0

I add a user on Application server using "useradd" command.

/usr/sbin/useradd shantanu

This user can connect to mysql service using the following command...

mysql -h 10.10.10.111 -uroot -proot@123

I want this user to not to be able to connect to production mysql DB hosted on 10.10.10.111 I could use firewall protection, but I do not have root access to 10.10.10.111 I need some users to be able to connect to mysql hosted on 111 and some users should not be able to do so. Is there an easy way to do this apart from using jail ?

shantanuo
  • 3,459
  • 8
  • 47
  • 64

2 Answers2

2

You should do it at MySQL level by granting privileges to the user who you want:

mysql> create user 'allow_user'@'application.server.IP' identified by 'pa$$word';
mysql> grant select, insert, ... on db.table to 'allow_user'@'application.server.IP';

http://dev.mysql.com/doc/refman/5.5/en/adding-users.html

quanta
  • 50,327
  • 19
  • 152
  • 213
1

jail would be a very odd way of going about this. Most people would simply not give out mysql usernames and passwords to those who did not need access to the mysql server.

Aaron
  • 2,968
  • 1
  • 22
  • 36