在mysql自帶的庫中有一個mysql,這個庫包含了太多的東西,其中有一張表user,這張表存儲了所有的用戶信息。
mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *E01F5425C006D5AF5E3E22EEF9D6AF6BD19FDFED | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | +------+-----------------------+-------------------------------------------+ 6 rows in set (0.00 sec)
一、重置密碼
首先來解決,如果root密碼忘記了,該怎么解決?
找回密碼有前提,前提就是你能夠停止mysql服務。
1)停服務
# /etc/init.d/mysqld stop
2)使用跳過授權表的方式啟動數據庫
# mysqld_safe --skip-grant-tables --user=mysql &
關閉:mysqladmin shutdown
3)匿名登錄
# mysql
4)修改user表
mysql> update user set password='' where user='root' and host='localhost';
5)重啟mysql服務
# /etc/init.d/mysqld restart
6)重設密碼
二、用戶管理
1.創建用戶
語法:create user 用戶名@主機 identified by 密碼;
mysql> create user kebi@localhost identified by '123'; Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec)
2.刪除用戶
語法:drop user 用戶名@主機;
mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | +------+-----------------------+-------------------------------------------+ 6 rows in set (0.00 sec)
3.授權
grant不僅可以用來授權,還可以用來創建用戶;
授權的語法:grant 權限列表 on 庫名.表名 to 用戶@主機 identified by '密碼';
刷新權限:flush privileges;
mysql> grant all on *.* to kebi@'192.168.%.%' identified by '123'; #*.*:所有庫上的所有表; 192.168.%.%:192.168內的所有Ip;123:密碼 Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +------+-----------------------+-------------------------------------------+ | user | host | password | +------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | 192.168.%.% | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec)
mysql> grant select,insert on class_7.* to maoxian@localhost identified by '123'; 授權 讀,寫 在庫 class_7上的所有表 對於 毛線 用123登陸 Query OK, 0 rows affected (0.00 sec) mysql> select user,host,password from user; +---------+-----------------------+-------------------------------------------+ | user | host | password | +---------+-----------------------+-------------------------------------------+ | root | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | kebi | 192.168.%.% | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | maoxian | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | +---------+-----------------------+-------------------------------------------+ 8 rows in set (0.00 sec)
4.查看用戶權限
回收語法:show grants for 用戶@主機;
mysql> show grants for maoxian@localhost; +----------------------------------------------------------------------------------------------------------------+ | Grants for maoxian@localhost | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'maoxian'@'localhost' IDENTIFIED BY PASSWORD '*23AE809DDACAF96AF0FD78ED04B6A265E05AA257' | | GRANT SELECT, INSERT ON `class_7`.* TO 'maoxian'@'localhost' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
5.回收權限
回收權限有兩種方法:刪除用戶和revoke
回收語法: revoke 權限 on 庫名.表名 from 用戶@主機;
mysql> revoke insert,select on *.* from maoxian@localhost; Query OK, 0 rows affected (0.00 sec)
mysql> revoke all on *.* from maoxian@localhost; Query OK, 0 rows affected (0.00 sec)