mysql放开权限控制_mysql06---权限控制-阿里云开发者社区
mysql權限管理:
mysql的權限控制,首先在user表判斷有沒有權限連,連上后看有沒有全局權限。然后看db表有哪些庫級別的權限。然后看tables_priv表有哪些表級別的權限。最后還可以看有哪些列級別的權限。
mysql權限檢查:1.有沒有權連接上來2.有沒有權執行操作(crud)
服務器是如何判斷用戶有沒有權限連接上來:1.你從哪里來,host2.你是誰,user
3.你的密碼
用戶的這3個信息存儲在mysql數據庫的user表下
mysql> usemysql
mysql> desc user;
mysql> select Host,User from user;+-----------+---------------+
| Host | User |
+-----------+---------------+
| localhost | mysql.session |mysql.session用戶必須從localhost連接| localhost | mysql.sys |mysql.sys用戶必須從localhost連接| localhost | root |root用戶必須從localhost連接+-----------+---------------+
就算知道用戶名和密碼,但是可以限制ip。
修改user的host域,update user set host="192.168.1.101" where user='root';
flushprivileges; 沖刷權限,
如何修改用戶的密碼:update user set password=passwiord('111111') where user='root'flushprivileges;
mysql庫下有一個db表,
用戶連上來先通過user表,看能不能進來,然后經過db表判斷有沒有某個庫的操作權,然后通過tables_priv判斷有沒有庫下哪個表的權限。//新增一個用戶,grant[權限1,權限2,權限3......] on 哪個庫.哪個表 to 用戶@'host' identified by 'password'常用權限all(所有權限),creat,drop,insert,delete,update,selectmysql> grant all on *.* to lisi@'127.0.0.1' identified by '111111';
Query OK,0rows affected
mysql> select Host,User from user;+-----------+---------------+
| Host | User |
+-----------+---------------+
| 127.0.0.1 | lisi |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | root |
+-----------+---------------+
C:\Users\Administrator>mysql -h127.0.0.1 -ulisi -p //用戶lisi登陸
Enter password:******Welcometo the MySQL monitor. Commands end with ; or\g.
Your MySQL connection idis 8Server version:5.7.20MySQL Community Server (GPL)
mysql> select * from user where user='lisi'\G;*************************** 1. row ***************************Host:127.0.0.1
User: lisi
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Reload_priv: Y
Shutdown_priv: Y
Process_priv: Y
File_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Show_db_priv: Y
Super_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Execute_priv: Y
Repl_slave_priv: Y
Repl_client_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
Create_user_priv: Y
Event_priv: Y
Trigger_priv: Y
Create_tablespace_priv: Y
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions:0max_updates:0max_connections:0max_user_connections:0plugin: mysql_native_password
authentication_string:*FD571203974BA9AFE270FE62151AE967ECA5E0AA
password_expired: N
password_last_changed:2017-12-29 21:30:25password_lifetime:NULLaccount_locked: N1 row in set (0.00sec)//收回權限,revoke all on *.* from lisi@'127.0.0.1',
mysql> revoke all on *.* from lisi@'127.0.0.1';
Query OK,0rows affected
mysql> select * from user where user='lisi'\G;*************************** 1. row ***************************Host:127.0.0.1
User: lisi
Select_priv: N
Insert_priv: N
Update_priv: N
Delete_priv: N
Create_priv: N
Drop_priv: N
Reload_priv: N
Shutdown_priv: N
Process_priv: N
File_priv: N
Grant_priv: N
References_priv: N
Index_priv: N
Alter_priv: N
Show_db_priv: N
Super_priv: N
Create_tmp_table_priv: N
Lock_tables_priv: N
Execute_priv: N
Repl_slave_priv: N
Repl_client_priv: N
Create_view_priv: N
Show_view_priv: N
Create_routine_priv: N
Alter_routine_priv: N
Create_user_priv: N
Event_priv: N
Trigger_priv: N
Create_tablespace_priv: N
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions:0max_updates:0max_connections:0max_user_connections:0plugin: mysql_native_password
authentication_string:*FD571203974BA9AFE270FE62151AE967ECA5E0AA
password_expired: N
password_last_changed:2017-12-29 21:30:25password_lifetime:NULLaccount_locked: N1 row in set (0.00sec)
mysql庫下面的user里面可以檢測能不能登陸,并且里面的權限是全局的,所有庫所有表的。//不是全局授權,而是分庫分表管理權限。grant all on test3.* to lidi@'127.0.0.1'; //給lisi test3庫所有表的所有權限。//針對某個表做授權grant creat,drop,insert,update,select on test3.goods to lisi@'127.0.0.1';//test3庫的goods表做權限控制,//數據庫級別的權限在db表中,表級別的權限在tables_priv表中。
mysql> select * from db \G; //哪個用戶在哪個庫哪個主機有哪些權限*************************** 1. row ***************************Host: localhost
Db: performance_schemaUser: mysql.session
Select_priv: Y
Insert_priv: N
Update_priv: N
Delete_priv: N
Create_priv: N
Drop_priv: N
Grant_priv: N
References_priv: N
Index_priv: N
Alter_priv: N
Create_tmp_table_priv: N
Lock_tables_priv: N
Create_view_priv: N
Show_view_priv: N
Create_routine_priv: N
Alter_routine_priv: N
Execute_priv: N
Event_priv: N
Trigger_priv: N*************************** 2. row ***************************Host: localhost
Db: sysUser: mysql.sys
Select_priv: N
Insert_priv: N
Update_priv: N
Delete_priv: N
Create_priv: N
Drop_priv: N
Grant_priv: N
References_priv: N
Index_priv: N
Alter_priv: N
Create_tmp_table_priv: N
Lock_tables_priv: N
Create_view_priv: N
Show_view_priv: N
Create_routine_priv: N
Alter_routine_priv: N
Execute_priv: N
Event_priv: N
Trigger_priv: Y*************************** 4. row ***************************Host:127.0.0.1Db: test2User: lisi
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
Execute_priv: Y
Event_priv: Y
Trigger_priv: Y4 rows in set (0.00sec)
mysql> select * fromtables_priv \G;*************************** 1. row ***************************Host: localhost
Db: mysqlUser: mysql.session
Table_name:userGrantor: boot@connectinghostTimestamp: 0000-00-00 00:00:00Table_priv:SelectColumn_priv:*************************** 2. row ***************************Host: localhost
Db: sysUser: mysql.sys
Table_name: sys_config
Grantor: root@localhost
Timestamp: 2017-12-25 15:09:21Table_priv:SelectColumn_priv:*************************** 3. row ***************************Host:127.0.0.1Db: test3User: lisi
Table_name: goods
Grantor: root@localhost
Timestamp: 0000-00-00 00:00:00Table_priv:Select,Insert,Update,Create,DropColumn_priv:3 rows in set (0.00sec)//mysql的權限控制可以精確到列,常用的授權項,
總結
以上是生活随笔為你收集整理的mysql放开权限控制_mysql06---权限控制-阿里云开发者社区的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: python 运行时间 装饰器_pyth
- 下一篇: pg数据库开启远程连接_疫情之下,开启在