文章來自:http://www.cnblogs.com/JiangLe/p/5682795.html
MySQL--mysqldump的權限說明
mysqldump 所需要的權限說明:
1、對於table 來說mysqldump 最少要有select 權限。
2、對於view 來說mysqldump 要有show view 權限。
3、對於trrigger 來說mysqldump 要有trriger 權限。
4、如果要產生一份一致的備份 mysqldump 要有lock tables 權限。
相關用戶創建與授權語句:
create user dumper@'127.0.0.1';grant select on tempdb.* to dumper@'127.0.0.1';grant show view on tempdb.* to dumper@'127.0.0.1';grant lock tables on tempdb.* to dumper@'127.0.0.1';grant trigger on tempdb.* to dumper@'127.0.0.1';
例子:
1、創建一個用於備份的用戶dumper@'127.0.0.1'
create user dumper@'127.0.0.1' identified by '123456';
2、用dumper@’127.0.0.1'去備份tempdb這個數據庫、可以發生這個時候報沒有select權限
mysqldump -h127.0.0.1 -udumper -p123456 --databases tempdb Warning: Using a password on the command line interface can be insecure.-- MySQL dump 10.13 Distrib 5.6.31, for linux-glibc2.5 (x86_64)-- -- Host: 127.0.0.1 Database: tempdb-- ------------------------------------------------------ -- Server version 5.6.31/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; mysqldump: Got error: 1044: Access denied for user 'dumper'@'127.0.0.1' to database 'tempdb' when selecting the database
3、爲dumper 增加tempdb庫上的select 權限
grant select on tempdb.* to dumper@'127.0.0.1';
4、用dumper@‘127.0.0.1’備份tempdb庫
[root@workstudio ~]# mysqldump -h127.0.0.1 -udumper -p123456 --databases tempdbWarning: Using a password on the command line interface can be insecure.-- MySQL dump 10.13 Distrib 5.6.31, for linux-glibc2.5 (x86_64)-- -- Host: 127.0.0.1 Database: tempdb-- -------------------------------------------------------- Server version 5.6.31/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;-- -- Current Database: `tempdb`--CREATE DATABASE /*!32312 IF NOT EXISTS*/ `tempdb` /*!40100 DEFAULT CHARACTER SET latin1 */;USE `tempdb`;/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
5、爲tempdb 創建一個view 用來測試mysqldump備份view時要用到的權限
create view view_a as select 1 as number;
6、再次試着用dumper@‘127.0.0.1’去備份tempdb、日了狗了可以看到這個報錯說是和lock tables 相關。
[root@workstudio ~]# mysqldump -h127.0.0.1 -udumper -p123456 --databases tempdb Warning: Using a password on the command line interface can be insecure.-- MySQL dump 10.13 Distrib 5.6.31, for linux-glibc2.5 (x86_64)-- -- Host: 127.0.0.1 Database: tempdb-- ------------------------------------------------------ -- Server version 5.6.31/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;-- -- Current Database: `tempdb`--CREATE DATABASE /*!32312 IF NOT EXISTS*/ `tempdb` /*!40100 DEFAULT CHARACTER SET latin1 */; USE `tempdb`; mysqldump: Got error: 1044: Access denied for user 'dumper'@'127.0.0.1' to database 'tempdb' when using LOCK TABLES
7、給dumper@'127.0.0.1'這個用戶一個lock tables 權限
grant lock tables on tempdb.* to dumper@'127.0.0.1';
8、再次試着用dumper@‘127.0.0.1’去備份tempdb、這下可以看到了它報沒有show view 權限了。
[root@workstudio ~]# mysqldump -h127.0.0.1 -udumper -p123456 --databases tempdb Warning: Using a password on the command line interface can be insecure.-- MySQL dump 10.13 Distrib 5.6.31, for linux-glibc2.5 (x86_64)-- -- Host: 127.0.0.1 Database: tempdb-- ------------------------------------------------------ -- Server version 5.6.31/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;-- -- Current Database: `tempdb`--CREATE DATABASE /*!32312 IF NOT EXISTS*/ `tempdb` /*!40100 DEFAULT CHARACTER SET latin1 */; USE `tempdb`; mysqldump: Couldn't execute 'show create table `view_a`': SHOW VIEW command denied to user 'dumper'@'localhost' for table 'view_a' (1142)
9、爲dumper@'127.0.0.1'這個用戶加上show view 權限
grant show view on tempdb.* to dumper@'127.0.0.1';
10、再用dumper@’127.0.0.1‘用戶備份tempdb庫
[root@workstudio ~]# mysqldump -h127.0.0.1 -udumper -p123456 --databases tempdbWarning: Using a password on the command line interface can be insecure.-- MySQL dump 10.13 Distrib 5.6.31, for linux-glibc2.5 (x86_64)-- -- Host: 127.0.0.1 Database: tempdb-- -------------------------------------------------------- Server version 5.6.31/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;-- -- Current Database: `tempdb`--CREATE DATABASE /*!32312 IF NOT EXISTS*/ `tempdb` /*!40100 DEFAULT CHARACTER SET latin1 */;USE `tempdb`;-- -- Temporary view structure for view `view_a`--DROP TABLE IF EXISTS `view_a`;/*!50001 DROP VIEW IF EXISTS `view_a`*/;SET @saved_cs_client = @@character_set_client;SET character_set_client = utf8;/*!50001 CREATE VIEW `view_a` AS SELECT 1 AS `number`*/;SET character_set_client = @saved_cs_client;-- -- Current Database: `tempdb`--USE `tempdb`;-- -- Final view structure for view `view_a`--/*!50001 DROP VIEW IF EXISTS `view_a`*/;/*!50001 SET @saved_cs_client = @@character_set_client */;/*!50001 SET @saved_cs_results = @@character_set_results */;/*!50001 SET @saved_col_connection = @@collation_connection */;/*!50001 SET character_set_client = utf8 */;/*!50001 SET character_set_results = utf8 */;/*!50001 SET collation_connection = utf8_general_ci */;/*!50001 CREATE ALGORITHM=UNDEFINED *//*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER *//*!50001 VIEW `view_a` AS select 1 AS `number` */;/*!50001 SET character_set_client = @saved_cs_client */;/*!50001 SET character_set_results = @saved_cs_results */;/*!50001 SET collation_connection = @saved_col_connection */;/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;-- Dump completed on 2016-07-19 5:56:17
11、如果是用mysqldump 來做備份、那麼備份用戶的相關權限如下:
create user dumper@'127.0.0.1';grant select on tempdb.* to dumper@'127.0.0.1';grant show view on tempdb.* to dumper@'127.0.0.1';grant lock tables on tempdb.* to dumper@'127.0.0.1';grant trigger on tempdb.* to dumper@'127.0.0.1';