allowing any valid MySQL user access to a particular table

mysql

Loop through all MySQL users in mysql.user table and grant privileges which you want:

mysql --skip-column-names -e "select user,host from mysql.user where host='%';" \
| grep -v root | \
while read account; do
    mysql -e "revoke all privileges on db.table from \
        '`echo $account | awk '{ print $1 }'`'@'%';"
    mysql -e "grant insert, update on db.table to \
        '`echo $account | awk '{ print $1 }'`'@'%';"
done
mysql -e "flush privileges;"

UPDATE

As I said in below comment, you can use incron to monitor /var/lib/mysql/mysql/user.MYI and run the above script whenever an user is created.

Install incron and start it:

# /etc/init.d/incrond start
Starting Filesystem event daemon (incrond):                [  OK  ]

Create incron table for mysql user:

# incrontab -l -u mysql
/var/lib/mysql/mysql/user.MYI IN_MODIFY,IN_CLOSE_WRITE /var/lib/mysql/update_privileges.sh

When you create a new MySQL user, you will see the below in /var/log/cron:

incrond[13084]: (mysql) CMD (/var/lib/mysql/update_privileges.sh)

and the new user will be automatically granted INSERT, UPDATE privileges on db.table:

+-----------------------------------------------------------------------------------------------------------+
| Grants for testuser@%                                                                                   |
+-----------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'testuser'@'%' IDENTIFIED BY PASSWORD '*' |
| GRANT INSERT, UPDATE ON `db`.`table` TO 'testuser'@'%'                                                |
+-----------------------------------------------------------------------------------------------------------+

I wonder whether there is a way to get the latest MySQL user and grant privileges for this one instead of doing for all users.


MySQL does not support wildcards in user names as per mysql docs and there is no way other than using any script to add additional user privileges each time you add a new user.

Actually the grant statement without any user specified will grant access to the anonymous user account and you will need to set and use the password for the anonymous user account to access the table.

If you are trying to use this in a script I would rather suggest using a separate mysql user to gather information from that table rather than granting privilege & using individual mysql user credentials.

References:

http://dev.mysql.com/doc/refman/5.1/en/grant.html#grant-table-privileges

http://dev.mysql.com/doc/refman/5.5/en/default-privileges.html

Related

I read computer science, I don't have any certification yet, but I want experience [closed]
What for is /etc/resolv.conf needed in newest Centos and Fedora?
Squid proxy refusing to revalidate cache when Vary header present
Failed to bring up wlan0
Group Policy: Trusted Location in User's My Documents?
mount can't find /dev
Client-side certificates (Apache, Linux, OpenSSL)
iOS or Airprint receipt printers?
As of Mountain Lion, Google Chrome has asked for permission to view my contacts. Does this mean that it has likely had unrestricted access before?
How to get the three finger 'scroll to top' back in mountain lion?
Can I use a retina display at actual pixel size?
External hard drive not indexed by Spolight on Mac OS X Mountain Lion