- 1Cesium介绍及3DTiles数据加载时添加光照效果对比_cesium光照
- 2RabbitMQ的死信队列详解及实现_获取死信队列中的信息
- 3PeLK:通过周边卷积的参数高效大型卷积神经网络
- 4react 暂存数据持久化_react store 数据持久化
- 5Map集合和Collections(集合工具类)_collections工具类中的binarysearch()方法中的key是map中的键吗
- 6如何解决Git合并分支造成的冲突_git合并出现冲突是如何解决的
- 7jmeter 性能测试结果分析_jmeter结果分析
- 8在Git上放一个静态页面并且可以访问_gitlab 怎么发布静态页面
- 9机械臂视觉抓取总结_机械臂目标定位与抓取
- 10Jupyter 进阶教程
mysql 从库 read-only_Mysql从库read-only配置详解
赞
踩
为了防止用户对从库进行插入,采用read-only参数:
配置:
[root@Slave-Mysql data]# grep read-only /etc/my.cnf
read-only
试验过程:
主库授权ALL
mysql> grant all on *.* to 'imbyrd'@'localhost' identified by 'admin';
从库测试:
[root@Slave-Mysql data]# /usr/local/mysql/bin/mysql -uimbyrd -p'admin'
mysql> use hitest;
mysql> insert into test(id,name) values(14,'fo');
Query OK, 1 row affected (0.14 sec)
主库授权select,insert,update,delete
mysql> REVOKE all ON *.* FROM 'imbyrd'@'localhost';
mysql> grant select,insert,update,delete on *.* to 'imbyrd'@'localhost' identified by 'admin';
mysql> show grants for imbyrd@'localhost';
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for imbyrd@localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'imbyrd'@'localhost' IDENTIFIED BY PASSWORD '*4ACFE3202A5FF5CF467898FC58AAB1D615029441' |
+----------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
从库测试:
mysql> use hitest;
mysql> insert into test(id,name) values(16,'dddd');
ERROR 1290 (HY000): The MySQL server is running with the --read-only option so it cannot execute this statement
主库配置:
mysql> grant all on *.* to 'imbyrd'@'localhost' identified by 'admin';
mysql> show grants for imbyrd@'localhost'\G
*************************** 1. row ***************************
Grants for imbyrd@localhost: GRANT ALL PRIVILEGES ON *.* TO 'imbyrd'@'localhost' IDENTIFIED BY PASSWORD '*4ACFE3202A5FF5CF467898FC58AAB1D615029441'
1 row in set (0.00 sec)
mysql> REVOKE SUPER ON *.* FROM 'imbyrd'@'localhost';
mysql> show grants for imbyrd@'localhost'\G
*************************** 1. row ***************************
Grants for imbyrd@localhost: GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE ON *.* TO 'imbyrd'@'localhost' IDENTIFIED BY PASSWORD '*4ACFE3202A5FF5CF467898FC58AAB1D615029441'
1 row in set (0.00 sec)
从库测试:
[root@Slave-Mysql data]# /usr/local/mysql/bin/mysql -uimbyrd -p'admin'
mysql> use hitest;
mysql> insert into test(id,name) values(23,'fddf');
ERROR 1290 (HY000): The MySQL server is running with the --read-only option so it cannot execute this statement
结论:当用户权限中没有SUPER权限(ALL权限是包括SUPER的)时,从库的read-only生效!
