mysql 授权_MySQL的授权
grant 授权
什么是用户授权:在数据库服务器上添加新的连接用户,并设置权限和密码。
为什么要用授权:如果没有授权用户,那么只能有root用户在本机登陆数据库,其它用户无法登陆。
没有授权时,其它主机也无法访问数据库。
指令格式:
mysql> grant 权限列表 on 库名 to 用户名@"客户端地址" identified by "密码" ;
权限列表:
all 所有权限
usage 只能连接上数据库,没有任何权限
select,update,inseret ... 个别权限,这个权限对所有字段有效
select,update(字段1,字段2...) 只能对指定的字段有相应的权
库名:
*.* 所有库所有表
库名.* 一个库
库名.表名 一张表
用户名:
授权时可以自定义,要有标识性,容易记,可以名中看出用途存储在mysql库的user表里
客户端地址:
% 表示互联网上的所有主机0
192.168.4.% 网段内的所有主机
192.168.4.1 1台主机
localhost 数据库服务器本机
授权举例1:
添加admin用户,允许从192.168.4.0/24网段连接,对db3库的user表有查询权限,密码为123456
mysql> grant select on db3.user to admin@"192.168.4.%" identified by "123456";
授权举例2:
添加admin2,允许从本机连接,允许以db3库的所有表有 查询,更新,插入删除记录权限,密码为123456
mysql> grant select ,insert,update,delete on db3.* toadmin2@"localhost" identifiedby "123456";
授权库
grant授权的信息是保存在授权库中的,mysql库记录了授权信息,主要的表如下:
user 记录已有的授权用户及权限
db 记录已有授权用户对数据库的访问权限
tables_priv 记录已有授权用户对表的访问权限
columns_priv 记录已有授权用户对字段的访问权限
一 查看当前columns_priv,tables_priv,db,user表中的授权用户
mysql> select user,host,db,table_name,column_name frommysql.columns_priv;
Emptyset (0.00sec) #columns_priv表当前为空,说明当前数据库没有真对某些字段的授权mysql> select user,host,db,table_name frommysql.tables_priv;+-----------+-----------+-----+------------+ #tables_priv表中只有系统默认的授权用户msyql.sys
| user | host | db | table_name |
+-----------+-----------+-----+------------+
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+-----+------------+mysql> select user,host,db frommysql.db;+-----------+-----------+-----+ #db表中也是系统默认授权用户mysql.sys
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+mysql> select user,host from mysql.user;+-----------+-----------+ #user表中有系统默认用户mysql.sys和root
| user | host |
+-----------+-----------+
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+二 添加真对school.student表中“学号”,“姓名”,“性别”这三个字段的授权用户col_user
mysql> grant select,update(学号,姓名,性别),insert on school.student to col_user@'%' identified by "123456";mysql> select user,host,db,table_name,column_name frommysql.columns_priv;
#在columns_priv表中查看授权用户,每条记录是一个授权字段+----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 学号 |
| col_user | % | school | student | 性别 |
+----------+------+--------+------------+-------------+mysql> select user,host,db,table_name frommysql.tables_priv;+-----------+-----------+--------+------------+ #在tables_priv表中也可以看到该用户对school.student表有访问权限
| user | host | db | table_name | #具体权限需要用show grants查看
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+
mysql> show grants for col_user@'%'; #通过show grants查看col_user对school.student的具体权限
+-----------------------------------------------------------------------------------------------+
| Grants for col_user@% |
+-----------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'col_user'@'%' |
| GRANT SELECT, INSERT, UPDATE (性别, 学号, 姓名) ON `school`.`student` TO 'col_user'@'%' |
+-----------------------------------------------------------------------------------------------+
mysql> select user,host,db frommysql.db;+-----------+-----------+-----+ #db表中看不到该用户
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+mysql> select user,host from mysql.user;+-----------+-----------+ #在user表中可以看到该用户
| user | host |
+-----------+-----------+
| col_user | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+mysql>三 添加授权用户tab_user1,tab_user2对表school.teacher,school.student的访问权限
mysql> grant all on school.teacher to tab_user1@'%' identified by "123456";mysql> grant select on school.student to tab_user2@'%' identified by "123456";mysql> select user,host,db,table_name,column_name frommysql.columns_priv;
#colunm_priv表中授权记录的用户没有变化+----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 学号 |
| col_user | % | school | student | 性别 |
+----------+------+--------+------------+-------------+#tables_priv表中可以看到tab_user1,tab_user2用户
mysql> select user,host,db,table_name frommysql.tables_priv;+-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+mysql> show grants for tab_user1@'%'; #通过show grants可以看出tab_user1,tab_user2的具体授权权限+---------------------------------------------------------------+
| Grants for tab_user1@% |
+---------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'tab_user1'@'%' |
| GRANT ALL PRIVILEGES ON `school`.`teacher` TO 'tab_user1'@'%' |
+---------------------------------------------------------------+mysql> show grants for tab_user2@'%';+-------------------------------------------------------+
| Grants for tab_user2@% |
+-------------------------------------------------------+
| GRANT USAGE ON *.* TO 'tab_user2'@'%' |
| GRANT SELECT ON `school`.`student` TO 'tab_user2'@'%' |
+-------------------------------------------------------+mysql> select user,host,db frommysql.db; #db表中没有变化+-----------+-----------+-----+
| user | host | db |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+mysql> select user,host from mysql.user; #user表中可以看到tab_user1,tab_user2+-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| tab_user1 | % |
| tab_user2 | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+mysql>四 添加授权用户db_user1,db_user2用户对库school,school2的访问权限
mysql> grant all on school.* to db_user1@'%' identified by "123456";mysql> grant select on school2.* to db_user2@'%' identified by "123456";mysql> select user,host,db,table_name,column_name frommysql.columns_priv;
#只要没有对任意表中字段的授权,column_priv表不会有变化+----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 学号 |
| col_user | % | school | student | 性别 |
+----------+------+--------+------------+-------------+mysql> select user,host,db,table_name frommysql.tables_priv;
#添加了真对库的授权用户,没有对表的授权用户所以db表中也不会变化+-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+mysql> select user,host,db frommysql.db; #db表中可以看到添加的授权用户+-----------+-----------+---------+
| user | host | db |
+-----------+-----------+---------+
| db_user1 | % | school |
| db_user2 | % | school2 |
| mysql.sys | localhost | sys |
+-----------+-----------+---------+mysql> select user,host from mysql.user; #只要添加了授权用户user表中都会有记录+-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| db_user1 | % |
| db_user2 | % |
| tab_user1 | % |
| tab_user2 | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+mysql>五 添加授权用户user对所有库和表有访问权限
mysql> grant all on *.* to user@'%' identified by "123456";mysql> select user,host,db,table_name,column_name frommysql.columns_priv;+----------+------+--------+------------+-------------+
| user | host | db | table_name | column_name |
+----------+------+--------+------------+-------------+
| col_user | % | school | student | 姓名 |
| col_user | % | school | student | 学号 |
| col_user | % | school | student | 性别 |
+----------+------+--------+------------+-------------+
3 rows in set (0.00sec)
mysql> select user,host,db,table_name frommysql.tables_priv;+-----------+-----------+--------+------------+
| user | host | db | table_name |
+-----------+-----------+--------+------------+
| col_user | % | school | student |
| tab_user1 | % | school | teacher |
| tab_user2 | % | school | student |
| mysql.sys | localhost | sys | sys_config |
+-----------+-----------+--------+------------+
4 rows in set (0.01sec)
mysql> select user,host,db frommysql.db;+-----------+-----------+---------+
| user | host | db |
+-----------+-----------+---------+
| db_user1 | % | school |
| db_user2 | % | school2 |
| mysql.sys | localhost | sys |
+-----------+-----------+---------+
3 rows in set (0.00sec)
mysql> select user,host from mysql.user; #只有在user表中可以看到use_user+-----------+-----------+
| user | host |
+-----------+-----------+
| col_user | % |
| db_user1 | % |
| db_user2 | % |
| tab_user1 | % |
| tab_user2 | % |
| use_user | % |
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+mysql>
mysql 授权_MySQL的授权相关推荐
- mysql撤销用户授权_mysql用户授权及撤销
mysql数据库服务在不做授权的情况下只允许数据库管理员从数据库服务器本机登录. 默认只有数据库管理员从数据库服务器本机登录才有授权权限 mysql -u root -p (本机登录mysql服务器) ...
- mysql 删除了授权_mysql用户授权访问与删除授权
在mysql数据库中,默认允许以root身份登录,然后执行相关操作. 这在生产环境中,极为不安全,建议创建新的用户,并使用grant命令进行mysql用户授权访问,授予指定的访问权限,以加强mysql ...
- mysql 局域网_MySQL 局域网授权问题
终于把这个知乎号找回来了 关于MySQL局域网授权,因为版本不同,授权语句也不同,先登陆MySQL检查自己的版本 8.0版本之前的提升权限语句:开放远程连接权限:grant [权限] on [data ...
- mysql给用户数据库授权_mysql 数据库授权(给某个用户授权某个数据库)【转载】...
先设置该用户只有show database权限 grant select,insert,update,delete on redmine1.* tojira@"%" identif ...
- mysql用户的创建和授权_MySQL用户创建和授权
环境 MySQL 5.1 + 命令行工具 问题 MySQL用户创建和授权 解决 1.以root用户登录创建新用户 C:\Users\Wentasy>mysql -uroot -p mysql&g ...
- mysql 字段授权_mysql授权管理
首先说一下mysql数据库管理权限的数据库是mysql库 我们看一下mysql库中都有哪些表 mysql> show tables from mysql; +------------------ ...
- mysql主从授权_MySQL主从复制(10)读写分离授权多种方案
一.生产场景mysql主从复制读写分离授权方案及实战 当配置和好MySQL主从复制以后,所有对数据库内容的更新就必须在主服务器上进行. 那么,为什么所有的更新都要在主服务器上进行呢?这是因为数据复制是 ...
- mysql新建用户并授权_Mysql中新建用户及授权的方法分享
在项目开发的过程中可能需要开放自己的数据库给别人,但是为了安全不能自己服务器里其他数据库同时开放.那么可以新建一个用户,给该用户开放特定数据库权限 测试环境:Centos 6.3和Mysql 5.3 ...
- mysql navicat授权_Mysql授权允许远程访问解决Navicat for MySQL连接mysql提示客户端不支持服务器请求的身份验证协议;考虑升级MySQL客户端...
Navicat Premium连接MySQL 1251错误 MySQL Installer 8.0.17 出现上述错误的原因是版本MySQL 8.0.17即8.0开始的MySQL版本,因为采用新的 ...
- mysql 移除权限_MySQL用户授权及删除权限
▼ CREATE DATABASE IF NOT EXISTS `wordpress`; GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localh ...
最新文章
- 自学python能干些什么副业好-python可以作为副业赚钱嘛?
- halcon知识:【2】二维码原理
- linux安装socket.io,ubuntu – 如何在node.js npm服务器上查看socket.io版本
- php实现附件上传下载,PHP实现文件上传与下载
- DCMTK:“内容映射资源”Content Mapping Resource中的各种CIDxxx和TIDxxx类的测试程序
- MySQL复习资料——用于突击考试总结
- How to change the status of Prepayment invoice
- 如何用python 开发web_如何用python开发web
- 为什么深层神经网络难以训练_“用魔法击败魔法”?一群计算神经学家正借神经网络解释大脑...
- ADB的下载安装和基本命令
- 手机游戏创业者的苦涩:成功率被指0.1%
- 腾讯云折(tian)腾(keng)记
- 2015年全部企业校园招聘情况+薪资水平!
- java中的正则matches方法和find方法的区别
- 程序人生 - 王者荣耀隐身设置,不让好友看到在线状态
- 瑞星微RK3288开发板
- 【ubuntu】ls颜色的含义
- onsubmit表单提交简单使用
- 和尚吃馒头c语言程序,(八十一)约瑟夫环/鲁智深吃馒头
- 第10章第27节:使用Psychedelic waves生成梦幻般的波纹图像 [PowerPoint精美幻灯片实战教程]
热门文章
- 疫情可视化--2.爬虫--百度迁徙的疫情数据(各省市各个时间段迁入迁出比例)
- koa2 mysql增删改查_使用nodejs-koa2-mysql-sequelize-jwt实现登录注册,文章增删改查接口...
- Android友盟分享7.1.5版本巨坑
- python安卓手机编程入门自学_编程入门学习路线(附教程推荐)
- 视觉SLAM十四讲第三讲
- 数学建模题型及其常用算法
- 扫雷游戏网页版_佛性扫雷 炸不炸随缘
- CMD操作查看电脑IP
- Java学习心得——整数太大的错误
- 十个免费的 Web 压力测试工具