MySQL/MariaDB數據庫的用戶和權限管理
MySQL/MariaDB數據庫的用戶和權限管理html
做者:尹正傑node
版權聲明:原創做品,謝絕轉載!不然將追究法律責任。mysql
一.元數據數據庫(mysql)sql
系統受權表(均在mysql數據庫中):
db
host
user:
存放用戶的表。
columns_priv
tables_priv
procs_priv
proxies_priv
MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; #查看MySQL實例安全初始化後的默認用戶 +------+-----------+ | user | host | +------+-----------+ | root | 127.0.0.1 | | root | ::1 | | root | localhost | +------+-----------+ 3 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
二.用戶帳號數據庫
Mysql帳號由兩部分組成,即用戶名加主機名。具體格式爲:'USERNAME'@'HOST' 說明: USERNAME表示用戶名稱; @表示默認的分隔符; HOST表示主機名稱;
三.用戶管理vim
1>.建立用戶centos
MariaDB [yinzhengjie]> HELP CREATE USER Name: 'CREATE USER' Description: Syntax: CREATE USER user_specification [, user_specification] ... user_specification: user [ IDENTIFIED BY [PASSWORD] 'password' | IDENTIFIED WITH auth_plugin [AS 'auth_string'] ] The CREATE USER statement creates new MySQL accounts. To use it, you must have the global CREATE USER privilege or the INSERT privilege for the mysql database. For each account, CREATE USER creates a new row in the mysql.user table and assigns the account no privileges. An error occurs if the account already exists. Each account name uses the format described in https://mariadb.com/kb/en/create-user#account-names. For example: CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass'; If you specify only the user name part of the account name, a host name part of '%' is used. The user specification may indicate how the user should authenticate when connecting to the server: o To enable the user to connect with no password (which is insecure), include no IDENTIFIED BY clause: CREATE USER 'jeffrey'@'localhost'; In this case, the account uses built-in authentication and clients must provide no password. o To assign a password, use IDENTIFIED BY with the literal plaintext password value: CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass'; The account uses built-in authentication and clients must match the given password. o To avoid specifying the plaintext password if you know its hash value (the value that PASSWORD() would return for the password), specify the hash value preceded by the keyword PASSWORD: CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY PASSWORD '*90E462C37378CED12064BB3388827D2BA3A9B689'; The account uses built-in authentication and clients must match the given password. o To authenticate the account using a specific authentication plugin, use IDENTIFIED WITH, where auth_plugin is the plugin name. It can be an unquoted name or a quoted string literal. 'auth_string' is an optional quoted string literal to pass to the plugin. The plugin interprets the meaning of the string, so its format is plugin specific. Consult the documentation for a given plugin for information about the authentication string values it accepts. CREATE USER 'jeffrey'@'localhost' IDENTIFIED WITH my_auth_plugin; For connections that use this account, the server invokes the named plugin and clients must provide credentials as required for the authentication method that the plugin implements. If the server cannot find the plugin, either at account-creation time or connect time, an error occurs. IDENTIFIED WITH can be used as of MySQL 5.5.7. The IDENTIFIED BY and IDENTIFIED WITH clauses are mutually exclusive, so at most one of them can be specified for a given user. For additional information about setting passwords, see https://mariadb.com/kb/en/create-user/. URL: https://mariadb.com/kb/en/create-user/ MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +------+-----------+ | user | host | +------+-----------+ | root | 127.0.0.1 | | root | ::1 | | root | localhost | +------+-----------+ 3 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> CREATE USER jason@'172.30.1.%' IDENTIFIED BY 'yinzhengjie'; #建立一個默認權限爲"USAGE"權限用戶,即該用戶僅有登陸鏈接數據庫權限。 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +-------+------------+ | user | host | +-------+------------+ | root | 127.0.0.1 | | jason | 172.30.1.% | | root | ::1 | | root | localhost | +-------+------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]>
[root@node101.yinzhengjie.org.cn ~]# mysql -ujason -pyinzhengjie -h 172.30.1.105 #測試用戶是否能夠正常登陸 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 9 Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> mysql> STATUS -------------- mysql Ver 8.0.18 for Linux on x86_64 (MySQL Community Server - GPL) Connection id: 9 Current database: Current user: jason@172.30.1.101 SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Protocol version: 10 Connection: 172.30.1.105 via TCP/IP Server characterset: utf8mb4 Db characterset: utf8mb4 Client characterset: utf8mb4 Conn. characterset: utf8mb4 TCP port: 3306 Uptime: 19 min 19 sec Threads: 8 Questions: 19 Slow queries: 0 Opens: 21 Flush tables: 1 Open tables: 15 Queries per second avg: 0.016 -------------- mysql> SELECT USER(); +--------------------+ | USER() | +--------------------+ | jason@172.30.1.101 | +--------------------+ 1 row in set (0.00 sec) mysql> mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | +--------------------+ 1 row in set (0.00 sec) mysql>
2>.用戶重命名安全
MariaDB [yinzhengjie]> HELP RENAME USER Name: 'RENAME USER' Description: Syntax: RENAME USER old_user TO new_user [, old_user TO new_user] ... The RENAME USER statement renames existing MySQL accounts. To use it, you must have the global CREATE USER privilege or the UPDATE privilege for the mysql database. An error occurs if any old account does not exist or any new account exists. Each account name uses the format described in https://mariadb.com/kb/en/create-user/#account-names. For example: RENAME USER 'jeffrey'@'localhost' TO 'jeff'@'127.0.0.1'; If you specify only the user name part of the account name, a host name part of '%' is used. RENAME USER causes the privileges held by the old user to be those held by the new user. However, RENAME USER does not automatically drop or invalidate databases or objects within them that the old user created. This includes stored programs or views for which the DEFINER attribute names the old user. Attempts to access such objects may produce an error if they execute in definer security context. (For information about security context, see https://mariadb.com/kb/en/stored-routine-privileges/.) The privilege changes take effect as indicated in http://dev.mysql.com/doc/refman/5.5/en/privilege-changes.html. URL: https://mariadb.com/kb/en/rename-user/ MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +-------+------------+ | user | host | +-------+------------+ | root | 127.0.0.1 | | jason | 172.30.1.% | | root | ::1 | | root | localhost | +-------+------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> RENAME USER jason@'172.30.1.%' TO jason@'192.168.100.105'; #將用戶從新命名 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +-------+-----------------+ | user | host | +-------+-----------------+ | root | 127.0.0.1 | | jason | 192.168.100.105 | | root | ::1 | | root | localhost | +-------+-----------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
3>.刪除用戶網絡
MariaDB [yinzhengjie]> HELP DROP USER Name: 'DROP USER' Description: Syntax: DROP USER user [, user] ... The DROP USER statement removes one or more MySQL accounts and their privileges. It removes privilege rows for the account from all grant tables. To use this statement, you must have the global CREATE USER privilege or the DELETE privilege for the mysql database. Each account name uses the format described in https://mariadb.com/kb/en/create-user#account-names. For example: DROP USER 'jeffrey'@'localhost'; If you specify only the user name part of the account name, a host name part of '%' is used. URL: https://mariadb.com/kb/en/drop-user/ MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +-------+-----------------+ | user | host | +-------+-----------------+ | root | 127.0.0.1 | | jason | 192.168.100.105 | | root | ::1 | | root | localhost | +-------+-----------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> DROP USER jason@'192.168.100.105'; #刪除'jason'@'192.168.100.105'用戶 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host FROM mysql.user; +------+-----------+ | user | host | +------+-----------+ | root | 127.0.0.1 | | root | ::1 | | root | localhost | +------+-----------+ 3 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
4>.修改密碼socket
MariaDB [yinzhengjie]> HELP SET PASSWORD Name: 'SET PASSWORD' Description: Syntax: SET PASSWORD [FOR user] = { PASSWORD('cleartext password') | OLD_PASSWORD('cleartext password') | 'encrypted password' } The SET PASSWORD statement assigns a password to an existing MySQL user account. When the read_only system variable is enabled, the SUPER privilege is required to use SET PASSWORD, in addition to whatever other privileges might be required. If the password is specified using the PASSWORD() or OLD_PASSWORD() function, the cleartext (unencrypted) password should be given as the argument to the function, which hashes the password and returns the encrypted password string. If the password is specified without using either function, it should be the already encrypted password value as a literal string. In all cases, the encrypted password string must be in the format required by the authentication method used for the account. The old_passwords system variable value determines the hashing method used by PASSWORD(). If you specify the password using that function and SET PASSWORD rejects the password as not being in the correct format, it may be necessary to set old_passwords to change the hashing method. For descriptions of the permitted values, see https://mariadb.com/kb/en/server-system-variables#old_passwords. With no FOR user clause, this statement sets the password for the current user. (To see which account the server authenticated you as, invoke the CURRENT_USER() function.) Any client who successfully connects to the server using a nonanonymous account can change the password for that account. With a FOR user clause, this statement sets the password for the named user. You must have the UPDATE privilege for the mysql database to do this. The user account name uses the format described in https://mariadb.com/kb/en/create-user#account-names. The user value should be given as 'user_name'@'host_name', where 'user_name' and 'host_name' are exactly as listed in the User and Host columns of the mysql.user table row. (If you specify only a user name, a host name of '%' is used.) For example, to set the password for an account with User and Host column values of 'bob' and '%.example.org', write the statement like this: SET PASSWORD FOR 'bob'@'%.example.org' = PASSWORD('cleartext password'); URL: https://mariadb.com/kb/en/set-password/ MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +-------+------------+-------------------------------------------+ | user | host | password | +-------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +-------+------------+-------------------------------------------+ rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SET PASSWORD FOR jason@'172.30.1.%' = PASSWORD('centos8'); #爲jason@'172.30.1.%'用戶修改密碼爲"centos8"。 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +-------+------------+-------------------------------------------+ | user | host | password | +-------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *515CE264AF5A9076EC5876689206AB3C06E20340 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +-------+------------+-------------------------------------------+ rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
[root@node101.yinzhengjie.org.cn ~]# mysql -ujason -pyinzhengjie -h 172.30.1.105 #使用以前的密碼沒法登陸 mysql: [Warning] Using a password on the command line interface can be insecure. ERROR 1045 (28000): Access denied for user 'jason'@'172.30.1.101' (using password: YES) [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# mysql -ujason -pcentos8 -h 172.30.1.105 #使用修改後的密碼登陸成功 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 13 Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> STATUS -------------- mysql Ver 8.0.18 for Linux on x86_64 (MySQL Community Server - GPL) Connection id: 13 Current database: Current user: jason@172.30.1.101 SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Protocol version: 10 Connection: 172.30.1.105 via TCP/IP Server characterset: utf8mb4 Db characterset: utf8mb4 Client characterset: utf8mb4 Conn. characterset: utf8mb4 TCP port: 3306 Uptime: 42 min 52 sec Threads: 8 Questions: 57 Slow queries: 0 Opens: 21 Flush tables: 1 Open tables: 15 Queries per second avg: 0.022 -------------- mysql> mysql>
MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +-------+------------+-------------------------------------------+ | user | host | password | +-------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *515CE264AF5A9076EC5876689206AB3C06E20340 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +-------+------------+-------------------------------------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> UPDATE mysql.user SET password=PASSWORD('yinzhengjie') WHERE user = 'jason'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +-------+------------+-------------------------------------------+ | user | host | password | +-------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +-------+------------+-------------------------------------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> FLUSH PRIVILEGES; #若使用上面的方式修改密碼須要執行該條指令才能生效。 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]>
5>.忘記管理員密碼的解決辦法
啓動mysqld進程時,爲其使用以下選項: skip-grant-tables
skip-networking
使用UPDATE命令修改管理員密碼
關閉mysqld進程,移除上述兩個選項,重啓mysqld
[root@node105.yinzhengjie.org.cn ~]# cat /mysql/3306/etc/my.cnf #修改該配置文件記得重啓MySQL實例 [mysqld] character-set-server=utf8mb4 skip-grant-tables #跳過受權表驗證 skip-networking #不啓用網絡服務,即僅能使用套接字方式鏈接MySQL數據庫 port = 3306 datadir = /mysql/3306/data socket = /mysql/3306/socket/mysql.sock [mysqld_safe] log-error = /mysql/3306/log/mariadb.log pid-file = /mysql/3306/pid/mariadb.pid [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# /usr/local/mysql/bin/mysqld_safe --defaults-file=/mysql/3306/etc/my.cnf &> /dev/null & #手動啓動MySQL [1] 4485 [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# ps -ef | grep mysql #發現進程存在就正常啦 root 4485 3428 0 07:10 pts/0 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --defaults-file=/mysql/3306/etc/my.cnf mysql 4573 4485 2 07:10 pts/0 00:00:00 /usr/local/mysql/bin/mysqld --defaults-file=/mysql/3306/etc/my.cnf --basedir=/usr/local/mysql --d atadir=/mysql/3306/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/mysql/3306/log/mariadb.log --pid-file=/mysql/3306/pid/mariadb.pid --socket=/mysql/3306/socket/mysql.sock --port=3306root 4605 3428 0 07:10 pts/0 00:00:00 grep --color=auto mysql [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# ss -ntl #因爲咱們開啓了"skip-networking"參數,所以不會對外暴漏默認的3306端口,外界就沒法鏈接我們正在維護的數據庫啦。 State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 128 :::22 :::* [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# ll /mysql/3306/pid/ #MySQL的pid文件 total 4 -rw-rw---- 1 mysql mysql 5 Oct 29 07:10 mariadb.pid [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# cat /mysql/3306/pid/mariadb.pid #該文件保存的id就是mariadb的進程id號,發現和上面ps命令的查詢結果一致 4573 [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# ll /mysql/3306/socket/ #雖說咱們沒法經過端口鏈接了,可是因爲我們在維護數據庫,能夠直接使用socket套接字的方式鏈接數據庫喲~ total 0 srwxrwxrwx 1 mysql mysql 0 Oct 29 07:10 mysql.sock [root@node105.yinzhengjie.org.cn ~]#
[root@node105.yinzhengjie.org.cn ~]# mysql -S /mysql/3306/socket/mysql.sock Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 8 Server version: 10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> MariaDB [(none)]> UPDATE mysql.user SET password=PASSWORD('yinzhengjie') WHERE user = 'root'; #修改root密碼後理論上咱們得刷新權限,但考慮後面咱們仍要重啓MySQL實例,所以此處經過修改表的方式修改管理員root密碼後直接修改MySQL服務的配置文件並重啓服務便可。 Query OK, 0 rows affected (0.00 sec) Rows matched: 3 Changed: 0 Warnings: 0 MariaDB [(none)]> MariaDB [(none)]> QUIT Bye [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# pkill mysql #密碼修改爲功後咱們殺死Mysql進程 [root@node105.yinzhengjie.org.cn ~]# [1]+ Done /usr/local/mysql/bin/mysqld_safe --defaults-file=/mysql/3306/etc/my.cnf &>/dev/null [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# vim /mysql/3306/etc/my.cnf [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# cat /mysql/3306/etc/my.cnf #修改配置文件,將以前的配置刪除掉。 [mysqld] character-set-server=utf8mb4 port = 3306 datadir = /mysql/3306/data socket = /mysql/3306/socket/mysql.sock [mysqld_safe] log-error = /mysql/3306/log/mariadb.log pid-file = /mysql/3306/pid/mariadb.pid [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# /usr/local/mysql/bin/mysqld_safe --defaults-file=/mysql/3306/etc/my.cnf &> /dev/null & #再次手動啓動MySQL,固然也可使用腳本啓動喲~ [1] 4749 [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# mysql -S /mysql/3306/socket/mysql.sock #咱們發現此時若沒有密碼則沒法登陸MySQL數據庫啦 ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [root@node105.yinzhengjie.org.cn ~]# [root@node105.yinzhengjie.org.cn ~]# mysql -uroot -pyinzhengjie -S /mysql/3306/socket/mysql.sock #使用咱們修改後的root密碼登陸數據庫便可。 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 10 Server version: 10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> MariaDB [(none)]> STATUS -------------- mysql Ver 15.1 Distrib 10.2.19-MariaDB, for Linux (x86_64) using readline 5.1 Connection id: 10 Current database: Current user: root@localhost SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server: MariaDB Server version: 10.2.19-MariaDB MariaDB Server Protocol version: 10 Connection: Localhost via UNIX socket Server characterset: utf8mb4 Db characterset: utf8mb4 Client characterset: utf8mb4 Conn. characterset: utf8mb4 UNIX socket: /mysql/3306/socket/mysql.sock Uptime: 45 sec Threads: 7 Questions: 6 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.133 -------------- MariaDB [(none)]>
四.MySQL權限管理
1>.權限類別
管理類: CREATE TEMPORARY TABLES CREATE USER FILE SUPER SHOW DATABASES RELOAD SHUTDOWN REPLICATION SLAVE REPLICATION CLIENT LOCK TABLES PROCESS
程序類:FUNCTION(函數),PROCEDURE(存儲過程),TRIGGER(觸發器) CREATE ALTER DROP EXCUTE 數據庫和級別:DATABASE(數據庫),TABLE(表) ALTER CREATE CREATE VIEW DROP INDEX SHOW VIEW GRANT OPTION:能將本身得到的權限轉贈給其餘用戶 數據操做: SELECT INSERT DELETE UPDATE 字段級別: SELECT(col1,col2,...) UPDATE(col1,col2,...) INSERT(col1,col2,...) 全部權限: ALL PRIVILEGES 或者 ALL
2>.受權案例
MariaDB [(none)]> HELP GRANT Name: 'GRANT' Description: Syntax: GRANT priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level TO user_specification [, user_specification] ... [REQUIRE {NONE | ssl_option [[AND] ssl_option] ...}] [WITH with_option ...] GRANT PROXY ON user_specification TO user_specification [, user_specification] ... [WITH GRANT OPTION] object_type: TABLE | FUNCTION | PROCEDURE priv_level: * | *.* | db_name.* | db_name.tbl_name | tbl_name | db_name.routine_name user_specification: user [ IDENTIFIED BY [PASSWORD] 'password' | IDENTIFIED WITH auth_plugin [AS 'auth_string'] ] ssl_option: SSL | X509 | CIPHER 'cipher' | ISSUER 'issuer' | SUBJECT 'subject' with_option: GRANT OPTION | MAX_QUERIES_PER_HOUR count | MAX_UPDATES_PER_HOUR count | MAX_CONNECTIONS_PER_HOUR count | MAX_USER_CONNECTIONS count The GRANT statement grants privileges to MySQL user accounts. GRANT also serves to specify other account characteristics such as use of secure connections and limits on access to server resources. To use GRANT, you must have the GRANT OPTION privilege, and you must have the privileges that you are granting. Normally, a database administrator first uses CREATE USER to create an account, then GRANT to define its privileges and characteristics. For example: CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass'; GRANT ALL ON db1.* TO 'jeffrey'@'localhost'; GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost'; GRANT USAGE ON *.* TO 'jeffrey'@'localhost' WITH MAX_QUERIES_PER_HOUR 90; However, if an account named in a GRANT statement does not already exist, GRANT may create it under the conditions described later in the discussion of the NO_AUTO_CREATE_USER SQL mode. The REVOKE statement is related to GRANT and enables administrators to remove account privileges. See [HELP REVOKE]. When successfully executed from the mysql program, GRANT responds with Query OK, 0 rows affected. To determine what privileges result from the operation, use SHOW GRANTS. See [HELP SHOW GRANTS]. URL: https://mariadb.com/kb/en/grant/ MariaDB [(none)]>
MariaDB [(none)]> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | yinzhengjie | +--------------------+ 4 rows in set (0.00 sec) MariaDB [(none)]> MariaDB [(none)]> GRANT ALL ON yinzhengjie.* TO jason@'172.30.1.%'; #將yinzhengjie數據庫下的全部表的全部權限受權給jason@'172.30.1.%'用戶。 Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>
[root@node101.yinzhengjie.org.cn ~]# mysql -ujason -pcentos8 -h 172.30.1.105 #客戶端測試權限是否生效 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 11 Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | yinzhengjie | +--------------------+ 2 rows in set (0.01 sec) mysql> use yinzhengjie Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> mysql> SHOW TABLES; +-----------------------+ | Tables_in_yinzhengjie | +-----------------------+ | classes | | coc | | courses | | scores | | students | | teachers | | toc | +-----------------------+ 7 rows in set (0.00 sec) mysql> mysql> DROP TABLE toc; Query OK, 0 rows affected (0.01 sec) mysql> mysql> SHOW TABLES; +-----------------------+ | Tables_in_yinzhengjie | +-----------------------+ | classes | | coc | | courses | | scores | | students | | teachers | +-----------------------+ 6 rows in set (0.00 sec) mysql>
MariaDB [yinzhengjie]> SELECT * FROM students; #查看待測試表的數據 +-------+---------------+-----+--------+---------+-----------+ | StuID | Name | Age | Gender | ClassID | TeacherID | +-------+---------------+-----+--------+---------+-----------+ | 1 | Shi Zhongyu | 22 | M | 2 | 3 | | 2 | Shi Potian | 22 | M | 1 | 7 | | 3 | Xie Yanke | 53 | M | 2 | 16 | | 4 | Ding Dian | 32 | M | 4 | 4 | | 5 | Yu Yutong | 26 | M | 3 | 1 | | 6 | Shi Qing | 46 | M | 5 | NULL | | 7 | Xi Ren | 19 | F | 3 | NULL | | 8 | Lin Daiyu | 17 | F | 7 | NULL | | 9 | Ren Yingying | 20 | F | 6 | NULL | | 10 | Yue Lingshan | 19 | F | 3 | NULL | | 11 | Yuan Chengzhi | 23 | M | 6 | NULL | | 12 | Wen Qingqing | 19 | F | 1 | NULL | | 13 | Tian Boguang | 33 | M | 2 | NULL | | 14 | Lu Wushuang | 17 | F | 3 | NULL | | 15 | Duan Yu | 19 | M | 4 | NULL | | 16 | Xu Zhu | 21 | M | 1 | NULL | | 17 | Lin Chong | 25 | M | 4 | NULL | | 18 | Hua Rong | 23 | M | 7 | NULL | | 19 | Xue Baochai | 18 | F | 6 | NULL | | 20 | Diao Chan | 19 | F | 7 | NULL | | 21 | Huang Yueying | 22 | F | 6 | NULL | | 22 | Xiao Qiao | 20 | F | 1 | NULL | | 23 | Ma Chao | 23 | M | 4 | NULL | | 24 | Xu Xian | 27 | M | NULL | NULL | | 25 | Sun Dasheng | 100 | M | NULL | NULL | +-------+---------------+-----+--------+---------+-----------+ 25 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SHOW TABLES; +-----------------------+ | Tables_in_yinzhengjie | +-----------------------+ | classes | | coc | | courses | | scores | | students | | teachers | +-----------------------+ 6 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> DESC students; +-----------+---------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +-----------+---------------------+------+-----+---------+----------------+ | StuID | int(10) unsigned | NO | PRI | NULL | auto_increment | | Name | varchar(50) | NO | | NULL | | | Age | tinyint(3) unsigned | NO | | NULL | | | Gender | enum('F','M') | NO | | NULL | | | ClassID | tinyint(3) unsigned | YES | | NULL | | | TeacherID | int(10) unsigned | YES | | NULL | | +-----------+---------------------+------+-----+---------+----------------+ 6 rows in set (0.00 sec) MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +-------+------------+-------------------------------------------+ | user | host | password | +-------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +-------+------------+-------------------------------------------+ 4 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> GRANT SELECT(Name,Age),UPDATE(Name) ON yinzhengjie.students TO centos@'172.30.1.%' IDENTIFIED BY 'yinzhengjie'; #將yinzhengjie.students表的部分權限受權給centos@'172.30.1.%'用戶,若該用戶不存在則自動建立。 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +--------+------------+-------------------------------------------+ | user | host | password | +--------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | centos | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +--------+------------+-------------------------------------------+ 5 rows in set (0.00 sec) MariaDB [yinzhengjie]>
[root@node101.yinzhengjie.org.cn ~]# mysql -ucentos -pyinzhengjie -h 172.30.1.105 #驗證SELECT和UPDATE受權是否生效 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 14 Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | yinzhengjie | +--------------------+ rows in set (0.00 sec) mysql> mysql> USE yinzhengjie Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> mysql> SHOW TABLES; +-----------------------+ | Tables_in_yinzhengjie | +-----------------------+ | students | +-----------------------+ row in set (0.00 sec) mysql> mysql> SELECT * FROM students; #因爲咱們沒有受權整張表的查詢權限,所以只能看到部分字段喲 ERROR 1143 (42000): SELECT command denied to user 'centos'@'172.30.1.101' for column 'StuID' in table 'students' mysql> mysql> SELECT name,age FROM students; #只有查詢name和age列的權限 +---------------+-----+ | name | age | +---------------+-----+ | Shi Zhongyu | 22 | | Shi Potian | 22 | | Xie Yanke | 53 | | Ding Dian | 32 | | Yu Yutong | 26 | | Shi Qing | 46 | | Xi Ren | 19 | | Lin Daiyu | 17 | | Ren Yingying | 20 | | Yue Lingshan | 19 | | Yuan Chengzhi | 23 | | Wen Qingqing | 19 | | Tian Boguang | 33 | | Lu Wushuang | 17 | | Duan Yu | 19 | | Xu Zhu | 21 | | Lin Chong | 25 | | Hua Rong | 23 | | Xue Baochai | 18 | | Diao Chan | 19 | | Huang Yueying | 22 | | Xiao Qiao | 20 | | Ma Chao | 23 | | Xu Xian | 27 | | Sun Dasheng | 100 | +---------------+-----+ rows in set (0.00 sec) mysql> mysql> UPDATE students SET name = '齊天大聖孫悟空' WHERE name = 'Sun Dasheng'; #更新name列的某行 Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> mysql> SELECT name,age FROM students; #查詢後發現的確更新啦! +-----------------------+-----+ | name | age | +-----------------------+-----+ | Shi Zhongyu | 22 | | Shi Potian | 22 | | Xie Yanke | 53 | | Ding Dian | 32 | | Yu Yutong | 26 | | Shi Qing | 46 | | Xi Ren | 19 | | Lin Daiyu | 17 | | Ren Yingying | 20 | | Yue Lingshan | 19 | | Yuan Chengzhi | 23 | | Wen Qingqing | 19 | | Tian Boguang | 33 | | Lu Wushuang | 17 | | Duan Yu | 19 | | Xu Zhu | 21 | | Lin Chong | 25 | | Hua Rong | 23 | | Xue Baochai | 18 | | Diao Chan | 19 | | Huang Yueying | 22 | | Xiao Qiao | 20 | | Ma Chao | 23 | | Xu Xian | 27 | | 齊天大聖孫悟空 | 100 | +-----------------------+-----+ rows in set (0.00 sec) mysql> mysql> UPDATE students SET age = '500' WHERE name = '齊天大聖孫悟空'; #因爲咱們沒有將age列的修改的權限受權給該用戶,所以沒法修改。 ERROR 1143 (42000): UPDATE command denied to user 'centos'@'172.30.1.101' for column 'age' in table 'students' mysql>
3>.查看指定用戶得到的受權
MariaDB [yinzhengjie]> HELP SHOW GRANTS Name: 'SHOW GRANTS' Description: Syntax: SHOW GRANTS [FOR user] This statement lists the GRANT statement or statements that must be issued to duplicate the privileges that are granted to a MySQL user account. The account is named using the same format as for the GRANT statement; for example, 'jeffrey'@'localhost'. If you specify only the user name part of the account name, a host name part of '%' is used. For additional information about specifying account names, see [HELP GRANT]. MariaDB> SHOW GRANTS FOR 'root'@'localhost'; +---------------------------------------------------------------------+ | Grants for root@localhost | +---------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION | +---------------------------------------------------------------------+ To list the privileges granted to the account that you are using to connect to the server, you can use any of the following statements: SHOW GRANTS; SHOW GRANTS FOR CURRENT_USER; SHOW GRANTS FOR CURRENT_USER(); If SHOW GRANTS FOR CURRENT_USER (or any of the equivalent syntaxes) is used in DEFINER context, such as within a stored procedure that is defined with SQL SECURITY DEFINER), the grants displayed are those of the definer and not the invoker. URL: https://mariadb.com/kb/en/show-grants/ MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SELECT user,host,password FROM mysql.user; +--------+------------+-------------------------------------------+ | user | host | password | +--------+------------+-------------------------------------------+ | root | localhost | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | jason | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | 127.0.0.1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | root | ::1 | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | | centos | 172.30.1.% | *BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7 | +--------+------------+-------------------------------------------+ 5 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SHOW GRANTS FOR jason@'172.30.1.%'; +---------------------------------------------------------------------------------------------------------------+ | Grants for jason@172.30.1.% | +---------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'jason'@'172.30.1.%' IDENTIFIED BY PASSWORD '*515CE264AF5A9076EC5876689206AB3C06E20340' | | GRANT ALL PRIVILEGES ON `yinzhengjie`.* TO 'jason'@'172.30.1.%' | +---------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SHOW GRANTS FOR centos@'172.30.1.%'; +----------------------------------------------------------------------------------------------------------------+ | Grants for centos@172.30.1.% | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'centos'@'172.30.1.%' IDENTIFIED BY PASSWORD '*BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7' | | GRANT SELECT (Age, Name), UPDATE (Name) ON `yinzhengjie`.`students` TO 'centos'@'172.30.1.%' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [yinzhengjie]>
舒適提示:MariaDB服務進程啓動時會讀取mysql庫中全部受權表至內存 1.GRANT或REVOKE等執行權限操做會保存於系統表中,MariaDB的服務進程一般會自動重讀受權表,使之生效; 2.對於不可以或不能及時重讀受權表的命令,可手動讓MariaDB的服務進程重讀受權表,執行"FLUSH PRIVILEGES;"便可;
MariaDB [yinzhengjie]> SELECT USER(); +----------------+ | USER() | +----------------+ | root@localhost | +----------------+ 1 row in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SHOW GRANTS FOR CURRENT_USER(); #查看當前用戶擁有權限 +----------------------------------------------------------------------------------------------------------------------------------------+ | Grants for root@localhost | +----------------------------------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7' WITH GRANT OPTION | | GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION | +----------------------------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
4>.回收權限
MariaDB [yinzhengjie]> HELP REVOKE Name: 'REVOKE' Description: Syntax: REVOKE priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user] ... REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ... REVOKE PROXY ON user FROM user [, user] ... The REVOKE statement enables system administrators to revoke privileges from MySQL accounts. Each account name uses the format described in https://mariadb.com/kb/en/create-user#account-names. For example: REVOKE INSERT ON *.* FROM 'jeffrey'@'localhost'; If you specify only the user name part of the account name, a host name part of '%' is used. For details on the levels at which privileges exist, the permissible priv_type and priv_level values, and the syntax for specifying users and passwords, see [HELP GRANT] To use the first REVOKE syntax, you must have the GRANT OPTION privilege, and you must have the privileges that you are revoking. To revoke all privileges, use the second syntax, which drops all global, database, table, column, and routine privileges for the named user or users: REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ... To use this REVOKE syntax, you must have the global CREATE USER privilege or the UPDATE privilege for the mysql database. URL: https://mariadb.com/kb/en/revoke/ MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
MariaDB [yinzhengjie]> SHOW GRANTS FOR centos@'172.30.1.%'; +----------------------------------------------------------------------------------------------------------------+ | Grants for centos@172.30.1.% | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'centos'@'172.30.1.%' IDENTIFIED BY PASSWORD '*BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7' | | GRANT SELECT (Age, Name), UPDATE (Name) ON `yinzhengjie`.`students` TO 'centos'@'172.30.1.%' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> REVOKE UPDATE ON yinzhengjie.students FROM centos@'172.30.1.%'; #回收centos@'172.30.1.%'用戶的UPDATE權限。 Query OK, 0 rows affected (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]> SHOW GRANTS FOR centos@'172.30.1.%'; +----------------------------------------------------------------------------------------------------------------+ | Grants for centos@172.30.1.% | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'centos'@'172.30.1.%' IDENTIFIED BY PASSWORD '*BD0B1F48FDC55BD27555FC2F22FF29A68A25A1D7' | | GRANT SELECT (Age, Name) ON `yinzhengjie`.`students` TO 'centos'@'172.30.1.%' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [yinzhengjie]> MariaDB [yinzhengjie]>
[root@node101.yinzhengjie.org.cn ~]# mysql -ucentos -pyinzhengjie -h 172.30.1.105 #驗證UPDATE權限是否回收成功 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 15 Server version: 5.5.5-10.2.19-MariaDB MariaDB Server Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | yinzhengjie | +--------------------+ 2 rows in set (0.00 sec) mysql> mysql> USE yinzhengjie Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> mysql> SHOW TABLES; #該庫有多張表,只不過當前用戶權限僅能看到這一張表 +-----------------------+ | Tables_in_yinzhengjie | +-----------------------+ | students | +-----------------------+ 1 row in set (0.00 sec) mysql> mysql> DESC students; #咱們直到該表有多個字段,只不過當前用戶權限僅能看到2個字段 +-------+---------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------+---------------------+------+-----+---------+-------+ | Name | varchar(50) | NO | | NULL | | | Age | tinyint(3) unsigned | NO | | NULL | | +-------+---------------------+------+-----+---------+-------+ 2 rows in set (0.00 sec) mysql> mysql> SELECT name,age FROM students; #查詢權限正常 +-----------------------+-----+ | name | age | +-----------------------+-----+ | Shi Zhongyu | 22 | | Shi Potian | 22 | | Xie Yanke | 53 | | Ding Dian | 32 | | Yu Yutong | 26 | | Shi Qing | 46 | | Xi Ren | 19 | | Lin Daiyu | 17 | | Ren Yingying | 20 | | Yue Lingshan | 19 | | Yuan Chengzhi | 23 | | Wen Qingqing | 19 | | Tian Boguang | 33 | | Lu Wushuang | 17 | | Duan Yu | 19 | | Xu Zhu | 21 | | Lin Chong | 25 | | Hua Rong | 23 | | Xue Baochai | 18 | | Diao Chan | 19 | | Huang Yueying | 22 | | Xiao Qiao | 20 | | Ma Chao | 23 | | Xu Xian | 27 | | 齊天大聖孫悟空 | 100 | +-----------------------+-----+ 25 rows in set (0.00 sec) mysql> mysql> UPDATE students SET name = '美猴王' WHERE name = '齊天大聖孫悟空'; #沒法進行更新操做,由於該權限已經被我們回收了 ERROR 1142 (42000): UPDATE command denied to user 'centos'@'172.30.1.101' for table 'students' mysql> mysql>
相關文章
- 1. 用戶和權限管理
- 2. 用戶管理和權限
- 3. 數據庫|權限管理
- 4. mysql數據庫用戶及用戶權限管理
- 5. mysql數據庫之用戶管理和權限
- 6. MariaDB數據庫用戶和權限管理
- 7. mysql管理數據庫用戶和訪問權限
- 8. linux用戶管理和權限管理
- 9. Mysql用戶管理和權限管理
- 10. oracle用戶管理和權限管理
- 更多相關文章...
- • MySQL刪除用戶權限(REVOKE) - MySQL教程
- • TiDB數據庫的管理機制 - NoSQL教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Flink 數據傳輸及反壓詳解
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 用戶和權限管理
- 2. 用戶管理和權限
- 3. 數據庫|權限管理
- 4. mysql數據庫用戶及用戶權限管理
- 5. mysql數據庫之用戶管理和權限
- 6. MariaDB數據庫用戶和權限管理
- 7. mysql管理數據庫用戶和訪問權限
- 8. linux用戶管理和權限管理
- 9. Mysql用戶管理和權限管理
- 10. oracle用戶管理和權限管理