如何创建和管理 MySQL 相关权限

zoukankan html css js c++ java

如何创建和管理 MySQL 相关权限
MySQL is one of the most popular database management systems. In this tutorial we will cover the steps needed to create new MySQL user and grant permissions to it in CentOS 6.4, Debian or Ubuntu platform.

Requirements
All operation will be executed inside a MySQL prompt with the root user:
mysql -p -u root
You will be prompted to fill in the MySQL root password.

Create a new user

We can create new MySQL user with the following command:
CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';
where:
All MySQL commands are engin with a semicolon (;).

Grant permissions for a user

The next thing that we will have to do is to grant privileges for that user in order to be able to access the MySQL client and to work with the corresponding database/s:
GRANT ALL PRIVILEGES ON database.table TO 'user'@'localhost';
where:
We are allowed to use the asterisk wildcard symbol (*) when we want to grant access to all databases/tables:
GRANT ALL PRIVILEGES ON database.* TO 'user'@'localhost';
or
GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhost';
With the first command we grant all privileges to the MySQL user to all database tables related to the database with name "database".
In the second case access for the user is granted to all databases.

Here is a list of the MySQL privileges which are most commonly used:
这里插入一下如果我们申明 ALL PRIVILEGES 那么所代表的权限将包括:
GRANT SELECT, CREATE, DROP, DELETE, INSERT, UPDATE, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER,
SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT,
CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, USAGE
Here is a sample syntax where only two privileges are granted for the user:
GRANT SELECT, INSERT, DELETE ON database.* TO 'user'@'localhost';
In order for the changes to take effect and the privileges to be saved the following command should be executed at the end:
FLUSH PRIVILEGES;
Remove an existing MySQL user

A MySQL user can be deleted with the following command:
DROP USER 'user'@'localhost'
------------------------------------------------------------------分割线------------------------------------------------------------------

另外补充一点，当我们 drop 掉 user 之后我们将会删除关于该 user 的权限并且删除该账号。

MySQL 的权限是由 user + 生效地址组成的。所以即使使用 revoke 命令撤销某些权限，也需要带上具体生效的地址比如 localhost 比如 % 代表的「所有远程地址」连接。

另外还需要提一点是， MySQL 在授予权限的时候其实是存在两组权限的。

一个是本地权限 localhost 针对本地生效。

另外一个是 % 为代表的远程访问权限。如果需要任何地方包括本地都能访问，需要将两个权限都设置上，才可以实现，这里是一个坑。

e.g.
mysql> GRANT ALL on maxwell.* to 'maxwell'@'%' identified by 'XXXXXX'; mysql> GRANT SELECT, REPLICATION CLIENT, REPLICATION SLAVE on *.* to 'maxwell'@'%'; # or for running maxwell locally: mysql> GRANT SELECT, REPLICATION CLIENT, REPLICATION SLAVE on *.* to 'maxwell'@'localhost' identified by 'XXXXXX'; mysql> GRANT ALL on maxwell.* to 'maxwell'@'localhost';

# if we want block a ip with user

mysql> GRANT USAGE ON *.* TO 'user'@'<blockIP>';
Reference:

https://cloud.tencent.com/developer/article/1056271 MySQL 包含的 29 个权限

https://www.cnblogs.com/richardzhu/p/3318595.html

https://kyup.com/tutorials/create-new-user-grant-permissions-mysql/ How to create a new user and grant permissions in MySQL

http://blog.51cto.com/gfsunny/1554627 浅析mysql主从复制中复制用户的权限管理

https://jaminzhang.github.io/mysql/the-difference-between-localhost-and-127-0-0-1-in-mysql-connection/ MySQL 连接中 localhost 和 127.0.0.1 的区别
查看全文

相关阅读:
MySQL DELAY_KEY_WRITE Option
More on understanding sort_buffer_size
myisam_sort_buffer_size vs sort_buffer_size
share-Nothing原理
 GROUP_CONCAT(expr)
Mysql History list length 值太大引起的问题
 Why is the ibdata1 file continuously growing in MySQL?
洛谷1201 贪婪的送礼者解题报告
 洛谷1303 A*B Problem 解题报告
 洛谷2142 高精度减法解题报告

原文地址：https://www.cnblogs.com/piperck/p/10234238.html

如何创建和管理 MySQL 相关权限

Requirements

Create a new user

Grant permissions for a user

Remove an existing MySQL user