Discussion:
[apollo] Mysql permissions for apollo user
Robin A. Ohm
2016-02-26 14:20:16 UTC
Permalink
Hi,

I'm planning to migrate the mysql database that is used by apollo to
another mysql server (which is maintained by the IT staff of the
university). I tried to create a user 'apollo' who only has access to
the apollo database on that mysql server, but I it turns out that I
can't simply do a 'GRANT ALL ON apollo_db.*' for that user (presumably
because I don't have all permissions myself). So my question is: what
mysql permissions does the apollo user need for webapollo to function
correctly? SELECT, UPDATE, INSERT, CREATE, anything else?

Thanks for your help. Best regards,

Robin
--
Robin A. Ohm, PhD | Assistant Professor | Microbiology | Utrecht University
Kruyt Building | Room W402 | Padualaan 8 | 3584 CH | Utrecht | The Netherlands | +31 (0) 30 2533016
Colin
2016-02-26 19:25:34 UTC
Permalink
Hi Robin

I haven't fully evaluated the minimum privileges needed for production, but
I just tested it out with a low privileged user and it looks like it also
needs "ALTER, REFERENCES, INDEX" when starting up.

You could probably remove those after booting up though too, leaving
only "SELECT,
UPDATE, INSERT", I doubt it would do any other dynamic things at runtime.

Then when you upgrade apollo, you can just re-enable the ALTER, CREATE,
DROP, INDEX temporarily during a database migration.


-Colin
Post by Robin A. Ohm
Hi,
I'm planning to migrate the mysql database that is used by apollo to
another mysql server (which is maintained by the IT staff of the
university). I tried to create a user 'apollo' who only has access to the
apollo database on that mysql server, but I it turns out that I can't
simply do a 'GRANT ALL ON apollo_db.*' for that user (presumably because I
don't have all permissions myself). So my question is: what mysql
permissions does the apollo user need for webapollo to function correctly?
SELECT, UPDATE, INSERT, CREATE, anything else?
Thanks for your help. Best regards,
Robin
--
Robin A. Ohm, PhD | Assistant Professor | Microbiology | Utrecht University
Kruyt Building | Room W402 | Padualaan 8 | 3584 CH | Utrecht | The
Netherlands | +31 (0) 30 2533016
This list is for the Apollo Annotation Editing Tool. Info at
http://genomearchitect.org/
If you wish to unsubscribe from the Apollo List: 1. From the address with
2. In the subject line of your email type: unsubscribe apollo | 3. Leave
the message body blank.
Nathan Dunn
2016-02-26 20:17:36 UTC
Permalink
It will need to create / alter tables, sequences, and indexes.

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
Hi,
I'm planning to migrate the mysql database that is used by apollo to another mysql server (which is maintained by the IT staff of the university). I tried to create a user 'apollo' who only has access to the apollo database on that mysql server, but I it turns out that I can't simply do a 'GRANT ALL ON apollo_db.*' for that user (presumably because I don't have all permissions myself). So my question is: what mysql permissions does the apollo user need for webapollo to function correctly? SELECT, UPDATE, INSERT, CREATE, anything else?
Thanks for your help. Best regards,
Robin
--
Robin A. Ohm, PhD | Assistant Professor | Microbiology | Utrecht University
Kruyt Building | Room W402 | Padualaan 8 | 3584 CH | Utrecht | The Netherlands | +31 (0) 30 2533016
This list is for the Apollo Annotation Editing Tool. Info at http://genomearchitect.org/
Ohm, R.A. (Robin)
2016-02-27 10:36:34 UTC
Permalink
Thanks guys, this is very useful info.

Best regards, Robin

Robin A. Ohm, PhD | Assistant Professor | Microbiology | Utrecht University
Kruyt Building | Room W402 | Padualaan 8 | 3584 CH | Utrecht | The Netherlands | +31 (0) 30 2533016
________________________________
From: apollo-***@lists.lbl.gov [apollo-***@lists.lbl.gov] on behalf of Nathan Dunn [***@lbl.gov]
Sent: Friday, February 26, 2016 21:17
To: ***@lists.lbl.gov
Subject: Re: [apollo] Mysql permissions for apollo user


It will need to create / alter tables, sequences, and indexes.

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
Hi,
I'm planning to migrate the mysql database that is used by apollo to another mysql server (which is maintained by the IT staff of the university). I tried to create a user 'apollo' who only has access to the apollo database on that mysql server, but I it turns out that I can't simply do a 'GRANT ALL ON apollo_db.*' for that user (presumably because I don't have all permissions myself). So my question is: what mysql permissions does the apollo user need for webapollo to function correctly? SELECT, UPDATE, INSERT, CREATE, anything else?
Thanks for your help. Best regards,
Robin
--
Robin A. Ohm, PhD | Assistant Professor | Microbiology | Utrecht University
Kruyt Building | Room W402 | Padualaan 8 | 3584 CH | Utrecht | The Netherlands | +31 (0) 30 2533016
This list is for the Apollo Annotation Editing Tool. Info at http://genomearchitect.org/
This list is for the Apollo Annotation Editing Tool. Info at http://genomearchitect.org/
If you wish to unsubscribe from the Apollo List: 1. From the address with which you subscribed to the list, send a message to ***@lists.lbl.gov | 2. In the subject line of your email type: unsubscribe apollo | 3. Leave the message body blank.
Loading...