企业是怎么给MYSQL赋予用户权限

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了企业是怎么给MYSQL赋予用户权限相关的知识,希望对你有一定的参考价值。

mysql创建用户及赋予用户权限

运维人员常用的方法:

mysql> grant all  on xiaohu.* to ‘[email protected]‘ identified by ‘123.com‘;

                     库.表

Query OK, 0 rows affected (0.01 sec)


grant语法

grant all privileges on dbname.* to [email protected] identified by ‘password‘


比如创建boy的用户,对qiqi库具备所有权限,允许从localhost主机登录管理数据库,密码是123.com

mysql> grant all   privileges on qiqi.* to [email protected] identified by ‘123.com‘;

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges; 刷新权限

Query OK, 0 rows affected (0.00 sec)


mysql> select user,host from mysql.user;

+----------------+-----------------+

| user           | host            |

+----------------+-----------------+

| [email protected] | %               |

| root           | 127.0.0.1       |

|                | localhost       |

| boy            | localhost       |

| root           | localhost       |

|                | master.test.com |

| root           | master.test.com |

+----------------+-----------------+

7 rows in set (0.00 sec)



mysql> show grants for [email protected]; 查看权限

+------------------------------------------------------------------------------------------------------------+

| Grants for [email protected]                                                                                   |

+------------------------------------------------------------------------------------------------------------+

| GRANT USAGE ON *.* TO ‘boy‘@‘localhost‘ IDENTIFIED BY PASSWORD ‘*AC241830FFDDC8943AB31CBD47D758E79F7953EA‘ |

| GRANT ALL PRIVILEGES ON `qiqi`.* TO ‘boy‘@‘localhost‘    对qiqi库有创建权限                                                  |

+------------------------------------------------------------------------------------------------------------+

2 rows in set (0.00 sec)



MYSQL用户可以授权的权限:


上面提到了boy有all的权限 怎么收回?

revoke 收回权限 语法

revoke instrt on *.* from ‘boy‘@‘localhost‘;


mysql> revoke insert on qiqi.* 注意一定要看看给哪个库收权限  from ‘boy‘@‘localhost‘;

Query OK, 0 rows affected (0.00 sec)


mysql> show grants for [email protected];

+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

| Grants for [email protected]                                                                                                                                                                                                    |

+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

| GRANT USAGE ON *.* TO ‘boy‘@‘localhost‘ IDENTIFIED BY PASSWORD ‘*AC241830FFDDC8943AB31CBD47D758E79F7953EA‘                                                                                                                  |

| GRANT SELECT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `qiqi`.* TO ‘boy‘@‘localhost‘ |

+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

上面是GRANT 的权限

2 rows in set (0.00 sec)



企业生产环境是如何授权的?

1博客,CMS等产品数据库授权:

如web连接用户尽量采用最小化原则,如select(查询)insert(插入)update(修改)delete(删除)还需要create,drop的权限

生成数据表后一定要权限收回

revoke  insert on  *.*  from  ‘boy‘@localhost’


以上是关于企业是怎么给MYSQL赋予用户权限的主要内容,如果未能解决你的问题,请参考以下文章

mysql 怎么给单个帐号赋予多个库的访问权限?

Mysql创建新用户并赋予权限

mysql怎么删除一个用户的权限

oracle中怎么赋予用户权限

oracle中怎么赋予用户权限

postgresql怎么给一个用户赋予权限