mysql> SHOW GRANTS \G
*************************** 1. row ***************************
Grants for root@localhost: GRANT ALL PRIVILEGES ON *.* TO ' root '@ ' localhost ' IDE
NTIFIED BY PASSWORD ' *11B9ACA21786F766739D0EB1483C5F64212B81AC ' WITH GRANT OPTIO
N
*************************** 2. row ***************************
Grants for root@localhost: GRANT PROXY ON ''@ '' TO ' root '@ ' localhost ' WITH GRANT
OPTION
2 rows in set ( 0.00 sec)
*************************** 1. row ***************************
Grants for root@localhost: GRANT ALL PRIVILEGES ON *.* TO ' root '@ ' localhost ' IDE
NTIFIED BY PASSWORD ' *11B9ACA21786F766739D0EB1483C5F64212B81AC ' WITH GRANT OPTIO
N
*************************** 2. row ***************************
Grants for root@localhost: GRANT PROXY ON ''@ '' TO ' root '@ ' localhost ' WITH GRANT
OPTION
2 rows in set ( 0.00 sec)
如果當前賬號擁有ALL權限,可用最簡單的新增用戶並授權:
grant all on *.* to `root`@`%` identified by '123456' with grant option;
mysql> GRANT ALL ON *.* TO
'
gechong
'@
'
localhost
' IDENTIFIED BY
'
ge0513.mysql
' WI
TH GRANT OPTION;
Query OK, 0 rows affected ( 0.03 sec)
TH GRANT OPTION;
Query OK, 0 rows affected ( 0.03 sec)
mysql> SELECT USER,HOST FROM mysql.user;
+---------+-----------+
| USER | HOST |
+---------+-----------+
| root | 127.0.0.1 |
| gechong | localhost |
| root | localhost |
+---------+-----------+
3 rows in set (0.00 sec)
其中with grant option表示新增的該賬號是否有grant權限,即是否可以通過其創建新賬號。
非常不建議給用戶開放全部權限,最好給新用戶僅開放所需要的相關權限。一般給開發人員SELECT,UPDATE,DELETE,INSERT,CREATE,EXECUTE
權限並且只在某些網段內訪問
例如:
mysql> GRANT INSERT,UPDATE,DELETE,SELECT,CREATE,EXECUTE ON *.* TO 'kaifaA'@'10.1
2.%.%' IDENTIFIED BY 'kaifaA.mysql';
Query OK, 0 rows affected (0.00 sec)
Query OK, 0 rows affected (0.00 sec)
用戶gechong就只有6個權限並且只可以在10.1.*.*網段內使用。