mysql 8.0 创建新的数据库、用户并授权,以及相关查看并删除操作

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了mysql 8.0 创建新的数据库、用户并授权,以及相关查看并删除操作相关的知识,希望对你有一定的参考价值。

参考技术A

以创建wordpress网站的数据库为例

1、创建数据库

创建可指定字符,或者不指定字符,如果不指定字符,默认为 utf8mb4 和 utf8mb4_0900_ai_ci


2、创建用户

可自行指定用户可访问的IP地址范围。

3、授权用户


4、直接一步到位

或者 这种方法 :创建并授权用户,是二和三的合并。

1、查看数据库

show databases可查询所有存在的数据库

2、查看用户信息

用户信息在系统数据库mysql中的user表中。密码查询不会显示明文密码,而是显示为加密后的密文。

3、查看用户权限

有两种方式查看。

第一种方式 : show grants for \'userwordpress\';

第二种方式: select * from mysql.user where user=\'userwordpress\'G;

g 相当于’;’

G使每个字段打印到单独的行,也有 ’;\' 的作用

只能查出哪个数据库的哪张表的权限,如查userwordpress在mysql数据库的user表的权限,显示都是N(no),没有权限,如果查root用户就都是Y(yes)选择了。

用drop而非delete,简单的区分就是,drop是删除【表】,truncate与delete则是删除表中【记录】。

删除用户

同理,删除数据库

用drop删除时,会有确认信息,为了防止误删。(删库跑路,请谨慎操作)

MySQL的授权

grant 授权

            什么是用户授权:在数据库服务器上添加新的连接用户,并设置权限和密码。
           

             为什么要用授权:如果没有授权用户,那么只能有root用户在本机登陆数据库,其它用户无法登陆。
                                        没有授权时,其它主机也无法访问数据库。

 

             指令格式:

                          mysql> grant  权限列表  on  库名  to  用户名@"客户端地址"  identified by "密码" ;

                         权限列表:

 

                                      all       所有权限
                                      usage  只能连接上数据库,没有任何权限
                                      select,update,inseret ...    个别权限,这个权限对所有字段有效
                                      select,update(字段1,字段2...)   只能对指定的字段有相应的权                     

                         库名:
                                      *.*              所有库所有表
                                     库名.*         一个库
                                     库名.表名   一张表

                        用户名:
                                      授权时可以自定义,要有标识性,容易记,可以名中看出用途存储在mysql库的user表里

                        客户端地址:
                                      % 表示互联网上的所有主机0
                                      192.168.4.% 网段内的所有主机
                                      192.168.4.1 1台主机
                                       localhost 数据库服务器本机

授权举例1:
       添加admin用户,允许从192.168.4.0/24网段连接,对db3库的user表有查询权限,密码为123456
mysql> grant  select on db3.user to admin@"192.168.4.%" identified by "123456";

授权举例2: 添加admin2,允许从本机连接,允许以db3库的所有表有 查询,更新,插入删除记录权限,密码为123456 mysql
> grant select ,insert,update,delete on db3.* to admin2@"localhost" identified by "123456";

 

授权库

 

grant授权的信息是保存在授权库中的,mysql库记录了授权信息,主要的表如下:
                     user                 记录已有的授权用户及权限
                     db                    记录已有授权用户对数据库的访问权限
                     tables_priv      记录已有授权用户对表的访问权限
                     columns_priv  记录已有授权用户对字段的访问权限

一 查看当前columns_priv,tables_priv,db,user表中的授权用户

mysql> select user,host,db,table_name,column_name from mysql.columns_priv; Empty set (0.00 sec) #columns_priv表当前为空,说明当前数据库没有真对某些字段的授权
mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+-----+------------+ #tables_priv表中只有系统默认的授权用户msyql.sys | user | host | db | table_name | +-----------+-----------+-----+------------+ | mysql.sys | localhost | sys | sys_config | +-----------+-----------+-----+------------+ mysql> select user,host,db from mysql.db; +-----------+-----------+-----+ #db表中也是系统默认授权用户mysql.sys | user | host | db | +-----------+-----------+-----+ | mysql.sys | localhost | sys | +-----------+-----------+-----+ mysql> select user,host from mysql.user; +-----------+-----------+ #user表中有系统默认用户mysql.sys和root | user | host | +-----------+-----------+ | mysql.sys | localhost | | root | localhost | +-----------+-----------+
二 添加真对school.student表中“学号”,“姓名”,“性别”这三个字段的授权用户col_user
mysql
> grant select,update(学号,姓名,性别),insert on school.student to col_user@% identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#在columns_priv表中查看授权用户,每条记录是一个授权字段
+----------+------+--------+------------+-------------+ | user | host | db | table_name | column_name | +----------+------+--------+------------+-------------+ | col_user | % | school | student | 姓名 | | col_user | % | school | student | 学号 | | col_user | % | school | student | 性别 | +----------+------+--------+------------+-------------+ mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+ #在tables_priv表中也可以看到该用户对school.student表有访问权限 | user | host | db | table_name | #具体权限需要用show grants查看 +-----------+-----------+--------+------------+ | col_user | % | school | student | | mysql.sys | localhost | sys | sys_config | +-----------+-----------+--------+------------+

mysql> show grants for col_user@‘%‘;                 #通过show grants查看col_user对school.student的具体权限
+-----------------------------------------------------------------------------------------------+
| Grants for col_user@%                                                                         |
+-----------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO ‘col_user‘@‘%‘                                                          |
| GRANT SELECT, INSERT, UPDATE (性别, 学号, 姓名) ON `school`.`student` TO ‘col_user‘@‘%‘         |
+-----------------------------------------------------------------------------------------------+

mysql> select user,host,db from mysql.db;
+-----------+-----------+-----+                     #db表中看不到该用户
| user      | host      | db  |
+-----------+-----------+-----+
| mysql.sys | localhost | sys |
+-----------+-----------+-----+

mysql> select user,host  from mysql.user;
+-----------+-----------+                           #在user表中可以看到该用户
| user      | host      |
+-----------+-----------+
| col_user  | %         |
| mysql.sys | localhost |
| root      | localhost |
+-----------+-----------+
mysql> 


三 添加授权用户tab_user1,tab_user2对表school.teacher,school.student的访问权限
mysql
> grant all on school.teacher to tab_user1@% identified by "123456"; mysql> grant select on school.student to tab_user2@% identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#colunm_priv表中授权记录的用户没有变化
+----------+------+--------+------------+-------------+ | user | host | db | table_name | column_name | +----------+------+--------+------------+-------------+ | col_user | % | school | student | 姓名 | | col_user | % | school | student | 学号 | | col_user | % | school | student | 性别 | +----------+------+--------+------------+-------------+ #tables_priv表中可以看到tab_user1,tab_user2用户 mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+ | user | host | db | table_name | +-----------+-----------+--------+------------+ | col_user | % | school | student | | tab_user1 | % | school | teacher | | tab_user2 | % | school | student | | mysql.sys | localhost | sys | sys_config | +-----------+-----------+--------+------------+ mysql> show grants for tab_user1@%; #通过show grants可以看出tab_user1,tab_user2的具体授权权限 +---------------------------------------------------------------+ | Grants for tab_user1@% | +---------------------------------------------------------------+ | GRANT USAGE ON *.* TO tab_user1@% | | GRANT ALL PRIVILEGES ON `school`.`teacher` TO tab_user1@% | +---------------------------------------------------------------+ mysql> show grants for tab_user2@%; +-------------------------------------------------------+ | Grants for tab_user2@% | +-------------------------------------------------------+ | GRANT USAGE ON *.* TO tab_user2@% | | GRANT SELECT ON `school`.`student` TO tab_user2@% | +-------------------------------------------------------+ mysql> select user,host,db from mysql.db; #db表中没有变化 +-----------+-----------+-----+ | user | host | db | +-----------+-----------+-----+ | mysql.sys | localhost | sys | +-----------+-----------+-----+ mysql> select user,host from mysql.user; #user表中可以看到tab_user1,tab_user2 +-----------+-----------+ | user | host | +-----------+-----------+ | col_user | % | | tab_user1 | % | | tab_user2 | % | | mysql.sys | localhost | | root | localhost | +-----------+-----------+ mysql>

四 添加授权用户db_user1,db_user2用户对库school,school2的访问权限
mysql
> grant all on school.* to db_user1@% identified by "123456"; mysql> grant select on school2.* to db_user2@% identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv;
#只要没有对任意表中字段的授权,column_priv表不会有变化
+----------+------+--------+------------+-------------+ | user | host | db | table_name | column_name | +----------+------+--------+------------+-------------+ | col_user | % | school | student | 姓名 | | col_user | % | school | student | 学号 | | col_user | % | school | student | 性别 | +----------+------+--------+------------+-------------+ mysql> select user,host,db,table_name from mysql.tables_priv;
#添加了真对库的授权用户,没有对表的授权用户所以db表中也不会变化
+-----------+-----------+--------+------------+ | user | host | db | table_name | +-----------+-----------+--------+------------+ | col_user | % | school | student | | tab_user1 | % | school | teacher | | tab_user2 | % | school | student | | mysql.sys | localhost | sys | sys_config | +-----------+-----------+--------+------------+ mysql> select user,host,db from mysql.db; #db表中可以看到添加的授权用户 +-----------+-----------+---------+ | user | host | db | +-----------+-----------+---------+ | db_user1 | % | school | | db_user2 | % | school2 | | mysql.sys | localhost | sys | +-----------+-----------+---------+ mysql> select user,host from mysql.user; #只要添加了授权用户user表中都会有记录 +-----------+-----------+ | user | host | +-----------+-----------+ | col_user | % | | db_user1 | % | | db_user2 | % | | tab_user1 | % | | tab_user2 | % | | mysql.sys | localhost | | root | localhost | +-----------+-----------+ mysql> 五 添加授权用户user对所有库和表有访问权限
mysql
> grant all on *.* to user@% identified by "123456"; mysql> select user,host,db,table_name,column_name from mysql.columns_priv; +----------+------+--------+------------+-------------+ | user | host | db | table_name | column_name | +----------+------+--------+------------+-------------+ | col_user | % | school | student | 姓名 | | col_user | % | school | student | 学号 | | col_user | % | school | student | 性别 | +----------+------+--------+------------+-------------+ 3 rows in set (0.00 sec) mysql> select user,host,db,table_name from mysql.tables_priv; +-----------+-----------+--------+------------+ | user | host | db | table_name | +-----------+-----------+--------+------------+ | col_user | % | school | student | | tab_user1 | % | school | teacher | | tab_user2 | % | school | student | | mysql.sys | localhost | sys | sys_config | +-----------+-----------+--------+------------+ 4 rows in set (0.01 sec) mysql> select user,host,db from mysql.db; +-----------+-----------+---------+ | user | host | db | +-----------+-----------+---------+ | db_user1 | % | school | | db_user2 | % | school2 | | mysql.sys | localhost | sys | +-----------+-----------+---------+ 3 rows in set (0.00 sec) mysql> select user,host from mysql.user; #只有在user表中可以看到use_user +-----------+-----------+ | user | host | +-----------+-----------+ | col_user | % | | db_user1 | % | | db_user2 | % | | tab_user1 | % | | tab_user2 | % | | use_user | % | | mysql.sys | localhost | | root | localhost | +-----------+-----------+ mysql>

 

以上是关于mysql 8.0 创建新的数据库、用户并授权,以及相关查看并删除操作的主要内容,如果未能解决你的问题,请参考以下文章

mysql 8.0 错误The server requested authentication method unknown to the client

MySQL8.0以上版本创建用户并授权远程连接

如何安装MySQL8.0创建用户并授权的详细步骤

MySQL_8.0与5.7区别之账户与安全

如何给MySql创建连接用户并授权

【mongoDB】mongoDB创建业务库、用户并授权