Skip to main content

MyPhpAdmin's User Permissions

Answered

Comments

12 comments

  • cPRex Jurassic Moderator

    Hey there!  In cPanel, PHPMyAdmin always runs as the main cPanel user.  This isn't something that can be changed, but I would expect you (the cPanel user, I think what you're calling "system user" in your post) to have the CREATE USER privilege, or else you wouldn't be able to use the core functions inside of cPanel >> MySQL Databases.

    Since you're on a shared plan there isn't much you can do without speaking to your host/admin to have them check the system.

    0
  • Dennis Bareis

    Thanks for the response.  I have got a support request with my hosting company but they are generally slow...

    In "MySQL Databases" I can create databases and users.

    In "PhpAdmin" I just realised I can create "Routines", I just can't edit them (except the newly created one) in the existing database (as "Edit, "Execute" & "Export" are all greyed out).

    I now see that I can edit them in the "new" database I just created.

    Looking at the "ROUTINES" table in "information_schema" my existing tables have a definer of "root@localhost", the new one I created has my cpanelAccountName@localhost, the "root" ones I can't edit.

    When I run this SQL:

    CREATE USER 'CpanelUserName'@'localhost' IDENTIFIED BY 'CpanelUserNamePassword';

    I get:

    #1227 - Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation

     

    Is there any way to dump the privledges I have in MyPhpAdmin?

    0
  • cPRex Jurassic Moderator

    Thanks for the additional details about this situation.  That is the intended behavior inside cPanel as we don't want users creating databases or granting access directly inside PHPMyAdmin.  This breaks the automation tools and permissions inside cPanel itself.

    0
  • Dennis Bareis

    I can't see how everything I described can be expect or anywhere near "good" but I have another issue.

    If I create a procedure then it has the correct definer and if I come back later it has been changed to a different one, these are examples: 

    • cpses_wcey6jssec@localhost
    • cpses_wcw9ui7m49@localhost
    0
  • cPRex Jurassic Moderator

    In general, you have to remember that you're in a cPanel environment, so things may work differently here than what you're used to in the past.  For example, we have the cPanel >> MySQL Databases tool which is where we expect all database creation, user creation, and access granting to happen.  Manual methods, such as creating databases directly inside PHPMyAdmin will break the automation that links specific users to their specific databases.  It's just the cPanel way of doing things.

    As far as that procedure you mention, it looks like it is using a temporary session value in the name, which is only good for one login, and will change each time you access either cPanel or PHPMyAdmin, so I wouldn't expect those to stay the same.

    0
  • Dennis Bareis

    The procedure was created with the correct account (I checked after creating), it was changed by CPANEL or something else after.

    0
  • cPRex Jurassic Moderator

    Right - whenever something is named "cpses" that is a temporary session and you should expect that to not last after you log out and close your browser tab.  This isn't related to the account being incorrect.

    0
  • Dennis Bareis

    I'm not that familiar with SQL inside or outside CPANEL, but the is no way that something overwriting the correct account details set up in the definer field can be expected behaviour.  This is what I need to fix or at least some pointers, ideas?

    0
  • cPRex Jurassic Moderator

    Can you provide me with exact, click-by-click details on how you're setting that up so I can do some testing on my end?

    0
  • Dennis Bareis

    The procedure is created OK, something corrupts it after that.  Someone from "cpanel support" (possibly you guys or at the host provider) has solved the issue.  I've asked for more info, if I get it I will post here.

    0
  • Dennis Bareis

    I'm probably not going to get a better response than this one:

     

    The DEFINER set for a routine or stored procedure determines which users have the ability to modify it. If the DEFINER is not correctly configured for the user you are logged in as, you won't be able to edit the routine or stored procedure in PHPMyAdmin.

    Upon investigation, it was discovered that the DEFINER was properly set for only two procedures, while the rest were still assigned to the root user.

    To resolve this, the steps outlined in the article linked below were followed to correct the DEFINER configuration: 
    https://support.cpanel.net/hc/en-us/articles/360053109134-How-to-fix-routines-stored-procedures-so-they-can-be-manipulated-via-PHPMyAdmin

    0
  • cPRex Jurassic Moderator

    I'm glad they were able to get you good details on this!

    0

Please sign in to leave a comment.