MySQL: When is Flush Privileges in MySQL really needed?

mysql

When creating new tables and a user to go along with it, I usually just invoke the following commands:

CREATE DATABASE mydb;
GRANT ALL PRIVILEGES ON mydb.* TO myuser@localhost IDENTIFIED BY "mypassword";

I have never ever needed to utilize the FLUSH PRIVILEGES command after issuing the previous two commands. Users can log in and use their database and run PHP scripts which connect to the database just fine. Yet I see this command used in almost every tutorial I look at.

When is the FLUSH PRIVILEGES command really needed and when is it unnecessary?


Privileges assigned through GRANT option do not need FLUSH PRIVILEGES to take effect - MySQL server will notice these changes and reload the grant tables immediately.

From MySQL documentation:

If you modify the grant tables directly using statements such as INSERT, UPDATE, or DELETE, your changes have no effect on privilege checking until you either restart the server or tell it to reload the tables. If you change the grant tables directly but forget to reload them, your changes have no effect until you restart the server. This may leave you wondering why your changes seem to make no difference!

To tell the server to reload the grant tables, perform a flush-privileges operation. This can be done by issuing a FLUSH PRIVILEGES statement or by executing a mysqladmin flush-privileges or mysqladmin reload command.

If you modify the grant tables indirectly using account-management statements such as GRANT, REVOKE, SET PASSWORD, or RENAME USER, the server notices these changes and loads the grant tables into memory again immediately.


TL;DR

You should use FLUSH PRIVILEGES; only if you modify the grant tables directly using statements such as INSERT, UPDATE, or DELETE.


Just to give some examples. Let's say you modify the password for an user called 'alex'. You can modify this password in several ways. For instance:

mysql> update* user set password=PASSWORD('test!23') where user='alex'; 
mysql> flush privileges;

Here you used UPDATE. If you use INSERT, UPDATE or DELETE on grant tables directly you need use FLUSH PRIVILEGES in order to reload the grant tables.

Or you can modify the password like this:

mysql> set password for 'alex'@'localhost'= password('test!24');

Here it's not necesary to use "FLUSH PRIVILEGES;" If you modify the grant tables indirectly using account-management statements such as GRANT, REVOKE, SET PASSWORD, or RENAME USER, the server notices these changes and loads the grant tables into memory again immediately.

Related

How to decrypt string with ansible-vault 2.3.0
Logging large strings from Flutter
Join an array by a comma and a space
How to remove foreign key constraint in sql server?
Struggling between native and phonegap, simple app requirements
Svn switch from trunk to branch
Merging cells in Excel using Apache POI
How to get address location from latitude and longitude in Google Map.? [closed]
Get Day name from Weekday int
Singleton class in Kotlin
Android Stretch columns evenly in a TableLayout
Get TinyMCE to use full image url instead of relative one