ERROR 1045: Access denied for user

Situation:
One common MySQL database server on SuSE 9.1 with all updates.
Uses 'rinetd'. Has entries for the appropriate IP addresses of all
servers.
NOTE: If the appropirate entries are NOT in rinetd, the error message
is:
ERROR 2013: Lost connection to MySQL server during query

Using the exact same query from prompt on several clients (some are
SuSE 9.1, some are older Redhat systems, but none are configured
identically).
Example (upper case indicates private stuff):
mysql -uUSER -pPASSWORD -h MYSQLSERVER.TLD.COM -e "select * from
sometable" DATABASENAME
returns correct results on all but one server. On that one
problemmatic server (SuSE 9.1), the result is:
ERROR 1045: Access denied for user: 'USER@localhost' (Using password:
YES)

Has anyone had a similar problem? Ideas for the soluton? I feel like
there is a missing configuration option on the problematic client, or a
missing library, or something, but have not been able to isolate
anything.

Yes, the -u and -p are the SAME from each client (this is all inside
the firewall), so I don't see how this can be a user or privileges
problem.
Anyway, I've done 'flush privileges' and I've restarted the database
server (/etc/init.d/mysqld restart), even the server has rebooted since
I first discovered the problem.

re: ERROR 1045: Access denied for user

>Situation:[color=blue]
>One common MySQL database server on SuSE 9.1 with all updates.
>Uses 'rinetd'. Has entries for the appropriate IP addresses of all
>servers.[/color]

IP addresses for *what kind of* servers? More MySQL servers?
Mail servers? Web servers? IRC servers?

I'm not familiar with how you run mysqld out of rinetd.
[color=blue]
>NOTE: If the appropirate entries are NOT in rinetd, the error message
>is:
>ERROR 2013: Lost connection to MySQL server during query
>
>Using the exact same query from prompt on several clients (some are
>SuSE 9.1, some are older Redhat systems, but none are configured
>identically).
>Example (upper case indicates private stuff):
> mysql -uUSER -pPASSWORD -h MYSQLSERVER.TLD.COM -e "select * from
>sometable" DATABASENAME
>returns correct results on all but one server.
>On that one
>problemmatic server (SuSE 9.1), the result is:
> ERROR 1045: Access denied for user: 'USER@localhost' (Using password:
>YES)[/color]

Ok, you passed in -h MYSQLSERVER.TLD.COM -uUSER, and you got back
'USER@localhost' for the user being used. Something is clearly
wrong here. Why isn't it using the correct host? You might look
around for something strange in .my.cnf files. What is the IP
address of MYSQLSERVER.TLD.COM *as determined from the host in
question*?

*IS* there a MySQL server on that host? Is it the one you actually
wish to use?
[color=blue]
>Has anyone had a similar problem? Ideas for the soluton? I feel like[/color]

Pass the correct hostname, and get it to take it, somehow.
[color=blue]
>there is a missing configuration option on the problematic client, or a
>missing library, or something, but have not been able to isolate
>anything.
>
>Yes, the -u and -p are the SAME from each client (this is all inside
>the firewall), so I don't see how this can be a user or privileges
>problem.
>Anyway, I've done 'flush privileges' and I've restarted the database
>server (/etc/init.d/mysqld restart), even the server has rebooted since
>I first discovered the problem.[/color]

Incidentally, as far as MySQL privilege tables are concerned, a
client connecting from localhost is not the same as a client
connecting from a public IP, so if the odd-machine-out is the one
with the MySQL server on it, -h mysqlserver.tld.com and -h localhost
are NOT equivalent in privilege tables.

Does some machine have its own machine name listed in the hosts file
with 127.0.0.1 as its IP address? That's probably a mistake.

Gordon L. Burditt

re: ERROR 1045: Access denied for user

Gordon Burditt wrote:[color=blue][color=green]
> >Situation:
> >One common MySQL database server on SuSE 9.1 with all updates.
> >Uses 'rinetd'. Has entries for the appropriate IP addresses of all
> >servers.[/color]
>
> IP addresses for *what kind of* servers? More MySQL servers?
> Mail servers? Web servers? IRC servers?[/color]

Oops! I should say "boxes" here. These are servers (they do things
like web and e-mail. Some have MySQL server for their web server (NONE
with 'USER@localhost', see below). On some, I just used the mysql
client to test the query against MYSQLSEERVER. The problematic box is
a new box, BTW.
I inherited this system, including the rinetd configuration.
[color=blue]
> I'm not familiar with how you run mysqld out of rinetd.[/color]

my.cnf:
bind-address = 127.0.0.1

rinetd.conf:
# In this example, assume this server (MYSQLSERVER.TLD.COM) is
192.168.0.10
192.168.0.10 3306 127.0.0.1 3306
# Other boxes 192.168.0.20, 30, etc. can access this database as a
client
allow 192.168.0.20
allow 192.168.0.30
etc.
[color=blue][color=green]
> >NOTE: If the appropirate entries are NOT in rinetd, the error message is:
> >ERROR 2013: Lost connection to MySQL server during query
> >
> >Using the exact same query from prompt on several clients (some are
> >SuSE 9.1, some are older Redhat systems, but none are configured
> >identically).
> >Example (upper case indicates private stuff):
> > mysql -uUSER -pPASSWORD -h MYSQLSERVER.TLD.COM -e "select * from
> >sometable" DATABASENAME
> >returns correct results on all but one server.
> >On that one
> >problemmatic server (SuSE 9.1), the result is:
> > ERROR 1045: Access denied for user: 'USER@localhost' (Using password:
> >YES)[/color][/color]
[color=blue]
> Ok, you passed in -h MYSQLSERVER.TLD.COM -uUSER, and you got back
> 'USER@localhost' for the user being used. Something is clearly
> wrong here. Why isn't it using the correct host? You might look
> around for something strange in .my.cnf files. What is the IP
> address of MYSQLSERVER.TLD.COM *as determined from the host in
> question*?[/color]

I'm guessing here: It must be the rinetd implemention?

Although -h MYSQLSERVER.TLD.COM is specified when using any of the
boxes other than MYSQLSERVER.TLD.COM (localhost then), the user is
always SOMEONE (which defaults to @localhost?). The 'USER' exists ONLY
in MySQL on the MYSQLSERVER.TLD.COM box. All boxes, including the
problematic box, resolve MYSQLSERVER.TLD.COM to the correct IP address.

IF a box is NOT in rinetd, the 2013 error occurs. Except for the new
problematic box, 1045 does not occur.
[color=blue]
> *IS* there a MySQL server on that host? Is it the one you actually
> wish to use?[/color]

There is NOT a MySQL server on the problematic box. I tried one, and
tried installing some of the other MySQL libraries, etc. Still same
problem.

[color=blue][color=green]
> >Has anyone had a similar problem? Ideas for the soluton? I feel like[/color][/color]
[color=blue]
> Pass the correct hostname, and get it to take it, somehow.[/color]
[color=blue][color=green]
> >there is a missing configuration option on the problematic client, or a
> >missing library, or something, but have not been able to isolate
> >anything.
> >
> >Yes, the -u and -p are the SAME from each client (this is all inside
> >the firewall), so I don't see how this can be a user or privileges
> >problem.
> >Anyway, I've done 'flush privileges' and I've restarted the database
> >server (/etc/init.d/mysqld restart), even the server has rebooted since
> >I first discovered the problem.[/color][/color]

[color=blue]
> Incidentally, as far as MySQL privilege tables are concerned, a
> client connecting from localhost is not the same as a client
> connecting from a public IP, so if the odd-machine-out is the one
> with the MySQL server on it, -h mysqlserver.tld.com and -h localhost
> are NOT equivalent in privilege tables.[/color]

Is rinetd changing this?
[color=blue]
>
> Does some machine have its own machine name listed in the hosts file
> with 127.0.0.1 as its IP address? That's probably a mistake.[/color]

All have valid IP addresses.
[color=blue]
>
> Gordon L. Burditt[/color]

re: ERROR 1045: Access denied for user

I am not proficient at networking issues.

However, I want to raise the point that mysql has its own security system
other than that of the OS. If you cannot get access from the other machines
then it might not be the issues of mysql. You may try to test whether the
port 3306 could be connected remotely.

I have met a case that a remote program sometimes work but not all the
times. Finally, after spending quite a lot of my extra effort, I found that
the router has problem.


<dstewart@pcfa.org> ¦b¶l¥ó
news:1120500609.261043.23610@g47g2000cwa.googlegro ups.com ¤¤¼¶¼g...[color=blue]
> Situation:
> One common MySQL database server on SuSE 9.1 with all updates.
> Uses 'rinetd'. Has entries for the appropriate IP addresses of all
> servers.
> NOTE: If the appropirate entries are NOT in rinetd, the error message
> is:
> ERROR 2013: Lost connection to MySQL server during query
>
> Using the exact same query from prompt on several clients (some are
> SuSE 9.1, some are older Redhat systems, but none are configured
> identically).
> Example (upper case indicates private stuff):
> mysql -uUSER -pPASSWORD -h MYSQLSERVER.TLD.COM -e "select * from
> sometable" DATABASENAME
> returns correct results on all but one server. On that one
> problemmatic server (SuSE 9.1), the result is:
> ERROR 1045: Access denied for user: 'USER@localhost' (Using password:
> YES)
>
> Has anyone had a similar problem? Ideas for the soluton? I feel like
> there is a missing configuration option on the problematic client, or a
> missing library, or something, but have not been able to isolate
> anything.
>
> Yes, the -u and -p are the SAME from each client (this is all inside
> the firewall), so I don't see how this can be a user or privileges
> problem.
> Anyway, I've done 'flush privileges' and I've restarted the database
> server (/etc/init.d/mysqld restart), even the server has rebooted since
> I first discovered the problem.
>[/color]