您现在的位置是:首页 >技术杂谈 >MySQL 用户管理网站首页技术杂谈

MySQL 用户管理

原来45 2024-06-21 00:01:02
简介MySQL 用户管理

目录

用户管理

用户

用户信息

创建用户

删除用户

修改用户密码

数据库的权限

给用户 

注意:如果发现赋权限后,没有生效,执行如下指令:

回收权限

用户管理

如果我们只能使用 root 用户,这样存在安全隐患。这时,就需要使用 MySQL 的用户管理。

用户

用户信息

MySQL 中的用户,都存储在系统数据库 mysql user
mysql> use mysql;
Database changed
mysql> select host,user,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | * 81 F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql .session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql .sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+-----------+---------------+-------------------------------------------+
-- 可以通过 desc user 初步查看一下表结构
字段解释:
  • host表示这个用户可以从哪个主机登陆,如果是localhost,表示只能从本机登陆
  • user用户名
  • authentication_string用户密码通过password函数(比md5更安全)加密后的
  • *_priv用户拥有的权限

创建用户

语法:
create user ' 用户名 ' @ ' 登陆主机 /ip' identified by ' 密码 ' ;
案例:       
mysql> create user 'lml' @ 'localhost' identified by '12345678'
Query OK, 0 rows affected ( 0.06 sec)
mysql> select user,host,authentication_string from user;
+---------------+-----------+-------------------------------------------+
| user | host | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | % | *A2F7C9D334175DE9AF4DB4F5473E0BD0F5FA9E75 |
| mysql .session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql .sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| lml| localhost | * 84 AAC12F54AB666ECFC2A83C676908C8BBC381B1 | -- 新增用户
+---------------+-----------+-------------------------------------------+
4 rows in set ( 0.00 sec)
-- 此时便可以使用新账号新密码进行登陆啦
-- 备注:可能实际在设置密码的时候,因为 mysql 本身的认证等级比较高,一些简单的密码无法设置,会爆出如下报错:
-- ERROR 1819 (HY000): Your password does not satisfy the current policy
requirements
-- 查看密码设置相关要求: SHOW VARIABLES LIKE 'validate_password%';
-- 关于新增用户这里,需要大家注意,不要轻易添加一个可以从任意地方登陆的 user。

删除用户

语法:
drop user ' 用户名 ' @ ' 主机名'
示例:
mysql> select user,host,authentication_string from user;
+---------------+-----------+-------------------------------------------+
| user | host | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | % | *A2F7C9D334175DE9AF4DB4F5473E0BD0F5FA9E75 |
| mysql .session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql .sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| lml| localhost | * 84 AAC12F54AB666ECFC2A83C676908C8BBC381B1 |
+---------------+-----------+-------------------------------------------+
4 rows in set ( 0.00 sec)
mysql> drop user whb; -- 尝试删除
ERROR 1396 (HY000): Operation DROP USER failed for 'lml' @ '%' -- <= 直接给个用户名,不能删除,它默认是% ,表示所有地方可以登陆的用户
mysql> drop user 'whb' @ 'localhost' ; -- 删除用户
Query OK, 0 rows affected ( 0.00 sec)
mysql> select user,host,authentication_string from user;
+---------------+-----------+-------------------------------------------+
| user | host | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | % | *A2F7C9D334175DE9AF4DB4F5473E0BD0F5FA9E75 |
| mysql .session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql .sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+---------------+-----------+-------------------------------------------+
3 rows in set ( 0.00 sec)

修改用户密码

语法:
自己改自己密码:
set password=password( ' 新的密码 ' );
root 用户修改指定用户的密码:
set password for ' 用户名 ' @ ' 主机名 ' =password( ' 新的密码 ' );
mysql> select host,user, authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| % | root | *A2F7C9D334175DE9AF4DB4F5473E0BD0F5FA9E75 |
| localhost | mysql .session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql .sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | lml | * 84 AAC12F54AB666ECFC2A83C676908C8BBC381B1 |
+-----------+---------------+-------------------------------------------+
4 rows in set ( 0.00 sec)
mysql> set password for 'lml' @ 'localhost' =password( '87654321' );
Query OK, 0 rows affected, 1 warning ( 0.00 sec)
mysql> select host,user, authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| % | root | *A2F7C9D334175DE9AF4DB4F5473E0BD0F5FA9E75 |
| localhost | mysql .session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql .sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | whb | * 5 D24C4D94238E65A6407DFAB95AA4EA97CA2B199 |
+-----------+---------------+-------------------------------------------+
4 rows in set ( 0.00 sec)

数据库的权限

MySQL 数据库提供的权限列表:

给用户 

刚创建的用户没有任何权限。需要给用户授权。

语法: 

grant 权限列表 on . 对象名 to ' 用户名 ' @ ' 登陆位置 ' [identified by ' 密码 ' ]
说明:
权限列表,多个权限用逗号分开
grant select on ...
grant select , delete , create on ....
grant all [privileges] on ... -- 表示赋予该用户在该对象上的所有权限'
  • *.* : 代表本系统中的所有数据库的所有对象(表,视图,存储过程等)。
  • .* : 表示某个数据库中的所有数据对象(表,视图,存储过程等)。
  • identified by可选。 如果用户存在,赋予权限的同时修改密码,如果该用户不存在,就是创建用户。

案例:

-- 使用 root 账号
-- 终端 A
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| 57 test |
| bit_index |
| ccdata_pro |
| innodb_test |
| musicserver |
| myisam_test |
| mysql |
| order_sys |
| performance_schema |
| scott |
| sys |
| test |
| vod_system |
+--------------------+
14 rows in set ( 0.00 sec)
mysql> use test;
Database changed
mysql> show tables;
+----------------+
| Tables_in_test |
+----------------+
| account |
| student |
| user |
+----------------+
3 rows in set ( 0.01 sec)
-- 给用户lml 赋予 test 数据库下所有文件的 select 权限
mysql> grant select on test.* to 'lml' @ 'localhost' ;
Query OK, 0 rows affected ( 0.01 sec)
-- 使用 whb 账号
-- 终端 B
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set ( 0.00 sec)
-- 暂停等 root 用户给lml 赋完权之后,在查看
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test | -- 赋完权之后,就能看到新的表
+--------------------+
2 rows in set ( 0.01 sec)
mysql> use test;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+----------------+
| Tables_in_test |
+----------------+
| account |
| student |
| user |
+----------------+
3 rows in set ( 0.00 sec)
mysql> select * from account;
+----+--------+---------+
| id | name | blance |
+----+--------+---------+
| 2 | 李四 | 321.00 |
| 3 | 王五 | 5432.00 |
| 4 | 赵六 | 543.90 |
| 5 | 赵六 | 543.90 |
+----+--------+---------+
4 rows in set ( 0.00 sec)
-- 没有删除权限
mysql> delete from account;
ERROR 1142 ( 42000 ): DELETE command denied to user 'lml' @ 'localhost' for table 'account'
备注:特定用户现有查看权限
mysql> show grants for 'lml' @ '%' ;
+-----------------------------------------------+
| Grants for whb@% |
+-----------------------------------------------+
| GRANT USAGE ON *.* TO 'lml' @ '%' |
| GRANT ALL PRIVILEGES ON `test`.* TO 'lml' @ '%' |
+-----------------------------------------------+
2 rows in set ( 0.00 sec)
mysql> show grants for 'root' @ '%' ;
+-------------------------------------------------------------+
| Grants for root@% |
+-------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root' @ '%' WITH GRANT OPTION |
+-------------------------------------------------------------+
1 row in set ( 0.00 sec)

注意:如果发现赋权限后,没有生效,执行如下指令:

flush privileges;

回收权限

语法:
revoke 权限列表 on . 对象名 from ' 用户名 ' @ ' 登陆位置 '
示例:
-- 回收lml test 数据库的所有权限
--root 身份,终端 A
mysql> revoke all on test.* from 'lml' @ 'localhost' ;
Query OK, 0 rows affected ( 0.00 sec)
--lml 身份,终端 B
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
+--------------------+
2 rows in set ( 0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set ( 0.00 sec)
风语者!平时喜欢研究各种技术,目前在从事后端开发工作,热爱生活、热爱工作。

站长推荐