mysql用户和权限管理(Linux系统下)
在mysql自带的库中有一个mysql,这个库包含了太多的东西,其中有一张表user,这张表存储了所有的用户信息。
mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *E01F5425C006D5AF5E3E22EEF9D6AF6BD19FDFED | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | +------+-----------------------+-------------------------------------------+ 6 rows in set (0.00 sec)
一、重置密码
首先来解决,如果root密码忘记了,该怎么解决?
找回密码有前提,前提就是你能够停止mysql服务。
1)停服务
# /etc/init.d/mysqld stop
2)使用跳过授权表的方式启动数据库
# mysqld_safe --skip-grant-tables --user=mysql &
关闭:mysqladmin shutdown
3)匿名登录
# mysql
4)修改user表
mysql> update user set password='' where user='root' and host='localhost';
5)重启mysql服务
# /etc/init.d/mysqld restart
6)重设密码
二、用户管理
1.创建用户
语法:create user 用户名@主机 identified by 密码;
mysql> create user kebi@localhost identified by '123'; Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec)
2.删除用户
语法:drop user 用户名@主机;
mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | +------+-----------------------+-------------------------------------------+ 6 rows in set (0.00 sec)
3.授权
grant不仅可以用来授权,还可以用来创建用户;
授权的语法:grant 权限列表 on 库名.表名 to 用户@主机 identified by '密码';
刷新权限:flush privileges;
mysql> grant all on *.* to kebi@'192.168.%.%' identified by '123'; #*.*:所有库上的所有表; 192.168.%.%:192.168内的所有Ip;123:密码 Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | 192.168.%.% | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec)
mysql> grant select,insert on class_7.* to maoxian@localhost identified by '123'; 授权 读,写 在库 class_7上的所有表 对于 毛线 用123登陆 Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +---------+-----------------------+-------------------------------------------+ | user | host | password | +---------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | 192.168.%.% | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | maoxian | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +---------+-----------------------+-------------------------------------------+ 8 rows in set (0.00 sec)
4.查看用户权限
回收语法:show grants for 用户@主机;
mysql> show grants for maoxian@localhost; +----------------------------------------------------------------------------------------------------------------+ | Grants for maoxian@localhost | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'maoxian'@'localhost' IDENTIFIED BY PASSWORD '*23AE809DDACAF96AF0FD78ED04B6A265E05AA257' | | GRANT SELECT, INSERT ON `class_7`.* TO 'maoxian'@'localhost' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
5.回收权限
回收权限有两种方法:删除用户和revoke
回收语法: revoke 权限 on 库名.表名 from 用户@主机;
mysql> revoke insert,select on *.* from maoxian@localhost; Query OK, 0 rows affected (0.00 sec)
mysql> revoke all on *.* from maoxian@localhost; Query OK, 0 rows affected (0.00 sec)
分类:
数据库
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· 终于写完轮子一部分:tcp代理 了,记录一下
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 别再用vector<bool>了!Google高级工程师:这可能是STL最大的设计失误
· 单元测试从入门到精通
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理