企业中误删除所有用户故障案例
1.不小心删除了所有用户
#1.查看用户
mysql> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| | db02 |
| root | db02 |
| | localhost |
| root | localhost |
+------+-----------+
6 rows in set (0.00 sec)
#2.误删除用户
mysql> delete from mysql.user where 1=1;
Query OK, 6 rows affected (0.00 sec)
mysql> select user,host from mysql.user;
Empty set (0.00 sec)
#3.删除所有用户后,仍然可以登录,重启后就不能登录了
[root@db02 ~]# systemctl restart mysqld
[root@db02 ~]# mysql -uroot -p123
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
2.解决方案一:
1)停止数据库
[root@db02 ~]# systemctl stop mysqld
2)跳过授权表和网络启动数据库
#1.只跳过授权表启动
[root@db02 ~]# mysqld_safe --skip-grant-tables &
#2.跳过授权表和网络启动
[root@db02 ~]# mysqladmin shutdown
[root@db02 ~]# mysqld_safe --skip-grant-tables --skip-networking &
3)插入一个用户
#1.使用grant授权创建用户失败
mysql> grant all on *.* to root@'localhost' identified by '123';
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
#2.使用create创建用户失败
mysql> create user root@'localhost';
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
#3.使用insert语句插入新用户
mysql> use mysql
mysql> insert into user(user,host,password) values('root','localhost','123');
ERROR 1364 (HY000): Field 'ssl_cipher' doesn't have a default value
#原因:因为表中的字段很多不能为空,默认值又是空,所以必须指定不为空的字段
mysql> insert into user(user,host,password,ssl_cipher,x509_issuer,x509_subject) values('root','localhost',PASSWORD('123'),'','','');
Query OK, 1 row affected (0.00 sec)
#插入用户可以成功,但是用户权限全是N,没有任何权限的用户没有用
#4.正确方法
mysql> insert into mysql.user values ('localhost','root',PASSWORD('123'),
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'Y',
'',
'',
'',
'',0,0,0,0,'mysql_native_password','','N');
#查看插入用户的权限
mysql> select * from mysql.user\G
4)正常启动数据库
[root@db02 ~]# mysqladmin shutdown
[root@db02 ~]# systemctl start mysqld
[root@db02 ~]# mysql -uroot -p123
3.解决方案2:
1)停止数据库
[root@db02 ~]# systemctl stop mysqld
2)跳过授权表和网络启动数据库
#1.只跳过授权表启动
[root@db02 ~]# mysqld_safe --skip-grant-tables &
#2.跳过授权表和网络启动
[root@db02 ~]# mysqladmin shutdown
[root@db02 ~]# mysqld_safe --skip-grant-tables --skip-networking &
3)插入一个用户
#1.刷新授权表
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
#2.授权一个用户
mysql> grant all on *.* to root@'localhost' identified by '123';
Query OK, 0 rows affected (0.00 sec)
#3.查看用户权限
mysql> select * from mysql.user\G
#4.管理员用户中授权权限为 N,所以要修改这个值
mysql> update mysql.user set Grant_priv='Y' where Host='localhost';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
#5.或者再授权时直接加上参数包含 grant 权限
mysql> grant all on *.* to root@'localhost' identified by '123' with grant option;
Query OK, 0 rows affected (0.00 sec)
4)正常启动数据库
[root@db02 ~]# mysqladmin shutdown
[root@db02 ~]# systemctl start mysqld
[root@db02 ~]# mysql -uroot -p123
