-
Property Value Command-Line Format --skip-grant-tables[={OFF|ON}]Type Boolean Default Value OFFThis option affects the server startup sequence:
-
--skip-grant-tablescauses the server not to read the grant tables in themysqlsystem schema, and thus to start without using the privilege system at all. This gives anyone with access to the server unrestricted access to all databases.To cause a server started with
--skip-grant-tablesto load the grant tables at runtime, perform a privilege-flushing operation, which can be done in these ways:-
Issue a MySQL
FLUSH PRIVILEGESstatement after connecting to the server. -
Execute a mysqladmin flush-privileges or mysqladmin reload command from the command line.
Privilege flushing might also occur implicitly as a result of other actions performed after startup, thus causing the server to start using the grant tables. For example, mysql_upgrade flushes the privileges during the upgrade procedure.
-
-
In addition to causing the startup sequence not to load the grant tables,
--skip-grant-tablescauses the server not to load certain other objects stored in themysqlsystem schema: plugins that were installed with theINSTALL PLUGINstatement, scheduled events, and user-defined functions (UDFs). To cause plugins to be loaded anyway, use the--plugin-loador--plugin-load-addoption.--skip-grant-tablesdoes not suppress loading of server components during startup. -
--skip-grant-tablesdisables failed-login tracking and temporary account locking because those capabilities depend on the grant tables. See Section 6.2.15, “Password Management”. -
--skip-grant-tablescauses thedisabled_storage_enginessystem variable to have no effect.
Because starting the server with
--skip-grant-tablesdisables authentication checks, the server also disables remote connections in that case by enablingskip_networking. -
-
Property Value Command-Line Format --skip-networking[={OFF|ON}]System Variable skip_networkingScope Global Dynamic No SET_VARHint AppliesNo Type Boolean Default Value OFFThis variable controls whether the server permits TCP/IP connections. By default, it is disabled (permit TCP connections). If enabled, the server permits only local (non-TCP/IP) connections and all interaction with mysqld must be made using named pipes or shared memory (on Windows) or Unix socket files (on Unix). This option is highly recommended for systems where only local clients are permitted. See Section 8.12.4.2, “DNS Lookup Optimization and the Host Cache”.
Because starting the server with
--skip-grant-tablesdisables authentication checks, the server also disables remote connections in that case by enablingskip_networking.
----------------------------------------------------------------------------------------------------------------------------------------------------------
大意:skip-grant-tables 啟用后有幾個后果:
- 權限系統沒了,任何人都是最高權限!
- 插件系統沒了
- 計划調度沒了
- 用戶定義函數沒了
- 失敗登錄跟蹤沒了
- 臨時賬號鎖定沒了
- disabled-storage-engines系統變量失效了
- TCP/IP網絡訪問沒了!相當於強制實施skip-networking! 坑!坑!坑!
----------------------------------------------------------------------------------------------------------------------------------------------------------
萬一你使用了skip-grant-tables,怎么在不重啟mysqld的情況下,立即使用權限系統呢?
- 直接執行flush privileges這個sql語句
- 通過管理工具 mysqladmin flush-privileges
- 通過管理工具mysqladmin reload
- 通過升級工具mysql_upgrade
----------------------------------------------------------------------------------------------------------------------------------------------------------
如何在使用了skip-grant-tablesd的情況下,使用插件系統呢?
- plugin-load選項
- plugin-load-add選項