mysql 用户与权限

 

1、用户

1)创建用户   "create user '用户'@'host' identified by '密码';"

在5.7以后的版本中要求密码包含至少一个大写字母,一个小写字母,一个数字和一个特殊字符,并且密码总长度至少为8个字符。

创建一个用户 'zhangsan',在同一网段内的主机都可以访问

create user 'zhangsan'@'192.168.1.%' identified by 'as-AS-12';

2)查看用户   "select user, host from user;"

mysql用户的所有信息都存储在 mysql.user 表中,主要包含用户的能连接mysql的主机ip,用户名,加密后的密码,权限。

host字段表示能连接mysql的的主机ip,"%" 所有的ip都能进行登录。

mysql> use mysql;
Database changed

mysql> select user,host from user;
+---------------+-----------+
| user          | host      |
+---------------+-----------+
| root          | %         |
| mysql.session | localhost |
| mysql.sys     | localhost |
+---------------+-----------+
3 rows in set (0.00 sec)

3)删除用户  "drop user '用户'@'host'; "

drop user 'zhangsan'@'192.168.1.%';

4)修改用户   "rename  user  '用户'@'host'  to  '修改后的用户名'@'host';"

rename user 'zhangsan'@'192.168.1.%' to 'zhangsan'@'192.168.1.150';

5)修改密码

① 修改密码方式1,在命令行--这种方式要确认本机有连接 'zhangsan' 用户的权限,否则无法更改。

[root@mini ~]# mysqladmin -uzhangsan -p password
Enter password:
New password:
Confirm new password:

② 修改密码方式2

mysql> alter user 'zhangsan'@'%' identified by 'as-AS-12';

在mysql8.0以上的版本采用了新的加密方式,以下两种在8.0不适用

③ 修改密码方式3,在mysql中修改,只有root用户与用户自己能修改密码

mysql> set password for 'zhangsan'@'%' = password('sa-SA-12');

④ 修改密码方式4,在mysql中修改。

一定要记得where条件,否则所有的用户密码都修改了,谨慎使用,这种方式需要对mysql.user表有update权限。可以用root用户登录修改。

5.7以下的版本将 authentication_string 改为password 即可

update user set authentication_string=password('as-AS-12') where user = 'zhangsan';
flush privileges;

6)某个用户多个ip访问

create user 'zhangsan'@'192.168.1.2' identified by 'as-AS-12';
create user 'zhangsan'@'192.168.1.3' identified by 'as-AS-12';
create user 'zhangsan'@'192.168.1.4' identified by 'as-AS-12';

 

2、权限

1)所有的权限

有关mysql所有权限可查看官方文档  https://dev.mysql.com/doc/refman/5.7/en/privileges-provided.html   

2)查看权限   "show grants for '用户'@'host';"     *:代表所有数据库或数据表

查看 'zhangsan' 的权限,如下 'zhangsan' 并没有任何的权限。

mysql> show grants for 'zhangsan'@'%';
+------------------------------------------------+
| Grants for zhangsan@%                            |
+------------------------------------------------+
| GRANT USAGE ON *.* TO 'zhangsan'@'%'  |
+------------------------------------------------+
1 row in set (0.00 sec) 

3)权限赋予  "grant 权限 on 数据库.数据表 to '用户'@'host';"

① 给 'zhangsan' 赋予 'update, select, insert' 权限,在test2数据库的所有表

mysql> grant select, update, insert on test2.* to 'zhangsan'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for 'zhangsan'@'%';
+-------------------------------------------------------------+
| Grants for zhangsan@%                                       |
+-------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'zhangsan'@'%'                        |
| GRANT SELECT, INSERT, UPDATE ON `test2`.* TO 'zhangsan'@'%' |
+-------------------------------------------------------------+
2 rows in set (0.00 sec)

② 给 'zhangsan' 赋予 'all privileges' 权限,在所有的数据库的所有表中

mysql> grant all privileges on *.* to 'zhangsan'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for 'zhangsan'@'%';
+-------------------------------------------------------------+
| Grants for zhangsan@%                                       |
+-------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'zhangsan'@'%'               |
| GRANT SELECT, INSERT, UPDATE ON `test2`.* TO 'zhangsan'@'%' |
+-------------------------------------------------------------+
2 rows in set (0.00 sec)

4)删除权限  "revoke 权限 on 数据库.数据表 from '用户'@'host';"    *:代表所有数据库或数据表

① 删除  'zhangsan'  在  *.*  的 'all privileges' 权限

mysql> revoke all privileges on *.* from 'zhangsan'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for 'zhangsan'@'%';
+-------------------------------------------------------------+
| Grants for zhangsan@%                                       |
+-------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'zhangsan'@'%'                        |
| GRANT SELECT, INSERT, UPDATE ON `test2`.* TO 'zhangsan'@'%' |
+-------------------------------------------------------------+
2 rows in set (0.00 sec)

② 删除  'zhangsan'  在  'test2'.*  的  'insert,  update' 权限

mysql> revoke insert, update on test2.* from 'zhangsan'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for 'zhangsan'@'%';
+---------------------------------------------+
| Grants for zhangsan@%                       |
+---------------------------------------------+
| GRANT USAGE ON *.* TO 'zhangsan'@'%'        |
| GRANT SELECT ON `test2`.* TO 'zhangsan'@'%' |
+---------------------------------------------+
2 rows in set (0.00 sec)

 

posted @ 2018-10-22 10:07  nonzero  阅读(3570)  评论(0编辑  收藏  举报