用户管理
创建
举例
mysql> create user test@localhost identified by 'password';
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host,password from mysql.user where user='test';
+------+-----------+-------------------------------------------+
| user | host | password |
+------+-----------+-------------------------------------------+
| test | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-----------+-------------------------------------------+
1 row in set (0.00 sec)
设置与更改用户密码
举例一
mysql> set password for test@localhost =password('redhat');
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host,password from mysql.user where user='test';
+------+-----------+-------------------------------------------+
| user | host | password |
+------+-----------+-------------------------------------------+
| test | localhost | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+------+-----------+-------------------------------------------+
1 row in set (0.00 sec)
举例二
mysql> update mysql.user set password=password('password') where user='test'and host='localhost';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select user,host,password from mysql.user where user='test';
+------+-----------+-------------------------------------------+
| user | host | password |
+------+-----------+-------------------------------------------+
| test | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-----------+-------------------------------------------+
1 row in set (0.00 sec)
删除用户
举例一
mysql> select user,host,password from mysql.user;
+------+-------------+-------------------------------------------+
| user | host | password |
+------+-------------+-------------------------------------------+
| root | localhost | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| root | node3 | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| root | 127.0.0.1 | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| root | 192.168.%.% | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| test | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-------------+-------------------------------------------+
5 rows in set (0.00 sec)
mysql> drop user root@node3;
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host,password from mysql.user;
+------+-------------+-------------------------------------------+
| user | host | password |
+------+-------------+-------------------------------------------+
| root | localhost | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| root | 127.0.0.1 | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| root | 192.168.%.% | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| test | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-------------+-------------------------------------------+
4 rows in set (0.04 sec)
举例二
mysql> delete from mysql.user where user='root' and host='127.0.0.1';
Query OK, 1 row affected (0.00 sec)
mysql> select user,host,password from mysql.user;
+------+-------------+-------------------------------------------+
| user | host | password |
+------+-------------+-------------------------------------------+
| root | localhost | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| root | 192.168.%.% | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| test | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-------------+-------------------------------------------+
3 rows in set (0.00 sec)
用户授权
语法
priv_type [(column_list)]
[, priv_type [(column_list)]] ...
ON [object_type] priv_level
TO user_specification [, user_specification] ...
[REQUIRE {NONE | tsl_option [[AND] tsl_option] ...}]
[WITH {GRANT OPTION | resource_option} ...]
priv_level:
- * //所有
- *.* //所有库的所有对象
- db_name.* //指定库的所有对象
- db_name.tbl_name //指定库的指定表
- tbl_name //指定表
- db_name.routine_name //指定库的存储历程,包括存储过程和存储函数
举例一
mysql> grant all privileges on study.* to 'test'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'test'@'localhost';
+-------------------------------------------------------------------------------------------------------------+
| Grants for test@localhost |
+-------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'test'@'localhost' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' |
| GRANT ALL PRIVILEGES ON `study`.* TO 'test'@'localhost' |
+-------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
说明: privileges 用户的操作权限,如SELECT , INSERT , UPDATE 等。如果要授予所的权限则使用ALL。
举例二
mysql> grant all privileges on study.* to 'test'@'localhost' with grant option;
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'test'@'localhost';
+-------------------------------------------------------------------------------------------------------------+
| Grants for test@localhost |
+-------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'test'@'localhost' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' |
| GRANT ALL PRIVILEGES ON `study`.* TO 'test'@'localhost' WITH GRANT OPTION |
+-------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
例子一命令授权的用户不能给其它用户授权,如果想让该用户可以授权,用例子二命令。
举例三
mysql> grant all privileges on study.* to 'study'@'localhost' identified by 'password';
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host,password from mysql.user where user='study';
+-------+-----------+-------------------------------------------+
| user | host | password |
+-------+-----------+-------------------------------------------+
| study | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+-------+-----------+-------------------------------------------+
1 row in set (0.00 sec)
mysql> show grants for 'study'@'localhost';
+--------------------------------------------------------------------------------------------------------------+
| Grants for study@localhost |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'study'@'localhost' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' |
| GRANT ALL PRIVILEGES ON `study`.* TO 'study'@'localhost' |
+--------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
我们还可以在用户创建时就赋予其权限。
撤销权限
举例
mysql> revoke all privileges on study.* from 'study'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'study'@'localhost';
+--------------------------------------------------------------------------------------------------------------+
| Grants for study@localhost |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'study'@'localhost' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' |
+--------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
扩展:
http://blog.csdn.net/ithomer/article/details/5131863
http://www.cnblogs.com/hateislove214/archive/2010/11/05/1869889.html