I'm trying to understand the reason why I keep experiencing problems while using INTO OUTFILE command.
I always get this erroro:
ERROR 1 (HY000): Can't create/write to file '/var/www/p1.txt' (Errcode: 13)
SELECT password FROM mysql.user WHERE user='root' INTO OUTFILE '/var/www/p1.txt';
Useful details:
web application : DVWA (localhost) (for study purposes)
Server: Apache/2.2.14 (Ubuntu) - PHP/5.3.2
MySQL version 5.1.63
Operating system Linux Backtrack 5r3.
I'm running the command as root. Also, I can freely create folders or files in /var/www/
Errcode 13 I know it means permission denied, but what should I do in order to fix the problem?
Any help will be highly appreciated.
Even if you're logged in as root into MySQL, the file write will be performed as the user running the actual MySQL daemon.
In other words, you should check which user runs mysqld, and give write permission to the directory for that user.
you must alter the permissions for user mysqld
. start by running the following command sudo aa-status
to check your user status and authorized directories. if you want to change permissions, edit /etc/apparmor.d/usr.sbin.mysqld
and insert the directories you want.
you must then restart apparmor sudo /etc/init.d/apparmor restart
chown /var/www to the user trying to write the file, or chmod 777 /var/www
this is probably not a secure way of doing it, you might like to consider putting the file elsewhere
Although this post is quite old, in 2018 this problem is still there. I spent a couple of hours banging my head in this maze.
Server version: 5.7.24 MySQL Community Server (GPL) running on Ubuntu 14.04
To allow MySql to SELECT INTO OUTFILE requires to set MySQL's secure-file-priv
option in your configuration.
Append the following 2 lines to /etc/mysql/mysql.conf
:
[mysqld]
# allow INTO OUTFILE file and LOAD DATA INFILE to this directory
secure_file_priv=/usr/share/mysql-files
/usr/share/mysql-files
is the directory where my files will be stored. I created it doing:
sudo su
cd /usr/share
mkdir mysql-files
chown mysql:mysql mysql-files
chmod a+rw mysql-files
Change /usr/share/mysql-files
for whatever you prefer, but avoid to use the /tmp
directory!
Why?
Because, at next time you'll be rebooting, the /tmp
directory is happily erased including your precious mysql-files sub-directory. The mysql service then chokes and it won't start, leading to wierd errors with cryptics messages.
restart mysql and check:
sudo su
service mysql restart
mysql
mysql> SHOW VARIABLES LIKE "%secure%";
+--------------------------+-------------------------+
| Variable_name | Value |
+--------------------------+-------------------------+
| require_secure_transport | OFF |
| secure_auth | ON |
| secure_file_priv | /usr/share/mysql-files/ |
+--------------------------+-------------------------+
3 rows in set (0.07 sec)
mysql> quit
Bye
You are not done, yet!
There is a troll by the name of apparmor
who will ruines your project.
Edit the file /etc/apparmor/local/usr/sbin/mysqld
and append the
following 2 lines -- don't forget the ending commas:
/usr/share/mysql-files rw,
/usr/share/mysql-files/** rw,
save it, and reparse:
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld
That should make it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With