MySQL如何修改账号的IP限制条件详解
时间:2019-03-31
本文章向大家介绍MySQL如何修改账号的IP限制条件详解,主要包括MySQL如何修改账号的IP限制条件详解使用实例、应用技巧、基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋友可以参考一下。
前言
最近在工作中遇到一个需求:修改MySQL用户的权限,需要限制特定IP地址才能访问,第一次遇到这类需求,结果在测试过程,使用更新系统权限报发现出现了一些问题, 具体演示如下.
注意:下面测试环境为MySQL 5.6.20. 如有其它版本与下面测试结果有出入,请以实际环境为准。
我们先创建一个测试用户LimitIP,只允许192.168段的IP地址访问,具体权限如下所示:
mysql> GRANT SELECT ON MyDB.* TO LimitIP@'192.168.%' IDENTIFIED BY 'LimitIP'; Query OK, 0 rows affected (0.01 sec) mysql> GRANT INSERT ,UPDATE,DELETE ON MyDB.kkk TO LimitIP@'192.168.%'; Query OK, 0 rows affected (0.00 sec) mysql> mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> mysql> show grants for LimitIP@'192.168.%'; +----------------------------------------------------------------------------------------------------------------+ | Grants for LimitIP@192.168.% | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'LimitIP'@'192.168.%' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' | | GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.%' | | GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.%' | +----------------------------------------------------------------------------------------------------------------+ 3 rows in set (0.00 sec) mysql>
假设现在收到需求:这个用户只允许这个IP地址192.168.103.17访问,于是我打算更新mysql.user表,如下所示:
mysql> select user, host from mysql.user where user='LimitIP'; +---------+-----------+ | user | host | +---------+-----------+ | LimitIP | 192.168.% | +---------+-----------+ 1 row in set (0.00 sec) mysql> update mysql.user set host='192.168.103.17' where user='LimitIP'; Query OK, 1 row affected (0.02 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> flush privileges; Query OK, 0 rows affected (0.01 sec) mysql> select user, host from user where user='LimitIP'; ERROR 1046 (3D000): No database selected mysql> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> select user, host from user where user='LimitIP'; +---------+----------------+ | user | host | +---------+----------------+ | LimitIP | 192.168.103.17 | +---------+----------------+ 1 row in set (0.00 sec) mysql> show grants for LimitIP@'192.168.103.17'; +---------------------------------------------------------------------------------------------------------------------+ | Grants for LimitIP@192.168.103.17 | +---------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' | +---------------------------------------------------------------------------------------------------------------------+ 1 row in set (0.00 sec) mysql>
上面测试发现,如果这样只修改mysql.user表, 那么之前的权限没有了,如下所示,如果你查询mysql.db、 mysql.tables_priv 发现Host的字段值依然为192.168.%
mysql> select * from mysql.db where user='LimitIP'\G; *************************** 1. row *************************** Host: 192.168.% Db: MyDB User: LimitIP Select_priv: Y Insert_priv: N Update_priv: N Delete_priv: N Create_priv: N Drop_priv: N Grant_priv: N References_priv: N Index_priv: N Alter_priv: N Create_tmp_table_priv: N Lock_tables_priv: N Create_view_priv: N Show_view_priv: N Create_routine_priv: N Alter_routine_priv: N Execute_priv: N Event_priv: N Trigger_priv: N 1 row in set (0.00 sec) ERROR: No query specified mysql> select * from mysql.tables_priv where user='LimitIP'\G; *************************** 1. row *************************** Host: 192.168.% Db: MyDB User: LimitIP Table_name: kkk Grantor: root@localhost Timestamp: 0000-00-00 00:00:00 Table_priv: Insert,Update,Delete Column_priv: 1 row in set (0.00 sec) ERROR: No query specified
所以我继续修改 mysql.db、 mysql.tables_priv 表,然后测试验证终于OK了(请见下面测试步骤),当然如果账户的权限不止这几个层面,你可能还必须修改例如mysql.columns_priv、mysql.procs_priv等表
mysql> show grants for LimitIP@'192.168.%'; ERROR 1141 (42000): There is no such grant defined for user 'LimitIP' on host '192.168.%' mysql> mysql> mysql> update mysql.db set host='192.168.103.17' where user='LimitIP'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> update mysql.tables_priv set host='192.168.103.17' where user='LimitIP'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> show grants for LimitIP@'192.168.103.17'; +---------------------------------------------------------------------------------------------------------------------+ | Grants for LimitIP@192.168.103.17 | +---------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' | | GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.17' | | GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.17' | +---------------------------------------------------------------------------------------------------------------------+ 3 rows in set (0.00 sec) mysql>
如果需要修改用户的IP限制,其实更新mysql相关权限表不是上上策,其实有更好的方法,那就是RENAME USER Syntax
mysql> RENAME USER 'LimitIP'@'192.168.103.17' TO 'LimitIP'@'192.168.103.18'; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) mysql> show grants for 'LimitIP'@'192.168.103.18'; +---------------------------------------------------------------------------------------------------------------------+ | Grants for LimitIP@192.168.103.18 | +---------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.18' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' | | GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.18' | | GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.18' | +---------------------------------------------------------------------------------------------------------------------+ 3 rows in set (0.00 sec) mysql>
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作能带来一定的帮助,如果有疑问大家可以留言交流,谢谢大家对脚本之家的支持。
- MySQL 教程
- MySQL 安装
- MySQL 管理与配置
- MySQL PHP 语法
- MySQL 连接
- MySQL 创建数据库
- MySQL 删除数据库
- MySQL 选择数据库
- MySQL 数据类型
- MySQL 创建数据表
- MySQL 删除数据表
- MySQL 插入数据
- MySQL 查询数据
- MySQL where 子句
- MySQL UPDATE 查询
- MySQL DELETE 语句
- MySQL LIKE 子句
- mysql order by
- Mysql Join的使用
- MySQL NULL 值处理
- MySQL 正则表达式
- MySQL 事务
- MySQL ALTER命令
- MySQL 索引
- MySQL 临时表
- MySQL 复制表
- 查看MySQL 元数据
- MySQL 序列 AUTO_INCREMENT
- MySQL 处理重复数据
- MySQL 及 SQL 注入
- MySQL 导出数据
- MySQL 导入数据
- MYSQL 函数大全
- MySQL Group By 实例讲解
- MySQL Max()函数实例讲解
- mysql count函数实例
- MYSQL UNION和UNION ALL实例
- MySQL IN 用法
- MySQL between and 实例讲解
- 算法集锦(34) | 强化学习| 出租车载客问题
- 前端测试题:(解析)关于ajax跨域的说法,下面错误的是?
- 什么才是定制化 IDE 的核心价值?
- RTOS内功修炼记(八)— CMSIS RTOS API,内核通用API接口
- 从零搭建Spring Boot脚手架(1):开篇以及技术选型
- 盘点 Python 10 大常用数据结构(下篇)
- 「干货」你需要了解的六种渲染模式
- 分享两个操作Java枚举的实用方法
- 从零开始强化学习:在Python笔记本中设计和解决一个任务
- 基于深度学习的新闻推荐算法(1)
- 以复现图表的方式来学习一篇文章
- 盘点 Python 10 大常用数据结构(上篇)
- (长文预警) 你还在烦工作中碰到的拖拽问题?一个框架jiejue
- 重磅 | 青藤与腾讯安全隆重举办容器安全平台新品战略合作发布会
- 如何使用强化学习玩21点?