数据库权限grant 创建授权grant 指定要操作的对象 **db_name.table_name** 查看授权 取消授权REVOKE
数据库权限grant
创建授权grant
- 权限类型(priv_type)
权限类型 |
代表什么? |
ALL |
所有权限 |
SELECT |
读取内容的权限 |
INSERT |
插入内容的权限 |
UPDATE |
更新内容的权限 |
DELETE |
删除内容的权限 |
- 指定要操作的对象 db_name.table_name
表示方式 |
意义 |
*.* |
所有库的所有表 |
db_name |
指定库的所有表 |
db_name.table_name |
指定库的指定表 |
WITH GRANT OPTION:被授权的用户可将自己的权限副本转赠给其他用户,说白点就是将自己的权限完全复制给另一个用户。不建议使用。
查看授权
- 查看当前登录用户的授权信息
MariaDB [(none)]> show grants;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root@localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' WITH GRANT OPTION |
| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
- 查看指定用户admin的授权信息
MariaDB [(none)]> show grants for admin@localhost;
+--------------------------------------------------------------------------------------------------------------+
| Grants for admin@localhost |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'admin'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' |
+--------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
取消授权REVOKE
- 语法:REVOKE priv_type,... ON db_name.table_name FROM 'username'@'host';
MariaDB [(none)]> revoke all on *.* from admin@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
- 注意:mysql服务进程启动时会读取mysql库中的所有授权表至内存中:
- GRANT或REVOKE等执行权限操作会保存于表中,mysql的服务进程会自动重读授权表,并更新至内存中
- 对于不能够或不能及时重读授权表的命令,可手动让mysql的服务进程重读授权表
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)