在CentOS7下新增MySQL使用者並設定相應許可權
1.進入mysql命令列,輸入root及密碼
[root@localhost ~]# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 19 Server version: 5.7.22 MySQL Community Server (GPL) Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
2.使用者管理及許可權設定
// 管理使用者
mysql> use mysql;
Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A
Database changed
//查詢使用者
mysql> select host,user from user; +-----------+---------------+ | host | user | +-----------+---------------+ | % | root | | % | test | | localhost | mysql.session | | localhost | mysql.sys | | localhost | root | +-----------+---------------+ 5 rows in set (0.00 sec)
//建立使用者(使用者:admin,密碼:123456)
mysql> create user admin identified by '123456';
Query OK, 0 rows affected (0.00 sec)
// 刪除使用者admin
mysql> drop user admin;
Query OK, 0 rows affected (0.00 sec)
// 重新建立使用者(使用者:admins,密碼:123456)
mysql> create user admins identified by '123456'; Query OK, 0 rows affected (0.00 sec) mysql> select host, user from user; +-----------+---------------+ | host | user | +-----------+---------------+ | % | admins | | % | root | | % | test | | localhost | mysql.session | | localhost | mysql.sys | | localhost | root | +-----------+---------------+ 6 rows in set (0.00 sec) // 檢視使用者admins的許可權 mysql> show grants for admins; +------------------------------------+ | Grants for admins@% | +------------------------------------+ | GRANT USAGE ON *.* TO 'admins'@'%' | +------------------------------------+ 1 row in set (0.00 sec) // 賦予許可權(給使用者admins,授予資料庫test的查詢許可權) mysql> grant select on test.* to admins; Query OK, 0 rows affected (0.00 sec) // 檢視使用者admins的許可權 mysql> show grants for admins; +------------------------------------------+ | Grants for admins@% | +------------------------------------------+ | GRANT USAGE ON *.* TO 'admins'@'%' | | GRANT SELECT ON `test`.* TO 'admins'@'%' | +------------------------------------------+ 2 rows in set (0.00 sec) // 收回許可權(對使用者admins,收回資料庫test的查詢許可權) mysql> revoke select on test.* from admins; Query OK, 0 rows affected (0.01 sec) // 檢視使用者admins的許可權 mysql> show grants for admins; +------------------------------------+ | Grants for admins@% | +------------------------------------+ | GRANT USAGE ON *.* TO 'admins'@'%' | +------------------------------------+ 1 row in set (0.00 sec) // 賦予許可權(給使用者admins,授予資料庫test的查詢、更新、刪除、插入等許可權) mysql> grant select, update, delete, insert on test.* to admins; Query OK, 0 rows affected (0.00 sec) // 檢視使用者admins的許可權 mysql> show grants for admins; +------------------------------------------------------------------+ | Grants for admins@% | +------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'admins'@'%' | | GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'admins'@'%' | +------------------------------------------------------------------+ 2 rows in set (0.01 sec) // 賦予許可權(給使用者admins,授予資料庫test的新建表、刪除表或刪除資料庫等許可權) mysql> grant create,drop on test.* to admins; Query OK, 0 rows affected (0.00 sec) // 檢視使用者admins的許可權 mysql> show grants for admins; +--------------------------------------------------------------------------------+ | Grants for admins@% | +--------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'admins'@'%' | | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON `test`.* TO 'admins'@'%' | +--------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) // 重新整理許可權(使設定的許可權生效) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) // 檢視root的許可權 mysql> show grants for root; +-------------------------------------------+ | Grants for root@% | +-------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' | +-------------------------------------------+ 1 row in set (0.00 sec)
以下是使用者可以享受的常見可能許可權的簡短列表。
ALL PRIVILEGES - 正如我們前面所看到的,這將允許MySQL使用者訪問指定的資料庫(或者如果系統中沒有選擇資料庫)
CREATE-允許他們建立新的表或資料庫
DROP-允許他們刪除表或資料庫
DELETE-允許他們從表中刪除行
INSERT-允許它們向表中插入行
SELECT-允許他們使用Select命令來讀取資料庫
UPDATE-允許他們更新錶行
GRANT OPTION - 允許他們授予或刪除其他使用者的許可權
要向特定使用者提供許可權,可以使用此框架:
GRANT [type of permission] ON [database name].[table name] TO ‘[username]’@'localhost’;
如果要向其授予對任何資料庫或任何表的訪問許可權,請確保在資料庫名稱或表名稱的地方放置星號(*)。
每次更新或更改許可權時,請務必使用Flush Privileges命令。
如果您需要撤消許可權,則結構與授予的結構幾乎相同:
REVOKE [type of permission] ON [database name].[table name] FROM ‘[username]’@‘localhost’;
正如您可以使用DROP刪除資料庫一樣,您可以使用DROP完全刪除使用者:
DROP USER ‘demo’@‘localhost’;
要測試您的新使用者,請通過鍵入登出
quit
並使用此命令在終端中重新登入:
mysql -u [u