本文介紹MySQL權限的基本操作。
授權
MySQL用戶包括user和host兩部分。
user與host是一起出現的,即權限指的是某個用戶在某個主機或某些主機上的權限。
首先,創建用戶:
mysql> CREATE USER 'root'@'%' IDENTIFIED by 'mysql123456';
接着,授權權限:
mysql> GRANT ALL on *.* to 'root'@'%';
Query OK, 0 rows affected (0.00 sec)
具體權限,是指某個DB下某個table的權限。
這裏授權'root'@'%' 操作所有DB所有tabe的權限。
查看授權
查看’root’@’%'的授權:
mysql> show grants for 'root'@'%';
+-------------------------------------------------------------+
| Grants for root@% |
+-------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION |
+-------------------------------------------------------------+
1 row in set (0.00 sec)
查看授權用戶
mysql> select * from mysql.user;
查看指定用戶
mysql> select * from mysql.user where user='root'\G
*************************** 1. row ***************************
Host: localhost
User: root
... ...
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin: mysql_native_password
authentication_string: *xxx
password_expired: N
password_last_changed: 2018-10-10 14:42:12
password_lifetime: NULL
account_locked: N
*************************** 2. row ***************************
Host: %
User: root
... ...
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin: mysql_native_password
authentication_string: xxx
password_expired: N
password_last_changed: 2018-10-10 14:47:32
password_lifetime: NULL
account_locked: N
2 rows in set (0.01 sec)
撤銷權限
撤銷某個用戶的授權:
REVOKE ALL on orchestrator.* FROM 'orchestrator_server'@'10.23.211.199';
刪除用戶:
delete from mysql.user where user='orchestrator_server' and host='10.23.211.199' ;
flush privileges ;