Error
Error Code:
2068
MySQL Error 2068: Local Infile Access Denied
Description
Error 2068 occurs when a MySQL client attempts to use the `LOAD DATA LOCAL INFILE` statement to import data from a file on the client's machine, but the operation is rejected. This rejection is due to security restrictions configured on either the MySQL server, the client, or the underlying operating system, preventing local file access for data loading.
Error Message
LOAD DATA LOCAL INFILE file request rejected due to restrictions on access.
Known Causes
3 known causesServer `local_infile` Disabled
The MySQL server's `local_infile` system variable is set to OFF, explicitly disallowing `LOAD DATA LOCAL INFILE` operations from any client.
Client `local_infile` Disabled
The MySQL client application or library used for the connection has its `local_infile` capability disabled, preventing it from initiating local file transfers.
Operating System Security Policies
System-level security measures (e.g., SELinux, AppArmor, or strict firewall rules) on the client or server host may be blocking the file transfer mechanism required by `LOAD DATA LOCAL INFILE`.
Solutions
4 solutions available1. Enable LOCAL INFILE Client-Side easy
Configure your MySQL client to allow local file loading.
1
When connecting to the MySQL server, use the `--local-infile=1` option in your client command. This tells the client to request permission from the server to use `LOCAL INFILE`.
mysql -u your_user -p --local-infile=1 your_database2
If you are using a programming language connector (e.g., Python's `mysql.connector`, Node.js's `mysql` package), look for an option like `allow_local_infile` or `local_infile` in the connection parameters and set it to `True` or `true`.
import mysql.connector
cnx = mysql.connector.connect(
user='your_user',
password='your_password',
host='your_host',
database='your_database',
allow_local_infile=True
)2. Enable LOCAL INFILE Server-Side medium
Configure the MySQL server to permit local file loading.
1
Locate your MySQL server's configuration file (`my.cnf` or `my.ini`). The location varies by operating system and installation method.
2
Within the `[mysqld]` section of the configuration file, add or modify the `local_infile` directive to `1`.
[mysqld]
local_infile=13
Restart the MySQL server for the changes to take effect.
sudo systemctl restart mysql # For systemd-based systems
# or
sudo service mysql restart # For init.d-based systems3. Grant RELOAD Privilege medium
Ensure the user has the necessary privileges to bypass local infile restrictions.
1
Connect to your MySQL server as a user with sufficient privileges (e.g., `root`).
mysql -u root -p2
Grant the `RELOAD` privilege to the user who will be performing the `LOAD DATA LOCAL INFILE` operation. Note: `RELOAD` is a powerful privilege and should be granted with caution.
GRANT RELOAD ON *.* TO 'your_user'@'your_host';
FLUSH PRIVILEGES;3
Alternatively, for more granular control, you can grant `FILE` privilege, which also allows `LOAD DATA LOCAL INFILE` and `SELECT ... INTO OUTFILE`.
GRANT FILE ON *.* TO 'your_user'@'your_host';
FLUSH PRIVILEGES;4. Use `LOAD DATA INFILE` Without LOCAL medium
Load data directly from the server's filesystem.
1
Ensure the file you want to load is accessible by the MySQL server process on the server's filesystem.
2
Modify your `LOAD DATA` statement to remove the `LOCAL` keyword. The file path should be relative to the server's data directory or an absolute path on the server.
LOAD DATA INFILE '/path/to/your/file.csv' INTO TABLE your_table
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\n';3
Make sure the MySQL server process has read permissions for the specified file.