The Ultimate Guide to High Availability with MariaDB

MariaDB Authorization and Permissions for SQL Server Users

You are viewing an old version of this article. View the current version here.

Understanding Accounts and Users

MariaDB authorizes access and check permissions on accounts, rather than users. Even if MariaDB supports standard SQL commands like `CREATE USER` and `DROP USER`, it is important to remember that it actually works with accounts.

An account is specified in the format `'user'@'host'`. The quotes are optional and allow to include special characters, like dots. The host part can actually be a pattern, which follows the same syntax used in `LIKE` comparisons. Patterns are often convenient because they can match several hostnames.

Here are some examples.

Omitting the host part indicates an account that can access from any host. So the following statements are equivalent:

``` CREATE USER viviana; CREATE USER viviana@'%'; ```

Accounts are not bound to a specific database. They are global. Once an account is created, it is possible to assign it permissions on any existing or non existing database.

The sql_mode system variable has a `NO_AUTO_CREATE_USER` flag. In recent MariaDB versions it is enabled by default. If it is not enabled, the `GRANT` statement creates the specified account in case it doesn't exist.

For more information: Account Management SQL Commands.

Setting or Changing Passwords

Permissions

Authentication Plugins

Comments

Comments loading...
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.