WP-CLI and database users
-
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
ok a better example of my issue with WP-CLI and the database....
in my new guide to standing up WP I have this step.
I think this is a horrible solution. In order to let wp-cli create the dataabse, the WP DB user have to have the ability to actually CREATE a database.
So unlike more normal guides where I tell you to create a DB user with
GRANT ALL
only on the database it needs (dbname.*
), I had to create it withGRANT ALL
on everything (*.*
).I guess, I could refrain from setting the root password stuff until the very end and first revoke these permission and then re-add with only GRANT ALL on the specific database.
But that just seems stupidly clunky.
I think you are mistaken. Just grant the privileges to the database you are about to create
sudo mysql -e "GRANT ALL ON '$DB_NAME'.* TO '$DB_USER'@'localhost';"
then you can do the wp-cli stuff like
wp config create
,wp db create
etc.My results on a google search were unclear. So I went assuming no as that is illogical to me.
But wouldn't be the first time something illogical to me was fact.
Well, it's very logical to me. And I just confirmed on MariaDB 10.1.44 that it works the way I thought it did.
Privileges are dependent on object names and not a particular object. Therefor the rights to something on a database, table or whatever can be created before that something exists.
Well that works for me. I'll update the guide in a bit and then run through a new deployment as a test.
-
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
ok a better example of my issue with WP-CLI and the database....
in my new guide to standing up WP I have this step.
I think this is a horrible solution. In order to let wp-cli create the dataabse, the WP DB user have to have the ability to actually CREATE a database.
So unlike more normal guides where I tell you to create a DB user with
GRANT ALL
only on the database it needs (dbname.*
), I had to create it withGRANT ALL
on everything (*.*
).I guess, I could refrain from setting the root password stuff until the very end and first revoke these permission and then re-add with only GRANT ALL on the specific database.
But that just seems stupidly clunky.
I think you are mistaken. Just grant the privileges to the database you are about to create
sudo mysql -e "GRANT ALL ON '$DB_NAME'.* TO '$DB_USER'@'localhost';"
then you can do the wp-cli stuff like
wp config create
,wp db create
etc.My results on a google search were unclear. So I went assuming no as that is illogical to me.
But wouldn't be the first time something illogical to me was fact.
Well, it's very logical to me. And I just confirmed on MariaDB 10.1.44 that it works the way I thought it did.
Privileges are dependent on object names and not a particular object. Therefor the rights to something on a database, table or whatever can be created before that something exists.
Well that works for me. I'll update the guide in a bit and then run through a new deployment as a test.
Great. I like the guides you post, they are very well thought out.
-
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
ok a better example of my issue with WP-CLI and the database....
in my new guide to standing up WP I have this step.
I think this is a horrible solution. In order to let wp-cli create the dataabse, the WP DB user have to have the ability to actually CREATE a database.
So unlike more normal guides where I tell you to create a DB user with
GRANT ALL
only on the database it needs (dbname.*
), I had to create it withGRANT ALL
on everything (*.*
).I guess, I could refrain from setting the root password stuff until the very end and first revoke these permission and then re-add with only GRANT ALL on the specific database.
But that just seems stupidly clunky.
I think you are mistaken. Just grant the privileges to the database you are about to create
sudo mysql -e "GRANT ALL ON '$DB_NAME'.* TO '$DB_USER'@'localhost';"
then you can do the wp-cli stuff like
wp config create
,wp db create
etc.My results on a google search were unclear. So I went assuming no as that is illogical to me.
But wouldn't be the first time something illogical to me was fact.
Well, it's very logical to me. And I just confirmed on MariaDB 10.1.44 that it works the way I thought it did.
Privileges are dependent on object names and not a particular object. Therefor the rights to something on a database, table or whatever can be created before that something exists.
Well that works for me. I'll update the guide in a bit and then run through a new deployment as a test.
Great. I like the guides you post, they are very well thought out.
does not like it.
[jbusch@jb-wp ~]$ # sudo mysql -e "GRANT ALL ON *.* TO '$DB_USER'@'localhost';" [jbusch@jb-wp ~]$ sudo mysql -e "GRANT ALL ON '$DB_NAME'.* TO '$DB_USER'@'localhost';" ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''ziiCh6geiqu6'.* TO 'eitaethie9cahX7u'@'localhost'' at line 1 [jbusch@jb-wp ~]$ sudo mysql -e "FLUSH PRIVILEGES;"
But no issue with the wildcard.
[jbusch@jb-wp ~]$ sudo mysql -e "GRANT ALL ON *.* TO '$DB_USER'@'localhost';" [jbusch@jb-wp ~]$ sudo mysql -e "FLUSH PRIVILEGES;" [jbusch@jb-wp ~]$
-
@Pete-S well WTF... Even after the DB exists..
The DB_NAME is correct.....
[jbusch@jb-wp html]$ sudo mysql -e -uroot -p$DB_ROOT_PASS "GRANT ALL ON '$DB_NAME'.* TO '$DB_USER'@'localhost';" ERROR 1049 (42000): Unknown database 'GRANT ALL ON 'ziiCh6geiqu6'.* TO 'eitaethie9cahX7u'@'localhost';' [jbusch@jb-wp html]$ sudo mysql -e -uroot -p$DB_ROOT_PASS "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost';" ERROR 1049 (42000): Unknown database 'GRANT ALL ON ziiCh6geiqu6.* TO 'eitaethie9cahX7u'@'localhost';' [jbusch@jb-wp html]$ cat wp-config.php | grep DB_NAME define( 'DB_NAME', 'ziiCh6geiqu6' ); [jbusch@jb-wp html]$
-
@JaredBusch said in WP-CLI and database users:
@Pete-S well WTF... Even after the DB exists..
The DB_NAME is correct.....
I don't understand why. What happens if you just login and do it manually? Do you get the same result?
"Unknown database". To me that is related to the default database set in mysql sessions. Do you have a USE command somewhere?
Best action might be to test all the SQL commands manually instead of from the script.
-
@Pete-S said in WP-CLI and database users:
Do you have a USE command somewhere?
No, because when the script runs originally, there is no exisiting database to use.
-
Alright, after some troubleshooting. The line on your script should be:
sudo mysql -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost';"
No
'
around $DB_NAME. That gives you a syntax error.Also since DB_USER doesn't contain spaces and neither does localhost, you don't need any
'
around those either (but it doesn't cause any syntax errors).And when you use
-e
you should have it after user and password so the SQL commands you want to execute comes after the-e
.sudo mysql -uroot -p$DB_ROOT_PASS -e "CREATE USER $DB_USER@localhost IDENTIFIED by '$DB_PASS';" sudo mysql -uroot -p$DB_ROOT_PASS -e "GRANT ALL ON $DB_NAME.* TO $DB_USER@localhost;" sudo mysql -uroot -p$DB_ROOT_PASS -e "FLUSH PRIVILEGES;"
I'm sure you know but you can also put more than one command in the execute string.
;
is what separates the commands.
Or put the SQL in a file.
For instance:sudo mysql -uroot -p$DB_ROOT_PASS -e "GRANT ALL ON $DB_NAME.* TO $DB_USER@localhost; FLUSH PRIVILEGES;"
-
@Pete-S said in WP-CLI and database users:
And when you use -e you should have it after user and password so the SQL commands you want to execute comes after the -e.
That was a once off artifact of me doing it on this system after the root password has been set.
That was also the reason it did not work for me as I tried without the
'
-
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
And when you use -e you should have it after user and password so the SQL commands you want to execute comes after the -e.
That was a once off artifact of me doing it on this system after the root password has been set.
OK, so maybe this then:
sudo mysql -e "CREATE USER $DB_USER@localhost IDENTIFIED by '$DB_PASS';" sudo mysql -e "GRANT ALL ON $DB_NAME.* TO $DB_USER@localhost;" sudo mysql -e "FLUSH PRIVILEGES;"
-
@Pete-S said in WP-CLI and database users:
I'm sure you know but you can also put more than one command in the execute string. ; is what separates the commands.
My guides are specifically wrote lik this to clearly separate the commands that are used for the people following my guides to see every thing they are doing.
-
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
And when you use -e you should have it after user and password so the SQL commands you want to execute comes after the -e.
That was a once off artifact of me doing it on this system after the root password has been set.
OK, so maybe this then:
sudo mysql -e "CREATE USER $DB_USER@localhost IDENTIFIED by '$DB_PASS';" sudo mysql -e "GRANT ALL ON $DB_NAME.* TO $DB_USER@localhost;" sudo mysql -e "FLUSH PRIVILEGES;"
right. Updating the guide. but half tempted to leave the single quotes everywhere it that causes no error in order to protect against spaces by others. Though I am using
pwgen
to do this. -
Guide updated. I left the
'
everywhere else.Of note, I had to drop the DB_NAME to 16 characters because it broke it longer. Even though current
mariadb
should accept much longer database names according to my quick google on the subject. -
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
@JaredBusch said in WP-CLI and database users:
@Pete-S said in WP-CLI and database users:
And when you use -e you should have it after user and password so the SQL commands you want to execute comes after the -e.
That was a once off artifact of me doing it on this system after the root password has been set.
OK, so maybe this then:
sudo mysql -e "CREATE USER $DB_USER@localhost IDENTIFIED by '$DB_PASS';" sudo mysql -e "GRANT ALL ON $DB_NAME.* TO $DB_USER@localhost;" sudo mysql -e "FLUSH PRIVILEGES;"
right. Updating the guide. but half tempted to leave the single quotes everywhere it that causes no error in order to protect against spaces by others. Though I am using
pwgen
to to this.It's kind of f*cked up to have spaces in user names and passwords. Personally I don't use something unless it's specifically needed but either way works.