1、進入數據庫,查看數據庫賬戶
# 進入數據庫 mysql –u root –p ---> 輸入密碼... # 使用 mysql 庫 use mysql; # 展示 mysql 庫中所有表 show tables; # 查看數據庫中 用戶地址 和 用戶 select host,user from user;
2、新增用戶
insert into user (Host,User,Password)values('localhost','zhengying',password('123456')); # 查詢驗證用戶新增成功 select host,user from user;
3、查看用戶權限
# 查看 MySQL 數據庫中所有用戶 mysql> select distinct concat('User: ''',user,'''@''',host,''';') as query from mysql.user; +---------------------------------------+ | query | +---------------------------------------+ | User: 'root'@'127.0.0.1'; | | User: ''@'localhost'; | | User: 'evan'@'localhost'; | | User: 'root'@'localhost'; | | User: 'zhengying'@'localhost'; | | User: ''@'localhost.localdomain'; | | User: 'root'@'localhost.localdomain'; | +---------------------------------------+ # 查看 MySQL 數據庫中 zhengying 用戶的權限 mysql> show grants for 'zhengying'@'localhost'; # error 報錯提示 zhengying 用戶沒有權限 ERROR 1141 (42000): There is no such grant defined for user 'zhengying' on host 'localhost'
4、對用戶賦權
- 當 權限1,權限2,權限3,權限n 被 all privileges 或者 all 代替,表示賦予用戶全部權限
- 當 數據庫名稱.表名稱 被 *.* 代替,表示賦予用戶操作服務器上所有數據庫所有表的權限
- 用戶地址可以是 localhost,也可以是 IP 地址,機器名字,域名,還可以用 "%" 表示從任何地址連接
- 連接口令 不能為空,否則創建失敗
mysql> grant 權限1,權限2,…權限n on 數據庫名稱.表名稱 to "用戶名"@"用戶地址" identified by "連接口令";
# 給用戶賦所有權限 mysql> grant all privileges on *.* to "zhengying"@"%" identified by "123456"; # 刷新權限 mysql> flush privileges;
mysql> grant select,insert,update,delete,create,drop on user.t_user to "zhengying"@"localhost" identified by "123456"; # 給本機用戶 zhengying 分配可對數據庫 user 的 t_user 表進行select,insert,update,delete,create,drop 等操作的權限,並設定口令為 123456 # 刷新權限 mysql> flush privileges;
mysql> grant all privileges on user.* to "zhengying"@"localhost" identified by "123456"; # 給本機用戶 zhengying 分配可對數據庫 user 所有表進行所有操作的權限,並設定口令為 123456 # 刷新權限 mysql> flush privileges; # 查看用戶權限 mysql> show grants for 'zhengying'@'localhost'; +-------------------------------------------------------------------------------------------------------------------+ | Grants for zhengying@localhost | +-------------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON `user`.* TO 'zhengying'@'localhost' | +-------------------------------------------------------------------------------------------------------------------+
5、取消用戶權限
- revoke select on *.* from 'evan'@'localhost'; 取消用戶 evan 的 select 權限
- revoke all on *.* from 'evan'@'localhost'; 取消用戶 evan 的所有權限
mysql> show grants for 'evan'@'localhost'; +--------------------------------------------------------------------------------------------------------------+ | Grants for evan@localhost | +--------------------------------------------------------------------------------------------------------------+ | GRANT SELECT ON *.* TO 'evan'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' | +--------------------------------------------------------------------------------------------------------------+ # 取消用戶 evan 的 select 權限 mysql> revoke select on *.* from 'evan'@'localhost'; mysql> flush privileges; mysql> show grants for 'evan'@'localhost'; +-------------------------------------------------------------------------------------------------------------+ | Grants for evan@localhost | +-------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'evan'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' | +-------------------------------------------------------------------------------------------------------------+