MySql 用户管理
In MySql, the concept of "account" is tied to two things:a username and a hostname.That is,when you connect to the server,it checks not only the username that you specify,but also what host you're connecting from.One implication of thie concept of an concept of an account is that it is possible to set up separate accounts for different users who have the same username but connect from different hosts.
1 Permissible Privileges for GRANT and REVOKE
Privilege | Meaning and Grantable Levels |
---|---|
ALL [PRIVILEGES] |
Grant all privileges at specified access level except GRANT OPTION andPROXY . |
ALTER |
Enable use of ALTER TABLE . Levels: Global, database, table. |
ALTER ROUTINE |
Enable stored routines to be altered or dropped. Levels: Global, database, routine. |
CREATE |
Enable database and table creation. Levels: Global, database, table. |
CREATE ROUTINE |
Enable stored routine creation. Levels: Global, database. |
CREATE TABLESPACE |
Enable tablespaces and log file groups to be created, altered, or dropped. Level: Global. |
CREATE TEMPORARY TABLES |
Enable use of CREATE TEMPORARY TABLE . Levels: Global, database. |
CREATE USER |
Enable use of CREATE USER , DROP USER , RENAME USER , and REVOKE ALL PRIVILEGES . Level: Global. |
CREATE VIEW |
Enable views to be created or altered. Levels: Global, database, table. |
DELETE |
Enable use of DELETE . Level: Global, database, table. |
DROP |
Enable databases, tables, and views to be dropped. Levels: Global, database, table. |
EVENT |
Enable use of events for the Event Scheduler. Levels: Global, database. |
EXECUTE |
Enable the user to execute stored routines. Levels: Global, database, routine. |
FILE |
Enable the user to cause the server to read or write files. Level: Global. |
GRANT OPTION |
Enable privileges to be granted to or removed from other accounts. Levels: Global, database, table, routine, proxy. |
INDEX |
Enable indexes to be created or dropped. Levels: Global, database, table. |
INSERT |
Enable use of INSERT . Levels: Global, database, table, column. |
LOCK TABLES |
Enable use of LOCK TABLES on tables for which you have the SELECT privilege. Levels: Global, database. |
PROCESS |
Enable the user to see all processes with SHOW PROCESSLIST . Level: Global. |
PROXY |
Enable user proxying. Level: From user to user. |
REFERENCES |
Enable foreign key creation. Levels: Global, database, table, column. |
RELOAD |
Enable use of FLUSH operations. Level: Global. |
REPLICATION CLIENT |
Enable the user to ask where master or slave servers are. Level: Global. |
REPLICATION SLAVE |
Enable replication slaves to read binary log events from the master. Level: Global. |
SELECT |
Enable use of SELECT . Levels: Global, database, table, column. |
SHOW DATABASES |
Enable SHOW DATABASES to show all databases. Level: Global. |
SHOW VIEW |
Enable use of SHOW CREATE VIEW . Levels: Global, database, table. |
SHUTDOWN |
Enable use of mysqladmin shutdown. Level: Global. |
SUPER |
Enable use of other administrative operations such as CHANGE MASTER TO , KILL , PURGE BINARY LOGS , SET GLOBAL , and mysqladmin debugcommand. Level: Global. |
TRIGGER |
Enable trigger operations. Levels: Global, database, table. |
UPDATE |
Enable use of UPDATE . Levels: Global, database, table, column. |
USAGE |
Synonym for “no privileges” |
2 The Grant Tables
These mysql
database tables contain grant information:
user
: User accounts, global privileges, and other non-privilege columnsdb
: Database-level privilegestables_priv
: Table-level privilegescolumns_priv
: Column-level privilegesprocs_priv
: Stored procedure and function privilegesproxies_priv
: Proxy-user privileges
3 Creating and Droping User Accounts
%:指任何主机,但不包括localhost
- 创建一个不分配任何权限的用户 ,此账户只在server(localhost)服务器登录
create user 'jim'@'localhost' identified by 'Abcd@123';
- 创建一个不分配任何权限的用户 ,此账户只在任何一台机器(% 但不包含服务器自己 )上登录
create user 'jim'@'%' identified by 'Abcd@123'; - 删除用户
drop user 'jim'@'localhost'; - 重命名用户
rename user 'jim'@'localhost' to 'jack'@'localhsot';
4 Grantint Privileges
- 授予权限
语法:权限 对象 账户 密码
创建jim 账户,允许其查询 数据库tb1下的所有对象。
grant select on tb1.* to 'jim'@'localhost' identified by 'Abcd@123';
all 表示所有权限
*.* 表示 所有数据库 的 所有对象
一般不允许 创建 grant all on *.* to ‘username’@'%' identified by 'Abcd@123'; 权限太大
- 查询权限
show grants; show grants for current_user; 列出当前用户权限
show grants for 'root'@'localhost'; 列出指定用户权限
4 Revoking Privileges
语法 revoke 权限 on 对象 from '用户'@主机
revoke select on tb1 .* from 'jim'@'localhost';
回收的权限和对象 必须完全与grans 一致
- KMP算法学习(详解)
- 查找算法的实现(C/C++实现)
- HDU 1495 非常可乐(数论,BFS)
- Selenium2+python自动化74-jquery定位
- 用php实现简单的自制计算器
- Selenium2+python自动化75-Chrome配置加载
- Selenium2+python自动化75-非input文件上传(SendKeys)
- python接口自动化11-post传data参数案例
- POJ 1321 棋盘问题(DFS板子题,简单搜索练习)
- python接口自动化12-案例分析(csrfToken)
- Python基础学习笔记
- POJ 3278 Catch That Cow(BFS,板子题)
- 【请您听我说】PHP语法特点的一些看法
- 喵哈哈村的魔法考试 Round #1 (Div.2) 题解&源码(A.水+暴力,B.dp+栈)
- MySQL 教程
- MySQL 安装
- MySQL 管理与配置
- MySQL PHP 语法
- MySQL 连接
- MySQL 创建数据库
- MySQL 删除数据库
- MySQL 选择数据库
- MySQL 数据类型
- MySQL 创建数据表
- MySQL 删除数据表
- MySQL 插入数据
- MySQL 查询数据
- MySQL where 子句
- MySQL UPDATE 查询
- MySQL DELETE 语句
- MySQL LIKE 子句
- mysql order by
- Mysql Join的使用
- MySQL NULL 值处理
- MySQL 正则表达式
- MySQL 事务
- MySQL ALTER命令
- MySQL 索引
- MySQL 临时表
- MySQL 复制表
- 查看MySQL 元数据
- MySQL 序列 AUTO_INCREMENT
- MySQL 处理重复数据
- MySQL 及 SQL 注入
- MySQL 导出数据
- MySQL 导入数据
- MYSQL 函数大全
- MySQL Group By 实例讲解
- MySQL Max()函数实例讲解
- mysql count函数实例
- MYSQL UNION和UNION ALL实例
- MySQL IN 用法
- MySQL between and 实例讲解
- Vue用keep-alive实现页面缓存
- Mybatis源码笔记之浅析StatementHandler
- Spring之事务传播行为
- Js处理异步async,await
- Vue_Cli4.x使用px2rem + vant搭建移动端项目
- Html新特性contenteditable自定义富文本
- 如何优雅的处理Restful
- 微信SDK实现多张图片上传
- JsBase64位转换为blob上传到服务器
- 微信小程序可移动浮窗
- Vant实现省市区三级联动
- springboot+Druid+mybatis整合
- Vue_cli升级4.x版本搭建项目
- String系列之format方法
- Flutter使用StatefulWidget有状态组件累计添加数组