热门标签
热门文章
- 1NLP入门——基础知识_nlp学习
- 2一个基于SpringBoot+Vue前后端分离医疗用品销售网站系统详细设计实现_网站前后端分离设计
- 3报错[Vue warn]: $listeners is readonly. $attrs is readonly.怎么解决?
- 4数字化时代,如何赋能人才
- 5论文阅读:Towards a Unified View of Parameter-Efficient Transfer Learning对参数高效迁移学习的统一看法
- 6第八章:AI大模型的未来发展趋势8.1 模型结构的创新8.1.2 模型可解释性研究
- 7ChatGPT 插件(ChatGPT plugins)_chatgpt插件
- 8关于Yolov7-tiny模型瘦身(param、FLOPs)碎碎念_yolov7tiny
- 902_在VM虚拟机创建Win7系统
- 10chatGPT优化论文会导致论文重复率升高,实测段落重复率从23.2%狂飙到70.7%_chatgpt查重率多少
当前位置: article > 正文
【MySQL】18. 用户管理
作者:小丑西瓜9 | 2024-04-08 08:42:00
赞
踩
【MySQL】18. 用户管理
用户管理
如果我们只能使用root用户,这样存在安全隐患。这时,就需要使用MySQL的用户管理。
1. 用户
1.1 用户信息
MySQL中的用户,都存储在系统数据库mysql的user表中
mysql> use mysql;
Database changed
- 1
- 2
这里的Y表示的都是用户所对应的权限
mysql> select host,user,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+-----------+---------------+-------------------------------------------+
--可以通过desc user初步查看一下表结构
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
字段解释:
- host: 表示这个用户可以从哪个主机登陆,如果是localhost,表示只能从本机登陆
- user: 用户名
- authentication_string: 用户密码通过password函数加密后的结果
- *_priv: 用户拥有的权限
1.2 创建用户
语法:
create user '用户名'@'登陆主机/ip' identified by '密码';
- 1
案例:
mysql> create user 'hx'@'localhost' identified by 'hx';
Query OK, 0 rows affected (0.00 sec)
mysql> select host,user,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | hx | *41EE5E3D0966EC1961833DA551EB2782EDDCE862 |
+-----------+---------------+-------------------------------------------+
4 rows in set (0.00 sec)
-- 此时便可以使用新账号新密码进行登陆啦
-- 备注:可能实际在设置密码的时候,因为mysql本身的认证等级比较高,一些简单的密码无法设置,会爆出如下报错:
-- ERROR 1819 (HY000): Your password does not satisfy the current policyrequirements
-- 解决方案:https://blog.csdn.net/zhanaolu4821/article/details/93622812
-- 查看密码设置相关要求:SHOW VARIABLES LIKE 'validate_password%';
-- 这个大家下来自己玩玩
-- 关于新增用户这里,需要大家注意,不要轻易添加一个可以从任意地方登陆的user
-- 也就是说不要设置成 @% 的形式
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
1.3 删除用户
语法:
drop user '用户名'@'主机名'
- 1
示例:
mysql> select user,host,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | hx | *41EE5E3D0966EC1961833DA551EB2782EDDCE862 |
+-----------+---------------+-------------------------------------------+
4 rows in set (0.00 sec)
mysql> drop user hx; --尝试删除
ERROR 1396 (HY000): Operation DROP USER failed for 'hx'@'%'
-- <= 直接给个用户名,不能删除,它默认是%,表示所有地方可以登陆的用户
mysql> drop user 'hx'@'localhost'; --删除用户
Query OK, 0 rows affected (0.00 sec)
mysql> select user,host,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+---------------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
1.4 修改用户密码
语法:
- 自己改自己密码
set password=password('新的密码');
- 1
- root用户修改指定用户的密码
set password for '用户名'@'主机名'=password('新的密码');
- 1
mysql> select host,user, authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | hx | *41EE5E3D0966EC1961833DA551EB2782EDDCE862 |
+-----------+---------------+-------------------------------------------+
4 rows in set (0.00 sec)
mysql> set password for 'hx'@'localhost'=password('87654321');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> select host,user,authentication_string from user;
+-----------+---------------+-------------------------------------------+
| host | user | authentication_string |
+-----------+---------------+-------------------------------------------+
| localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
| localhost | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | hx | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
+-----------+---------------+-------------------------------------------+
4 rows in set (0.00 sec)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
2 数据库的权限
MySQL数据库提供的权限列表:
2.1 给用户授权
刚创建的用户没有任何权限。需要给用户授权。
语法:
grant 权限列表 on 库.对象名 to '用户名'@'登陆位置' [identified by '密码']
- 1
说明:
- 权限列表,多个权限用逗号分开
grant select on …
grant select, delete, create on …
grant all [privileges] on … – 表示赋予该用户在该对象上的所有权限
- . : 代表本系统中的所有数据库的所有对象(表,视图,存储过程等)
- 库.* : 表示某个数据库中的所有数据对象(表,视图,存储过程等)
- identified by可选。 如果用户存在,赋予权限的同时修改密码,如果该用户不存在,就是创建用户
案例:
--使用root账号
--终端A
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| bit_index |
| mysql |
| performance_schema |
| scott |
| sys |
| tt |
+--------------------+
7 rows in set (0.00 sec)
mysql> use scott;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+-----------------+
| Tables_in_scott |
+-----------------+
| dept |
| emp |
| exam |
| salgrade |
| stu |
+-----------------+
5 rows in set (0.00 sec)
--给用户hx赋予scott数据库下所有文件的select权限
mysql> grant select on scott.* to 'hx'@'localhost';
Query OK, 0 rows affected (0.00 sec)
--使用hx账号
--终端B
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.00 sec)
--暂停等root用户给hx赋完权之后,再查看
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| scott | --赋完权之后,就能看到新的表
+--------------------+
2 rows in set (0.00 sec)
mysql> use scott;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+-----------------+
| Tables_in_scott |
+-----------------+
| dept |
| emp |
| exam |
| salgrade |
| stu |
+-----------------+
5 rows in set (0.00 sec)
mysql> select * from stu;
+------+------+
| id | name |
+------+------+
| 1 | jack |
| 2 | tom |
| 3 | kity |
| 4 | nono |
+------+------+
4 rows in set (0.00 sec)
--没有删除权限
mysql> delete from stu;
ERROR 1142 (42000): DELETE command denied to user 'hx'@'localhost' for table 'stu'
备注:特定用户现有查看权限
mysql> show grants for 'hx'@'localhost';
+-----------------------------------------------+
| Grants for hx@localhost |
+-----------------------------------------------+
| GRANT USAGE ON *.* TO 'hx'@'localhost' |
| GRANT SELECT ON `scott`.* TO 'hx'@'localhost' |
+-----------------------------------------------+
2 rows in set (0.00 sec)
mysql> show grants for 'root'@'localhost';
+---------------------------------------------------------------------+
| Grants for root@localhost |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
2 rows in set (0.00 sec)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
注意:如果发现赋权限后,没有生效,执行如下指令:
flush privileges;
- 1
2.2 回收权限
语法:
revoke 权限列表 on 库.对象名 from '用户名'@'登陆位置';
- 1
示例:
-- 回收hx对test数据库的所有权限
--root身份,终端A
mysql> revoke all on test.* from 'hx'@'localhost';
Query OK, 0 rows affected (0.00 sec)
--hx身份,终端B
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| scott |
+--------------------+
2 rows in set (0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.00 sec)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小丑西瓜9/article/detail/384207
