|
$ mysql -u root -p
password:
mysql> create database test; # 創(chuàng)建數(shù)據(jù)庫
Query OK, 1 row affected (0.00 sec)
mysql> show databases; # 查看數(shù)據(jù)庫是否創(chuàng)建成功
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| test |
+--------------------+
3 rows in set (0.00 sec)
mysql> grant all on test.* to user1@'%' identified by '123456' with grant option; # 創(chuàng)建特權(quán)管理用戶
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host from mysql.user; # 查看用戶創(chuàng)建是否成功
+------------------+-----------+
| user | host |
+------------------+-----------+
| user1 | % |
| root | 127.0.0.1 |
| debian-sys-maint | localhost |
| root | localhost |
| root | server |
+------------------+-----------+
5 rows in set (0.00 sec)
mysql> show grants for user1; # 查看用戶權(quán)限
+--------------------------------------------------------------------------------------------------+
| Grants for user1@% |
+--------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user1'@'%' IDENTIFIED BY PASSWORD '*6BB...2CA2AD9' |
| GRANT ALL PRIVILEGES ON `test`.* TO 'user1'@'%' WITH GRANT OPTION |
+--------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
GRANT 語法:
GRANT privileges (columns)
ON what
TO user IDENTIFIED BY "password"
WITH GRANT OPTION
權(quán)限列表: ALTER: 修改表和索引。 CREATE: 創(chuàng)建數(shù)據(jù)庫和表。 DELETE: 刪除表中已有的記錄。 DROP: 拋棄(刪除)數(shù)據(jù)庫和表。 INDEX: 創(chuàng)建或拋棄索引。 INSERT: 向表中插入新行。 REFERENCE: 未用。 SELECT: 檢索表中的記錄。 UPDATE: 修改現(xiàn)存表記錄。 FILE: 讀或?qū)懛⻊?wù)器上的文件。 PROCESS: 查看服務(wù)器中執(zhí)行的線程信息或殺死線程。 RELOAD: 重載授權(quán)表或清空日志、主機緩存或表緩存。 SHUTDOWN: 關(guān)閉服務(wù)器。 ALL: 所有權(quán)限,ALL PRIVILEGES同義詞。 USAGE: 特殊的 "無權(quán)限" 權(quán)限。用戶賬戶包括 "username" 和 "host" 兩部分,后者表示該用戶被允許從何地接入。user1@'%' 表示任何地址,默認可以省略。還可以是 "user1@192.168.1.%"、"user1@%.abc.com" 等。數(shù)據(jù)庫格式為 db@table,可以是 "test.*" 或 "*.*",前者表示 test 數(shù)據(jù)庫的所有表,后者表示所有數(shù)據(jù)庫的所有表。
子句 "WITH GRANT OPTION" 表示該用戶可以為其他用戶分配權(quán)限。
我們用 root 再創(chuàng)建幾個用戶,然后由 test 數(shù)據(jù)庫的管理員 user1 為他們分配權(quán)限。
mysql> create user user2 identified by '123456', user3 identified by 'abcd';
Query OK, 0 rows affected (0.00 sec)
mysql> select user, host from mysql.user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| user1 | % |
| user2 | % |
| user3 | % |
| root | 127.0.0.1 |
| debian-sys-maint | localhost |
| root | localhost |
| root | server |
+------------------+-----------+
7 rows in set (0.00 sec)
好了,我們退出改用 user1 登錄并針對 test 數(shù)據(jù)庫進行操作。
mysql> quit # 退出
Bye
$ mysql -u user1 -p123456 test # 使用新用戶登錄
mysql> select database(); # 確認當(dāng)前工作數(shù)據(jù)庫
+------------+
| database() |
+------------+
| test |
+------------+
1 row in set (0.00 sec)
mysql> select current_user(); # 確認當(dāng)前工作賬戶
+----------------+
| current_user() |
+----------------+
| user1@% |
+----------------+
1 row in set (0.00 sec)
繼續(xù),創(chuàng)建一個數(shù)據(jù)表。
mysql> create table table1 # 創(chuàng)建表
-> (
-> name varchar(50),
-> age integer
-> );
Query OK, 0 rows affected (0.02 sec)
mysql> show tables; # 查看表是否創(chuàng)建成功
+----------------+
| Tables_in_test |
+----------------+
| table1 |
+----------------+
1 row in set (0.00 sec)
mysql> describe table1; # 查看表結(jié)構(gòu)
+-------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+-------------+------+-----+---------+-------+
| name | varchar(50) | YES | | NULL | |
| age | int(11) | YES | | NULL | |
+-------+-------------+------+-----+---------+-------+
2 rows in set (0.00 sec)
mysql> insert into table1 values('Tom', 20); # 插入記錄
Query OK, 1 row affected (0.00 sec)
mysql> select * from table1; # 查詢記錄
+------+------+
| name | age |
+------+------+
| Tom | 20 |
+------+------+
1 row in set (0.00 sec)
接下來我們?yōu)?user2, user3 分配權(quán)限。
mysql> grant select on test.* to user2; # 為 user2 分配 SELECT 權(quán)限。
Query OK, 0 rows affected (0.00 sec)
mysql> grant select on test.* to user3; # 為 user3 分配 SELECT 權(quán)限。
Query OK, 0 rows affected (0.00 sec)
mysql> grant insert, update on test.* to user2; # 再為 user2 增加 INSERT, UPDATE 權(quán)限。
Query OK, 0 rows affected (0.00 sec)
好了,我們退出,切換成 user2 操作看看。
$ mysql -u user2 -p123456
mysql> use test; # 切換工作數(shù)據(jù)庫
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select database(); # 驗證當(dāng)前工作數(shù)據(jù)庫
+------------+
| database() |
+------------+
| test |
+------------+
1 row in set (0.00 sec)
mysql> select user(); # 驗證當(dāng)前賬戶
+-----------------+
| user() |
+-----------------+
| user2@localhost |
+-----------------+
1 row in set (0.00 sec)
mysql> show grants for user2; # 查看當(dāng)前用戶權(quán)限,顯然后來添加的 INSERT, UPDATE 被添加了。
+--------------------------------------------------------------------------------------------------+
| Grants for user2@% |
+--------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user2'@'%' IDENTIFIED BY PASSWORD '*6BB837....2C9' |
| GRANT SELECT, INSERT, UPDATE ON `test`.* TO 'user2'@'%' |
+--------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
進行操作測試。
mysql> insert into table1 values("Jack", 21); # INSERT 操作成功
Query OK, 1 row affected (0.00 sec)
mysql> update table1 set age=22 where name='Jack'; # UPDATE 操作成功
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select * from table1; # SELECT 操作成功
+------+------+
| name | age |
+------+------+
| Tom | 20 |
| Jack | 22 |
+------+------+
2 rows in set (0.00 sec)
mysql> delete from table1 where age=22; # DELETE 操作無權(quán)限
ERROR 1142 (42000): DELETE command denied to user 'user2'@'localhost' for table 'table1'
我們切換回 user1 管理賬戶,移除 user2 的 UPDATE 權(quán)限看看。
$ mysql -u user1 -p123456 test
mysql> revoke update on test.* from user2; # 移除 UPDATE 權(quán)限
Query OK, 0 rows affected (0.00 sec)
再次切換回 user2。
$ mysql -u user2 -p123456 test
mysql> show grants for user2; # UPDATE 權(quán)限被移除
+--------------------------------------------------------------------------------------------------+
| Grants for user2@% |
+--------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user2'@'%' IDENTIFIED BY PASSWORD '*6B...2AD9' |
| GRANT SELECT, INSERT ON `test`.* TO 'user2'@'%' |
+--------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> update table1 set age=23 where name='Jack'; # 不在擁有 UPDATE 權(quán)限
ERROR 1142 (42000): UPDATE command denied to user 'user2'@'localhost' for table 'table1'
好了,到此我們基本完成了創(chuàng)建用戶和分配權(quán)限的操作。接下來,我們回到 root 進行修改用戶密碼和刪除用戶操作。
$ mysql -u root -p123456
mysql> set password for user3=password('abcabc'); # 修改用戶 user3 密碼
Query OK, 0 rows affected (0.00 sec)
mysql>flush privileges; # 刷新權(quán)限表(通常只在直接修改相關(guān)管理數(shù)據(jù)表后需要該操作)
Query OK, 0 rows affected (0.00 sec)
mysql> revoke all on *.* from user2; # 移除 user2 在所有數(shù)據(jù)庫上的權(quán)限
Query OK, 0 rows affected (0.00 sec)
mysql> drop user user2; # 刪除 user2 賬戶
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host from mysql.user; # 驗證刪除結(jié)果
+------------------+-----------+
| user | host |
+------------------+-----------+
| user1 | % |
| user3 | % |
| root | 127.0.0.1 |
| debian-sys-maint | localhost |
| root | localhost |
| root | server |
+------------------+-----------+
6 rows in set (0.00 sec)
用戶 user2 無法再次使用。
$ mysql -u user2 -p123456 test
ERROR 1045 (28000): Access denied for user 'user2'@'localhost' (using password: YES)
試試 user3。
$ mysql -u user3 -pabc test # 連接失敗!哦,對了,我們修改了密碼。
ERROR 1045 (28000): Access denied for user 'user3'@'localhost' (using password: YES)
$ mysql -u user3 -pabcabc test # 新密碼成功
mysql> select * from table1; # SELECT 操作成功
+------+------+
| name | age |
+------+------+
| Tom | 20 |
| Jack | 22 |
+------+------+
2 rows in set (0.00 sec)
要修改自己的密碼直接執(zhí)行 "set password = password('new_password');" 即可。
------- 摘要 --------------------------------------
創(chuàng)建用戶:
GRANT insert, update ON testdb.* TO user1@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
CREATE USER user2 IDENTIFIED BY 'password';
分配權(quán)限:
GRANT select ON testdb.* TO user2;
查看權(quán)限:
SHOW GRANTS FOR user1;
修改密碼:
SET PASSWORD FOR user1 = PASSWORD('newpwd');
SET PASSWORD = PASSWORD('newpwd');
移除權(quán)限:
REVOKE all ON *.* FROM user1;
刪除用戶:
DROP USER user1;
數(shù)據(jù)庫列表:
SHOW DATABASES;
數(shù)據(jù)表列表:
SHOW TABLES;
當(dāng)前數(shù)據(jù)庫:
SELECT DATABASE();
當(dāng)前用戶:
SELECT USER();
數(shù)據(jù)表結(jié)構(gòu):
DESCRIBE table1;
刷新權(quán)限:
FLUSH PRIVILEGES;
本文出自:億恩科技【www.23lll.com】
服務(wù)器租用/服務(wù)器托管中國五強!虛擬主機域名注冊頂級提供商!15年品質(zhì)保障!--億恩科技[ENKJ.COM]
|
0371-60135900
京公網(wǎng)安備41019702002023號
香港服務(wù)器租用
美國服務(wù)器租用
電信骨干機房
聯(lián)通骨干機房
