用户管理
创建用户
create user '用户名'@'IP地址' identified by '密码';
删除用户
drop user '用户名'@'IP地址';
修改用户
rename user '用户名'@'IP地址'; to '新用户名'@'IP地址';;
修改密码
set password for '用户名'@'IP地址' = Password('新密码')
PS:用户权限相关数据保存在mysql数据库的user表中,所以也可以直接对其进行操作(不建议)
[root@node1 ~]# mysql -usmoke -p
Enter password:
ERROR 1045 (28000): Access denied for user 'smoke'@'localhost' (using password: YES)
[root@node1 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 18
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| test1 |
+--------------------+
5 rows in set (0.00 sec)
MariaDB [(none)]> use mysql;
Database changed
MariaDB [mysql]> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
MariaDB [mysql]> select * from user; #user表是保存用户授权的表
MariaDB [mysql]> desc user;
+------------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_tablespace_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) | NO | | 0 | |
| plugin | char(64) | NO | | | |
| authentication_string | text | NO | | NULL | |
+------------------------+-----------------------------------+------+-----+---------+-------+
42 rows in set (0.01 sec)
MariaDB [mysql]> select Host,user from user;
+-----------+------+
| Host | user |
+-----------+------+
| 127.0.0.1 | root |
| ::1 | root |
| localhost | root |
+-----------+------+
3 rows in set (0.00 sec)
MariaDB [mysql]> create user smoke@localhost identified by 'smoke520';
Query OK, 0 rows affected (0.00 sec)
使用smoke用户登录
[root@node1 ~]# mysql -usmoke -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 21 Server version: 5.5.68-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
使用root用户连接的数据库
MariaDB [mysql]> select host,user from user;
+-----------+-------+
| host | user |
+-----------+-------+
| 127.0.0.1 | root |
| ::1 | root |
| localhost | root |
| localhost | smoke |
+-----------+-------+
4 rows in set (0.00 sec)
MariaDB [(none)]> create user cherry@localhost identified by 'smoke520';
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> select host,user from user;
+-----------+--------+
| host | user |
+-----------+--------+
| 127.0.0.1 | root |
| ::1 | root |
| localhost | cherry |
| localhost | root |
| localhost | smoke |
+-----------+--------+
5 rows in set (0.00 sec)
MariaDB [mysql]> drop user cherry@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> select host,user from user;
+-----------+-------+
| host | user |
+-----------+-------+
| 127.0.0.1 | root |
| ::1 | root |
| localhost | root |
| localhost | smoke |
+-----------+-------+
4 rows in set (0.00 sec)
MariaDB [mysql]> create user cherry@localhost identified by 'smoke520';
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> select host,user from user;
+-----------+--------+
| host | user |
+-----------+--------+
| 127.0.0.1 | root |
| ::1 | root |
| localhost | cherry |
| localhost | root |
| localhost | smoke |
+-----------+--------+
5 rows in set (0.00 sec)
MariaDB [mysql]> rename user cherry@localhost to dudu@127.0.0.1;
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> select host,user from user;
+-----------+-------+
| host | user |
+-----------+-------+
| 127.0.0.1 | dudu |
| 127.0.0.1 | root |
| ::1 | root |
| localhost | root |
| localhost | smoke |
+-----------+-------+
5 rows in set (0.00 sec)
MariaDB [mysql]> set password for root@localhost=Password('smoke@520');
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> exit;
Bye
[root@node1 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 23
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> use mysql;
Database changed
MariaDB [mysql]> select host,user from user;
+-----------+-------+
| host | user |
+-----------+-------+
| 127.0.0.1 | dudu |
| 127.0.0.1 | root |
| ::1 | root |
| localhost | root |
| localhost | smoke |
+-----------+-------+
5 rows in set (0.00 sec)
使用dudu用户登录
[root@node1 ~]# mysql -ududu -p Enter password: ERROR 1045 (28000): Access denied for user 'dudu'@'localhost' (using password: YES) [root@node1 ~]# mysql -ududu -h127.0.0.1 -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 26 Server version: 5.5.68-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
使用root用户连接的数据库
MariaDB [mysql]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | test | | test1 | +--------------------+ 5 rows in set (0.01 sec)
使用smoke用户连接的数据库
MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | +--------------------+ 1 row in set (0.00 sec)
权限管理
默认什么权限都没有
show grants for '用户'@'IP地址' -- 查看权限
grant 权限 on 数据库.表 to '用户'@'IP地址' -- 授权
revoke 权限 on 数据库.表 from '用户'@'IP地址' -- 取消权限
all privileges 除grant外的所有权限
select 仅查权限
select,insert 查和插入权限
...
usage 无访问权限
alter 使用alter table
alter routine 使用alter procedure和drop procedure
create 使用create table
create routine 使用create procedure
create temporary tables 使用create temporary tables
create user 使用create user、drop user、rename user和revoke all privileges
create view 使用create view
delete 使用delete
drop 使用drop table
execute 使用call和存储过程
file 使用select into outfile 和 load data infile
grant option 使用grant 和 revoke
index 使用index
insert 使用insert
lock tables 使用lock table
process 使用show full processlist
select 使用select
show databases 使用show databases
show view 使用show view
update 使用update
reload 使用flush
shutdown 使用mysqladmin shutdown(关闭MySQL)
super 使用change master、kill、logs、purge、master和set global。还允许mysqladmin调试登陆
replication client 服务器位置的访问
replication slave 由复制从属使用
使用root用户连接的数据库
MariaDB [mysql]> use test; Database changed MariaDB [test]> show tables; +----------------+ | Tables_in_test | +----------------+ | tb1 | | tb2 | +----------------+ 2 rows in set (0.00 sec) MariaDB [test]> grant select on test.tb1 to smoke@localhost; Query OK, 0 rows affected (0.00 sec)
使用smoke用户连接的数据库
MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | test | +--------------------+ 2 rows in set (0.01 sec) MariaDB [(none)]> use test; Database changed MariaDB [test]> show tables; +----------------+ | Tables_in_test | +----------------+ | tb1 | +----------------+ 1 row in set (0.00 sec) MariaDB [test]> select * from tb1; +------+--------+ | nid | name | +------+--------+ | 1 | smoke | | 1 | cherry | +------+--------+ 2 rows in set (0.00 sec) MariaDB [test]> insert into tb1(nid,name) value(2,'dudu'); ERROR 1142 (42000): INSERT command denied to user 'smoke'@'localhost' for table 'tb1'
使用root用户连接的数据库
MariaDB [test]> grant select,insert on test.tb1 to smoke@localhost; Query OK, 0 rows affected (0.00 sec)
使用smoke用户连接的数据库
MariaDB [test]> insert into tb1(nid,name) value(2,'dudu'); Query OK, 1 row affected (0.00 sec) MariaDB [test]> select * from tb1; +------+--------+ | nid | name | +------+--------+ | 1 | smoke | | 1 | cherry | | 2 | dudu | +------+--------+ 3 rows in set (0.00 sec)
使用root用户连接的数据库
MariaDB [(none)]> select host,user from mysql.user; +-----------+-------+ | host | user | +-----------+-------+ | 127.0.0.1 | dudu | | 127.0.0.1 | root | | ::1 | root | | localhost | root | | localhost | smoke | +-----------+-------+ 5 rows in set (0.00 sec) MariaDB [(none)]> create user smoke@172.16.100.68 identified by 'smoke520'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant select,insert on test.tb1 to smoke@172.16.100.68; Query OK, 0 rows affected (0.00 sec)
通过172.16.100.68主机连接测试
[root@node2 ~]# ip addr show ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:93:0e:b9 brd ff:ff:ff:ff:ff:ff
inet 172.16.100.68/24 brd 172.16.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::4cee:1a2b:a54f:674b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@node2 ~]# mysql -usmoke -h172.16.100.67 -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 42
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> insert into test.tb1(nid,name) values(3,'qianqian');
Query OK, 1 row affected (0.01 sec)
用户名@IP地址 用户只能在改IP下才能访问
用户名@192.168.1.% 用户只能在改IP段下才能访问(通配符%表示任意)
用户名@% 用户可以再任意IP下访问(默认IP地址为%)
使用root用户连接的数据库
MariaDB [(none)]> select * from test.tb1; +------+----------+ | nid | name | +------+----------+ | 1 | smoke | | 1 | cherry | | 2 | dudu | | 3 | qianqian | +------+----------+ 4 rows in set (0.01 sec) MariaDB [(none)]> create user "smoke"@"172.16.100.%" identified by 'smoke520'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant select,insert on test.tb1 to "smoke"@"172.16.100.%"; Query OK, 0 rows affected (0.00 sec)
浙公网安备 33010602011771号