实例版本:MySQL 8.0.19
在导入数据的时候出现如下的报错信息:
mysql: [Warning] Using a password on the command line interface can be insecure. ERROR 2068 (HY000) at line 1: LOAD DATA LOCAL INFILE file request rejected due to restrictions on access.
导入的命令如下:
mysql -udata_temp -h10.30.xx.xx -Dtest -p -P4306 -e "load data local infile '/tmp/tank_avg_datas.txt' replace into table tank_dts_analytics fields terminated by ',' (ping_minus_avg,pings_level1,pings_level2,pings_level3,pings_level4,real_pings_level1,real_pings_level2,real_pings_level3,real_pings_level4)"
排查步骤:
1、查看实例的参数local_infile是否是启用状态
mysql>>show variables like '%local_infile%'; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | local_infile | ON | +---------------+-------+ 1 row in set (0.00 sec)
发现该参数已经设置启动了
MySQL 8.0版本, local_infile默认是关闭的,但是MySQL 5.7版本默认是开启的;
2、但是客户端操作还是无法执行导入操作
解决方案:
需要在导入的时候,mysql客户端需要加上–local-infile=1即可导入
mysql -udata_temp -h10.30.xx.xx -Dtest -p --local-infile=1 -P4306 -e "load data local infile '/tmp/tank_avg_datas.txt' replace into table tank_dts_analytics fields terminated by ',' (ping_minus_avg,pings_level1,pings_level2,pings_level3,pings_level4,real_pings_level1,real_pings_level2,real_pings_level3,real_pings_level4)"
小结:
如果load data语句使用了local子句,则客户端使用TCP远程连接mysql server时,没有file权限仍然能够导入文本文件,这个时候是非常危险的,因为local子句的内部原理是从客户端的主机读取文本文件并传送到server端的/tmp目录并保存为一个临时文件,再执行load data语句的。另外,要使用local子句,还需要看server端启动是否关闭了local_infile选项(如果不指定该选项,则MySQL 8.0服务端默认为OFF,MySQL 5.7默认是ON),mysql client连接时是否关闭了local_infile选项(如果不指定该选项,则MySQL 8.0客户端默认为OFF,MySQL 5.7客户端默认是ON),local_infile在server或client端任意一端关闭都不能使用local子句,会报文章开头的错误
参考链接:
https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_local_infile
https://bugs.mysql.com/bug.php?id=91872
如果您觉得本站对你有帮助,那么可以收藏和推荐本站,帮助本站更好地发展,在此谢过各位网友的支持。
转载请注明原文链接:ERROR 2068 (HY000) at line 1: LOAD DATA LOCAL INFILE file request rejected due to restrictions on access.
转载请注明原文链接:ERROR 2068 (HY000) at line 1: LOAD DATA LOCAL INFILE file request rejected due to restrictions on access.
