MySQL的受權
grant 受權
什麼是用戶受權:在數據庫服務器上添加新的鏈接用戶,並設置權限和密碼。
mysql
爲何要用受權:若是沒有受權用戶,那麼只能有root用戶在本機登錄數據庫,其它用戶沒法登錄。
沒有受權時,其它主機也沒法訪問數據庫。sql
指令格式:數據庫
mysql> grant 權限列表 on 庫名 to 用戶名@"客戶端地址" identified by "密碼" ;服務器
權限列表:ide
all 全部權限
usage 只能鏈接上數據庫,沒有任何權限
select,update,inseret ... 個別權限,這個權限對全部字段有效
select,update(字段1,字段2...) 只能對指定的字段有相應的權 spa
庫名:
*.* 全部庫全部表
庫名.* 一個庫
庫名.表名 一張表code
用戶名:
受權時能夠自定義,要有標識性,容易記,能夠名中看出用途存儲在mysql庫的user表裏blog
客戶端地址:
% 表示互聯網上的全部主機0
192.168.4.% 網段內的全部主機
192.168.4.1 1臺主機
localhost 數據庫服務器本機table
受權舉例1: 添加admin用戶,容許從192.168.4.0/24網段鏈接,對db3庫的user表有查詢權限,密碼爲123456 mysql> grant select on db3.user to admin@"192.168.4.%" identified by "123456";
受權舉例2: 添加admin2,容許從本機鏈接,容許以db3庫的全部表有 查詢,更新,插入刪除記錄權限,密碼爲123456 mysql> grant select ,insert,update,delete on db3.* to admin2@"localhost" identified by "123456";
受權庫class
grant受權的信息是保存在受權庫中的,mysql庫記錄了受權信息,主要的表以下:
user 記錄已有的受權用戶及權限
db 記錄已有受權用戶對數據庫的訪問權限
tables_priv 記錄已有受權用戶對錶的訪問權限
columns_priv 記錄已有受權用戶對字段的訪問權限
一 查看當前columns_priv,tables_priv,db,user表中的受權用戶
mysql> select user,host,db,table_name,column_name from mysql.columns_priv; Empty set (0.00 sec) #columns_priv表當前爲空,說明當前數據庫沒有真對某些字段的受權
mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+-----+------------+ #tables_priv表中只有系統默認的受權用戶msyql.sys
| user | host | db | table_name |
+-----------+-----------+-----+------------+
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+-----+------------+ mysql> select user,host,db from mysql.db; +-----------+-----------+-----+ #db表中也是系統默認受權用戶mysql.sys
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+ mysql> select user,host from mysql.user; +-----------+-----------+ #user表中有系統默認用戶mysql.sys和root
| user | host |
+-----------+-----------+
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+
二 添加真對school.student表中「學號」,「姓名」,「性別」這三個字段的受權用戶col_user
mysql> grant select,update(學號,姓名,性別),insert on school.student to col_user@'%' identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#在columns_priv表中查看受權用戶,每條記錄是一個受權字段 +----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 學號 |
| col_user | % | school | student | 性別 |
+----------+------+--------+------------+-------------+ mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+ #在tables_priv表中也能夠看到該用戶對school.student表有訪問權限
| user | host | db | table_name | #具體權限須要用show grants查看
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+
mysql> show grants for col_user@'%'; #經過show grants查看col_user對school.student的具體權限
+-----------------------------------------------------------------------------------------------+
| Grants for col_user@% |
+-----------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'col_user'@'%' |
| GRANT SELECT, INSERT, UPDATE (性別, 學號, 姓名) ON `school`.`student` TO 'col_user'@'%' |
+-----------------------------------------------------------------------------------------------+
mysql> select user,host,db from mysql.db; +-----------+-----------+-----+ #db表中看不到該用戶
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+ mysql> select user,host from mysql.user; +-----------+-----------+ #在user表中能夠看到該用戶
| user | host |
+-----------+-----------+
| col_user | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+ mysql>
三 添加受權用戶tab_user1,tab_user2對錶school.teacher,school.student的訪問權限
mysql> grant all on school.teacher to tab_user1@'%' identified by "123456"; mysql> grant select on school.student to tab_user2@'%' identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#colunm_priv表中受權記錄的用戶沒有變化 +----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 學號 |
| col_user | % | school | student | 性別 |
+----------+------+--------+------------+-------------+ #tables_priv表中能夠看到tab_user1,tab_user2用戶 mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+ mysql> show grants for tab_user1@'%'; #經過show grants能夠看出tab_user1,tab_user2的具體受權權限 +---------------------------------------------------------------+
| Grants for tab_user1@% |
+---------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'tab_user1'@'%' |
| GRANT ALL PRIVILEGES ON `school`.`teacher` TO 'tab_user1'@'%' |
+---------------------------------------------------------------+ mysql> show grants for tab_user2@'%'; +-------------------------------------------------------+
| Grants for tab_user2@% |
+-------------------------------------------------------+
| GRANT USAGE ON *.* TO 'tab_user2'@'%' |
| GRANT SELECT ON `school`.`student` TO 'tab_user2'@'%' |
+-------------------------------------------------------+ mysql> select user,host,db from mysql.db; #db表中沒有變化 +-----------+-----------+-----+
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+ mysql> select user,host from mysql.user; #user表中能夠看到tab_user1,tab_user2 +-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| tab_user1 | % |
| tab_user2 | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+ mysql>
四 添加受權用戶db_user1,db_user2用戶對庫school,school2的訪問權限
mysql> grant all on school.* to db_user1@'%' identified by "123456"; mysql> grant select on school2.* to db_user2@'%' identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#只要沒有對任意表中字段的受權,column_priv表不會有變化 +----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 學號 |
| col_user | % | school | student | 性別 |
+----------+------+--------+------------+-------------+ mysql> select user,host,db,table_name from mysql.tables_priv;
#添加了真對庫的受權用戶,沒有對錶的受權用戶因此db表中也不會變化 +-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+ mysql> select user,host,db from mysql.db; #db表中能夠看到添加的受權用戶 +-----------+-----------+---------+
| user | host | db |
+-----------+-----------+---------+
| db_user1 | % | school |
| db_user2 | % | school2 |
| mysql.sys | localhost | sys |
+-----------+-----------+---------+ mysql> select user,host from mysql.user; #只要添加了受權用戶user表中都會有記錄 +-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| db_user1 | % |
| db_user2 | % |
| tab_user1 | % |
| tab_user2 | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+ mysql> 五 添加受權用戶user對全部庫和表有訪問權限
mysql> grant all on *.* to user@'%' identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv; +----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 學號 |
| col_user | % | school | student | 性別 |
+----------+------+--------+------------+-------------+
3 rows in set (0.00 sec) mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+
4 rows in set (0.01 sec) mysql> select user,host,db from mysql.db; +-----------+-----------+---------+
| user | host | db |
+-----------+-----------+---------+
| db_user1 | % | school |
| db_user2 | % | school2 |
| mysql.sys | localhost | sys |
+-----------+-----------+---------+
3 rows in set (0.00 sec) mysql> select user,host from mysql.user; #只有在user表中能夠看到use_user +-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| db_user1 | % |
| db_user2 | % |
| tab_user1 | % |
| tab_user2 | % |
| use_user | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+ mysql>
- 1. mysql grant受權
- 2. DBA-mysql-受權
- 3. mysql受權
- 4. mysql受權grant
- 5. MySQL受權
- 6. mysql受權SQL
- 7. mysql受權與撤銷受權
- 8. mysql受權 遠程訪問受權
- 9. mysql受權主機+受權用戶
- 10. MySQL的用戶受權
- 更多相關文章...
- • MySQL用戶授權(GRANT) - MySQL教程
- • Rust 所有權 - RUST 教程
- • 漫談MySQL的鎖機制
- • 互聯網組織的未來:剖析GitHub員工的任性之源
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. python的安裝和Hello,World編寫
- 2. 重磅解讀:K8s Cluster Autoscaler模塊及對應華爲雲插件Deep Dive
- 3. 鴻蒙學習筆記2(永不斷更)
- 4. static關鍵字 和構造代碼塊
- 5. JVM筆記
- 6. 無法啓動 C/C++ 語言服務器。IntelliSense 功能將被禁用。錯誤: Missing binary at c:\Users\MSI-NB\.vscode\extensions\ms-vsc
- 7. 【Hive】Hive返回碼狀態含義
- 8. Java樹形結構遞歸(以時間換空間)和非遞歸(以空間換時間)
- 9. 數據預處理---缺失值
- 10. 都要2021年了,現代C++有什麼值得我們學習的?
- 1. mysql grant受權
- 2. DBA-mysql-受權
- 3. mysql受權
- 4. mysql受權grant
- 5. MySQL受權
- 6. mysql受權SQL
- 7. mysql受權與撤銷受權
- 8. mysql受權 遠程訪問受權
- 9. mysql受權主機+受權用戶
- 10. MySQL的用戶受權