Mysql用戶基礎操做與權限配置

當前使用的user及host:

mysql> select USER();

+----------------+

| USER()         |

+----------------+

| root@localhost |

+----------------+

1 row in set (0.00 sec)

添加用戶

mysql5之前版本直接使用 INSERT 向 mysql 表中插入mysql用戶了,mysql5以後不能夠這樣操做

mysql> insert into mysql.user(Host,User,Password) values('localhost','test_user',password('123123'));

ERROR 1062 (23000): Duplicate entry 'localhost-test_user' for key 'PRIMARY'

增長用戶 {授予用戶指定數據表權限 [使用 GRANT 命令 對用戶進行相應受權]}

mysql> GRANT all privileges ON table1.* TO 
'test_user'@'localhost' IDENTIFIED BY '123123' WITH GRANT OPTION;

Query OK, 0 rows affected (0.02 sec)

IDENTIFIED BY 指定用戶的登陸密碼

ALL PRIVILEGES 是表示全部權限，也能夠使用 select、update 等權限  
*.\  中前面的*號用來指定數據庫名，後面的*號用來指定表名  
TO 表示將權限賦予某個用戶  
ON 用來指定權限針對哪些庫和表  
'test_user'@'localhost' 表示test_user用戶，@後面接限制的主機，能夠是IP、IP段、域名以及%，%表示任何地方  
WITH GRANT OPTION 這個選項表示該用戶能夠將本身擁有的權限受權給別人
 
須要刷新系統權限表[flush privilege] 該用戶才能生效登陸

mysql> flush privileges;

刪除用戶

mysql> drop user 'test_user'@'localhost';

查看當前用戶的權限

mysql> SHOW GRANTS;
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root@localhost                                                                                                              |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '\*E56A114692FE0DE073F9A1DD68A00EEB9703F3F1' WITH GRANT OPTION |
| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION                                                                           |
+----------------------------------------------------------------------------------------------------------------------------------------+

查看某個用戶的權限

mysql> show grants for 'test_user'@'localhost'
+------------------------------------------------------------------------------------------------------------+
| Grants for test_user@localhost                                                                                   |
+------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'test_user'@'localhost' IDENTIFIED BY PASSWORD '\*E56A114692FE0DE073F9A1DD68A00EEB9703F3F1' |
| GRANT ALL PRIVILEGES ON table1.* TO 'test_user'@'localhost' WITH GRANT OPTION                                 |
+------------------------------------------------------------------------------------------------------------+

對帳戶重命名

mysql> rename user 'test_user'@'localhost' to 'bb'@'localhost';

修改密碼

1.用set password命令

mysql> SET PASSWORD FOR 'test_user'@'localhost' = PASSWORD('123456');

2.用 mysqladmin [進入bin目錄]   
備註:{格式: mysqladmin -u用戶名 -p舊密碼 password 新密碼]

/usr/bin$ mysqladmin -utest_user -p123456 password 123123
mysqladmin: Can't turn off logging; error: 'Access denied; you need (at least one of) the SUPER privilege(s) for this operation'

3.用 update 直接編輯 user 表

mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update user set PASSWORD = PASSWORD('123123') where user = 'test_user';
Query OK, 1 row affected (0.04 sec)
Rows matched: 1  Changed: 1  Warnings: 0