新建用户
- root用户登陆,新建用户
mysql> create user istester identified by "isTester@321";
Query OK, 0 rows affected (0.07 sec)
- 查询用户是否创建成功
mysql> select user,host from mysql.user;
+---------------+-----------+
| user | host |
+---------------+-----------+
| istester | % |
| liuqin | % |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+---------------+-----------+
- 重置用户密码
update mysql.user set authentication_string=PASSWORD('Liuqin@321') where user='liuqin';
- 查看用户的所有权限
mysql> show grants for istester;
+--------------------------------------+
| Grants for istester@% |
+--------------------------------------+
| GRANT USAGE ON *.* TO 'istester'@'%' |
+--------------------------------------+
此时用户istester只能本地或远程登陆
用户授权
-
tip:
用户权限主要用处:
- 可以限制用户访问哪些库、哪些表
- 可以限制用户对哪些表执行SELECT、CREATE、DELETE、DELETE、ALTER等操作
- 可以限制用户登录的IP或域名
- 可以限制用户自己的权限是否可以授权给别的用户
- 授权
格式:grant 权限 on 数据库对象 to 用户@'%(localhost)' identified by "passwd"
- 授权查询、插入、更新、删除数据库中所有表数据
grant select on idoxu.* to istester@'%' identified "passwd"; ##授权用户istester查看idoxu库中所有表数据的权限,可登录istester用户验证
grant insert on idoxu.* to istester@'%' identified "passwd"; ##授权插入权限
grant update on idoxu.* to istester@'%' identified "passwd";
grant delete on idoxu.* to istester@'%' identified "passwd";
或者可以多种组合:
grant select, insert, update, delete on idoxu.* to istester@'%' identified "passwd";
再次查看用户权限:
mysql> show grants for istester;
+-------------------------------------------------------------------------------+
| Grants for istester@% |
+-------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'istester'@'%' |
| GRANT SELECT, INSERT, UPDATE, DELETE ON `idoxu`.* TO 'istester'@'%' |
+-------------------------------------------------------------------------------+
- 授予各种开发人员权限
grant 创建、修改、删除 MySQL 数据表结构权限
grant create, alter, drop ON `idoxu`.* TO 'istester'@'%'; ##root用户下可以不用加后面的密码,前面的例子也是一样的
grant 操作 MySQL 外键权限
grant references ON `idoxu`.* TO 'istester'@'%';
grant 操作 MySQL 临时表权限
grant create temporary tables ON `idoxu`.* TO 'istester'@'%';
grant 操作 MySQL 索引权限
grant index ON `idoxu`.* TO 'istester'@'%';
grant 操作 MySQL 视图、查看视图源代码 权限
grant create view ON `idoxu`.* TO 'istester'@'%';
grant show view ON `idoxu`.* TO 'istester'@'%';
grant 操作 MySQL 存储过程、函数 权限
grant create routine ON `idoxu`.* TO 'istester'@'%';
grant alter routine ON `idoxu`.* TO 'istester'@'%';
grant execute ON `idoxu`.* TO 'istester'@'%';
grant 普通 DBA 管理某个 MySQL 数据库的权限
grant all privileges ON `idoxu`.* TO 'istester'@'%';
grant 高级 DBA 管理 MySQL 中所有数据库的权限
grant all privileges on '.' to 'istester'@'%';
撤销权限
插销权限用revoke,和grant用法差不多,只需要将"to"换成“from”即可
revoke all privileges on '.' from 'istester'@'%';
网友评论