数据库权限grant

数据库权限grant

创建授权grant

  1. 权限类型(priv_type)
权限类型 代表什么?
ALL 所有权限
SELECT 读取内容的权限
INSERT 插入内容的权限
UPDATE 更新内容的权限
DELETE 删除内容的权限
  1. 指定要操作的对象 db_name.table_name
表示方式 意义
*.* 所有库的所有表
db_name 指定库的所有表
db_name.table_name 指定库的指定表

WITH GRANT OPTION:被授权的用户可将自己的权限副本转赠给其他用户,说白点就是将自己的权限完全复制给另一个用户。不建议使用。

查看授权

  1. 查看当前登录用户的授权信息
MariaDB [(none)]> show grants;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root@localhost                                                                                                              |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' WITH GRANT OPTION |
| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION                                                                           |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
  1. 查看指定用户admin的授权信息
MariaDB [(none)]> show grants for admin@localhost;
+--------------------------------------------------------------------------------------------------------------+
| Grants for admin@localhost                                                                                   |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'admin'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' |
+--------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

取消授权REVOKE

  1. 语法:REVOKE priv_type,... ON db_name.table_name FROM 'username'@'host';
MariaDB [(none)]> revoke all on *.* from admin@localhost;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
  • 注意:mysql服务进程启动时会读取mysql库中的所有授权表至内存中:
    • GRANTREVOKE等执行权限操作会保存于表中,mysql的服务进程会自动重读授权表,并更新至内存中
    • 对于不能够或不能及时重读授权表的命令,可手动让mysql的服务进程重读授权表
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
posted @ 2020-10-14 07:50  廿九九  阅读(473)  评论(0编辑  收藏  举报