Mysql Create a Read Only User
Here's how I created a readonly user on cc1 and cc2:
Note: replace '%' with 'ip_address' for when you know which ip will be connecting to and test using the mysql connection string below.
# this is to ensure that the account will work with applications that expect long passwords.
mysql> set old_passwords=0;
Query OK, 0 rows affected (0.00 sec)
# grant "select" is to grant readonly access from localhost
mysql> grant select on asterisk.* to 'readonly'@'localhost' identified by 'moux7Veiph6Phi';
Query OK, 0 rows affected (0.03 sec)
# grant "select" is to grant readonly access from anywhere
mysql> grant select on asterisk.* to 'readonly'@'%' identified by 'moux7Veiph6Phi';
Query OK, 0 rows affected (0.03 sec)
# this is to make sure the new account is active
mysql> flush privileges;
Query OK, 0 rows affected (0.03 sec)
# this is to check that the user was created
mysql> select User, Host, Password from mysql.user;
+-------------+-----------------------+-------------------------------------------+
| User | Host | Password |
+-------------+-----------------------+-------------------------------------------+
| root | localhost | 47a4242f115cfbd3 |
| root | localhost.localdomain | |
| root | 127.0.0.1 | |
| | localhost | |
| | localhost.localdomain | |
| cron | % | 446a12100c856ce9 |
| cron | localhost | 446a12100c856ce9 |
| custom | localhost | 55c7777378240cf3 |
| goautodialu | localhost | 40804ea50295f96b |
| goautodialu | % | 40804ea50295f96b |
| readonly | % | *456097CBF974127A4636B4E61A4A452578D156C3 |
| readonly | localhost | *456097CBF974127A4636B4E61A4A452578D156C3 |
+-------------+-----------------------+-------------------------------------------+
11 rows in set (0.00 sec)
# if you changed '%' to an ip address run this command on that machine
mysql -ureadonly -p asterisk
# you can further test that the account is a readonly account
mysql> select User, Host, Password from mysql.user;
ERROR 1142 (42000): SELECT command denied to user 'readonly'@'localhost' for table 'user'