Conditions for LOAD_FILE to work

1. From http://dev.mysql.com/doc/refman/5.0/en/string-functions.html#function_load-file:
2.  
3. "To use this function, the file must be located on the server host, you must specify the full path name to the file, and you must have the FILE privilege. The file must be readable by all and its size less than max_allowed_packet bytes. If the secure_file_priv system variable is set to a nonempty directory name, the file to be loaded must be located in that directory."
4.  
5. ### Condition 1 #################################################
6. "the file must be located on the server host, "
7.  
8. I'm running on same host:
9.  
10. mysql> \! hostname && ls /home/jlam/testImage.jpg
11. dev1
12. /home/jlam/testImage.jpg
13.  
14. 15:05:34 ~$ hostname; ls $PWD/testImage.jpg
15. dev1
16. /home/jlam/testImage.jpg
17.  
18.  
19. ### Condition 2 #################################################
20. * you must specify the full path name to the file,
21.  
22. (see example below)
23.  
24.  
25. ### Condition 3 #################################################
26.  
27. * and you must have the FILE privilege.
28.  
29. mysql> show grants;
30. +-------------------------------------------------------+
31. | Grants for test@localhost |
32. +-------------------------------------------------------+
33. | GRANT FILE ON *.* TO 'test'@'localhost' |
34. | GRANT ALL PRIVILEGES ON `tmp`.* TO 'test'@'localhost' |
35. +-------------------------------------------------------+
36. 2 rows in set (0.00 sec)
37.  
38.  
39. ### Condition 4 #################################################
40.  
41. * The file must be readable by all and
42.  
43. mysql> \! ls -l /home/jlam/testImage.jpg
44. -rw-rw-r--. 1 jlam jlam 440418 May 12 15:01 /home/jlam/testImage.jpg
45.  
46.  
47.  
48. ### Condition 5 #################################################
49.  
50. * its size less than max_allowed_packet bytes.
51.  
52. mysql> show variables like '%max_allow%'
53. -> ;
54. +--------------------------+------------+
55. | Variable_name | Value |
56. +--------------------------+------------+
57. | max_allowed_packet | 16777216 |
58. | slave_max_allowed_packet | 1073741824 |
59. +--------------------------+------------+
60. 2 rows in set (0.00 sec)
61.  
62. mysql> \! ls -l /home/jlam/testImage.jpg
63. -rw-rw-r--. 1 jlam jlam 440418 May 12 15:01 /home/jlam/testImage.jpg
64.  
65. mysql> select 440418 < 16777216;
66. +-------------------+
67. | 440418 < 16777216 |
68. +-------------------+
69. | 1 |
70. +-------------------+
71. 1 row in set (0.00 sec)
72.  
73.  
74.  
75. ### Condition 6 #################################################
76.  
77. * If the secure_file_priv system variable is set to a nonempty directory name, the file to be loaded must be located in that directory.
78.  
79. mysql> show variables like '%secure%';
80. +------------------+-------+
81. | Variable_name | Value |
82. +------------------+-------+
83. | secure_auth | OFF |
84. | secure_file_priv | |
85. +------------------+-------+
86. 2 rows in set (0.00 sec)
87.  
88.  
89.  
90. ### Some addendums I would make #################################
91.  
92. Make sure:
93.  
94. - there is execute permission on the parent directory
95. - The FILE privilege must is explicily granted. (GRANT FILE on *.* TO user@localhost)
96. - You have flushed privileges
97. - You have logged out and logged back in
98.  
99. Example of permission on parent dir:
100.  
101. <pre>
102.  
103. mysql> \! ls -ld `dirname /home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg`
104. drwxrwxr--. 2 jlam jlam 4096 May 12 14:22 /home/jlam/code/projectName/doc/filesForTesting/images
105.  
106. mysql> select hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/image
107.  
108. Test01.jpg'));
109. +-------------------------------------------------------------------------------------------------------------+
110. | hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg')) |
111. +-------------------------------------------------------------------------------------------------------------+
112. | NULL |
113. +-------------------------------------------------------------------------------------------------------------+
114. 1 row in set (0.00 sec)
115.  
116.  
117.  
118. mysql> \! chmod o+x /home/jlam/code/projectName/doc/filesForTesting/images
119. mysql> \! ls -ld `dirname /home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg`
120. drwxrwxr-x. 2 jlam jlam 4096 May 12 14:22 /home/jlam/code/projectName/doc/filesForTesting/images
121. mysql> select hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'));
122. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
123. | hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'))
124. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
125. | FFD8FFE1001845786966000049492A00080000000000000000000000FFEC00114475636B7900010004000000500000FFE10407687474703A2F2F6E732E61646F62652E636F6D2F7861702F312E302F003C3F787061636B657420626567696E3D22EFBBBF222069643D2257354D304D7043656869487
126. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
127.  
128. </pre>
129.  
130.  
131. Example of user privileges:
132.  
133. <pre>
134.  
135. 16:38:09 (getImages) ~/code/projectName/doc/filesForTesting/images$ mysql -u eventCal -p eventCal
136. Enter password:
137.  
138. mysql> show grants;
139. +-----------------------------------------------------------------------------------------------------------------+
140. | Grants for eventCal@localhost |
141. +-----------------------------------------------------------------------------------------------------------------+
142. | GRANT USAGE ON *.* TO 'eventCal'@'localhost' IDENTIFIED BY PASSWORD '*xxx' |
143. | GRANT ALL PRIVILEGES ON `tmp`.* TO 'eventCal'@'localhost' |
144. | GRANT ALL PRIVILEGES ON `eventCalTesting`.* TO 'eventCal'@'localhost' |
145. | GRANT ALL PRIVILEGES ON `eventCal`.* TO 'eventCal'@'localhost' |
146. | GRANT ALL PRIVILEGES ON `eventCal_categoryMigration`.* TO 'eventCal'@'localhost' |
147. +-----------------------------------------------------------------------------------------------------------------+
148. 5 rows in set (0.00 sec)
149.  
150. mysql> select hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'));
151. +-------------------------------------------------------------------------------------------------------------+
152. | hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg')) |
153. +-------------------------------------------------------------------------------------------------------------+
154. | NULL |
155. +-------------------------------------------------------------------------------------------------------------+
156. 1 row in set (0.00 sec)
157.  
158. </pre>
159.  
160.  
161. In other root session:
162.  
163. <pre>
164.  
165. mysql> grant file ON *.* to eventCal@localhost;
166. Query OK, 0 rows affected (0.00 sec)
167.  
168. mysql> flush privileges;
169. Query OK, 0 rows affected (0.00 sec)
170.  
171. </pre>
172.  
173. Back in user session, I still can't load the file
174.  
175.  
176. <pre>
177.  
178. mysql> select hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'));
179. +-------------------------------------------------------------------------------------------------------------+
180. | hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg')) |
181. +-------------------------------------------------------------------------------------------------------------+
182. | NULL |
183. +-------------------------------------------------------------------------------------------------------------+
184. 1 row in set (0.00 sec)
185.  
186. </pre>
187.  
188.  
189. .....But if I log out and back in:
190.  
191. <pre>
192.  
193. mysql> exit
194. Bye
195.  
196. 16:40:14 (getImages) ~/code/projectName/doc/filesForTesting/images$ mysql -u eventCal -p eventCal
197. Enter password:
198.  
199. mysql> select hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'));
200. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
201. | hex(LOAD_FILE('/home/jlam/code/projectName/doc/filesForTesting/images/imageTest01.jpg'))
202. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
203. | FFD8FFE1001845786966000049492A00080000000000000000000000FFEC00114475636B7900010004000000500000FFE10407687474703A2F2F6E732E61646F62652E636F6D2F7861702F312E302F003C3F787061636B657420626567696E3D22EFBBBF222069643D2257354D304D7043656869487
204. +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
205.  
206. </pre>