community.aegirproject.org

Liam McDermott's picture
Liam McDermott
2:41am Jul 25, 2013

Amazon RDS issue when creating aegir_root user

Tagged:

When going through the Database configuration section of the install, I tried executing this command:

GRANT ALL PRIVILEGES ON *.* TO 'aegir_root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;

on an Amazon RDS server, only to have it return:

ERROR 1045 (28000): Access denied for user 'root'@'%' (using password: YES)

After a bit of Googling, I found that Amazon RDS appears to disallow users from having certain permissions on the mysql database, the problem can be overcome by using:

GRANT ALL PRIVILEGES ON `%`.* TO 'aegir_root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;

instead of the GRANT statement that fails. The install I'm doing appears to have worked with these changed permissions.

So the question is, should we:

  1. add a note to the documentation for people using Amazon RDS, or;
  2. just change the documentation to use the GRANT ... %.* style, since it's a pretty good idea to not give Aegir permission to mess with mysql.* anyway?
ergonlogic's picture
ergonlogic
5:03am Jul 25, 2013

#1

This deserves a feature request on d.o, since we'd need to change the way the .deb and install scripts run if we change this, I believe.