mysql 用户和权限管理
首先mysql root用户登录
[root@xx ~]# mysql -u root -p Enter password: 输入密码
切换数据库
mysql> use mysql;
创建一个用户
mysql> insert into user(host,user,password) values ("%","game",password("xxxxx"));
Query OK, 1 row affected, 4 warnings (0.00 sec)
host表示可以进行连接的主机
% 通配符,表示任何主机,允许远程连接时一般这么设置
也可以设置某个ip段: x.x.x.%
localhost表示只能本机连
刷新系统权限
mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)
创建一个数据库
mysql> create database game; Query OK, 1 row affected (0.06 sec)
分配game数据库的所有权限给game用户
mysql> grant all privileges on game.* to game@"%" identified by 'xxxx'; Query OK, 0 rows affected (0.00 sec)
all 表示dba权限 包括 select, insert, update, delete,create,alter,execute …
game.*表示game下的所有对象,也可以 *.*表示所有数据库对象
如果想指定部分权限给一用户,可以这样来写:
mysql>grant select,update on game.* to game@localhost identified by 'xxxx';
刷新系统权限
mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)
这是game用户可以远程连接game数据库
修改指定用户密码
mysql>update mysql.user set password=password('新密码') where
User="game" and Host="%";
删除指定用户
mysql>DELETE FROM user WHERE User="game" and Host="localhost"; mysql>flush privileges;
查看用户权限
mysql> show grants for game; +-----------------------------------------------------------------------------------------------------+ | Grants for game@% | +-----------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'game'@'%' IDENTIFIED BY PASSWORD '*6830234338985B955032067DE689AFC3ECD27EEA' | | GRANT ALL PRIVILEGES ON `game`.* TO 'game'@'%' | +-----------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
收回用户权限
revoke all on game.* from game@%;
分配权限是 grant 权限 to 用户,收回是revoke 权限 from 用户。
修改用户或用户相关的权限等,都要执行flush privileges才生效
mysql> quit
Bye
