mysql 用户管理
目录
用户
创建用户
删除用户
修改密码
权限管理
赋权
查看权限
插销权限
总结
用户
mysql 的用户都存在于系统数据库 mysql 的user 表中
mysql> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| engine_cost |
| event |
| func |
| general_log |
| gtid_executed |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| innodb_index_stats |
| innodb_table_stats |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| server_cost |
| servers |
| slave_master_info |
| slave_relay_log_info |
| slave_worker_info |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
31 rows in set (0.00 sec)
拿出来一个用户查看
mysql> select * from user\G
*************************** 1. row ***************************Host: localhostUser: rootSelect_priv: YInsert_priv: YUpdate_priv: YDelete_priv: YCreate_priv: YDrop_priv: YReload_priv: YShutdown_priv: YProcess_priv: YFile_priv: YGrant_priv: YReferences_priv: YIndex_priv: YAlter_priv: YShow_db_priv: YSuper_priv: YCreate_tmp_table_priv: YLock_tables_priv: YExecute_priv: YRepl_slave_priv: YRepl_client_priv: YCreate_view_priv: YShow_view_priv: YCreate_routine_priv: YAlter_routine_priv: YCreate_user_priv: YEvent_priv: YTrigger_priv: Y
Create_tablespace_priv: Yssl_type: ssl_cipher: x509_issuer: x509_subject: max_questions: 0max_updates: 0max_connections: 0max_user_connections: 0plugin: mysql_native_passwordauthentication_string: *C76CBE83DA6FF179BA7913855C5DB371E756B93Cpassword_expired: Npassword_last_changed: 2023-05-22 17:48:27password_lifetime: NULLaccount_locked: N
-
HOST:主机
-
USER:用户
-
authentication_string:密码
-
*priv:权限
创建用户
create user 'user_name'@'登录主机/ip' identified by '密码';案例
mysql> create user 'lxy'@'localhost' identified by '**********';
Query OK, 0 rows affected (0.00 sec)
mysql> select USER,HOST, authentication_string from user;
+---------------+-----------+-------------------------------------------+
| USER | HOST | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | localhost | *C76CBE83DA6FF179BA7913855C5DB371E756B93C |
| mysql.session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| lxy | localhost | *DF38BD36AAEA7091B73F02080EC9C196049763E7 |
+---------------+-----------+-------------------------------------------+
4 rows in set (0.00 sec)-
localhost:表示本主机
-
%:表示任意主机
-
还可以直接加 ip
删除用户
drop user '用户名'@'登录主机';案例
mysql> drop user 'lxy'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> select USER,HOST, authentication_string from user;
+---------------+-----------+-------------------------------------------+
| USER | HOST | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | localhost | *C76CBE83DA6FF179BA7913855C5DB371E756B93C |
| mysql.session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+---------------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)删除成功了
修改密码
修改密码有两种
-
自己修改
set password=password('密码'); -
root修改
set password for '用户名'@'登陆主机'=password('密码');
上面修改密码就不演示了
权限管理
数据库的权限列表
| 权限 | 列 | 上下文 |
|---|---|---|
| CREATE | Create_priv | 数据库、表或索引 |
| DROP | Drop_priv | 数据库或表 |
| GRANT OPTION | Grant_priv | 数据库、表或保存的程序 |
| REFERENCES | References_priv | 数据库或表 |
| ALTER | Alter_priv | 表 |
| DELETE | Delete_priv | 表 |
| INDEX | Index_priv | 表 |
| INSERT | Insert_priv | 表 |
| SELECT | Select_priv | 表 |
| UPDATE | Update priv | 表 |
| CREATE VIEW | Create view_priv | 视图 |
| SHOW VIEW | Show_view_priv | 视图 |
| ALTER ROUTINE | Alter_routine_priv | 保存的程序 |
| CREATE ROUTINE | create_routine priv | 保存的程序 |
| EXECUTE | Execute priv | 保存的程序 |
| FILE | File priv | 服务器主机上的文件访问 |
| CREATE TEMPORARY TABLES | Create_tmp_table_priv | 服务器管理 |
| LOCK TABLES | Lock_tables_priv | 服务器管理 |
| CREATE USER | create user_priv | 服务器管理 |
| PROCESS | Process_priv | 服务器管理 |
| RELOAD | Reload priv | 服务器管理 |
| REPLICATION CLIENT | Repl_client_priv | 服务器管理 |
| REPLICATION SLAVE | Repl slave priv | 服务器管理 |
| SHOW DATABASES | Show_db_priv | 服务器管理 |
| SHUTDOWN | Shutdown priv | 服务器管理 |
| SUPER | Super_priv | 服务器管理 |
赋权
grant 权限列表 on 数据库.表名 to '用户名'@'登陆主机' [identified by '密码']虽然可以在赋权的时候设置密码,但是这里建议在创建用户的时候就把密码设置好
案例
mysql> grant select,insert on scott.* to 'lxy'@'%';
Query OK, 0 rows affected (0.00 sec)查看权限
show grants for '用户名'@'登陆主机';案例
mysql> show grants for 'lxy'@'%';
+------------------------------------------------+
| Grants for lxy@% |
+------------------------------------------------+
| GRANT USAGE ON *.* TO 'lxy'@'%' |
| GRANT SELECT, INSERT ON `scott`.* TO 'lxy'@'%' |
+------------------------------------------------+
2 rows in set (0.00 sec)这里查看到正是我们赋的权限
插销权限
revoke 权限列表 on 数据库.表名 from '用户名'@'登陆主机';案例
mysql> revoke select on scott.* from 'lxy'@'%';
Query OK, 0 rows affected (0.00 sec)mysql> show grants for 'lxy'@'%';
+----------------------------------------+
| Grants for lxy@% |
+----------------------------------------+
| GRANT USAGE ON *.* TO 'lxy'@'%' |
| GRANT INSERT ON `scott`.* TO 'lxy'@'%' |
+----------------------------------------+
2 rows in set (0.00 sec)这里看到 select 就被回收了
-
如果像赋所有权限,那么就是all
-
grant all on 数据库.表名 to '用户名'@'登陆主机'; -
如果像给所有库那么就是 *,如果想给库中所有表那么也是 *
总结
- 前面我们的所有操作不管是创建用户或者是删除用户,甚至是修改密码本质都是对mysql里面的 user 表操作
- 所以我们前面学习过的 CURD 操作都可以直接使用到user 表这里
- 但是并不建议这样做