database, which makes no sense because I'm specifying a password when I created the user.


Try connecting with mysql -u someuser -p -h 127.0.0.1.

If you can connect without a password, either you have saved credentials in a .my.cnf or you have created an account that allows access without a password.

This comment from the mysql docs may also be related.

http://dev.mysql.com/doc/refman/5.1/en/access-denied.html

If you cannot figure out why you get Access denied, remove from the user table all entries that have Host values containing wildcards (entries that contain '%' or '_' characters). A very common error is to insert a new entry with Host='%' and User='some_user', thinking that this allows you to specify localhost to connect from the same machine. The reason that this does not work is that the default privileges include an entry with Host='localhost' and User=''. Because that entry has a Host value 'localhost' that is more specific than '%', it is used in preference to the new entry when connecting from localhost! The correct procedure is to insert a second entry with Host='localhost' and User='some_user', or to delete the entry with Host='localhost' and User=''.


I'm pretty sure you need the following:

grant all privileges on somedb.* to 'someuser'@'%' with grant option;

Your GRANT statement lacks a hostname declaration.


If you are unable to connect to mysql using someuser@'%' where '%' is the wildcard for the hostname, then make sure you don't have ''@localhost entry in your user table. Confirm using the following SQL statement:

    mysql> SELECT * FROM user WHERE user='' AND host='localhost';

If ''@localhost is existing, then remove it by issuing the following SQL statement:

    mysql> DELETE FROM user WHERE user='' AND host='localhost';

then lastly

    FLUSH PRIVILEGES;

Now someuser@'%' will connect to the database.


My understanding, and I'm prepared to be corrected on this, is that MySQL treats localhost separately to %. i.e. localhost is not included in the wildcard.

Related

How to get HTTP preseed to work correctly on Ubuntu 10.04 LTS (Lucid)?
Approximately how much would it cost to make an AMI image from a EC2 Micro server?
If e-mail is only "best effort" delivery, is there a similar protocol with guaranteed delivery?
Trying to SSH in to remote computer but still asking for password
What is the difference between using upstream and location for php-fpm?
Is there a standard DNS record to indicate the IMAP server for a domain?
Is it possible to send and receive an email from an IP address instead from a domain?
Upgrading to Gigabit Network - Enabling Jumbo Frames
how to tunnel Windows Remote Desktop through ssh using a linux box?
How to make my HP server boot faster?
RAID-6: better to replace two dead drives at the same time, or one at a time?
"SOA Serial Number Format is Invalid" warning by mxtoolbox.com - why?