Linux Operations Phase IV (v) MySQL User and Rights management

Source: Internet
Author: User
Tags administrator password

Linux Operational Phase IV (IV) MySQL User and Rights Management

1. Related concepts:

"mysql User:

similar VSFTPD virtual users;

password, its own unique encryption mechanism, PASSWORD function;

user name @ host;

User name within the characters, host (host name,IP, network address, wildcard (%,_);

--skip-name-resolve(skip name resolution to increase user connection speed)

The account is used for authentication;

>rename USER ' old_name ' @ ' host ' to ' new_name ' host; (rename user)

"Permission to access the table (data) after authorization;

table in MySQL's own library:user,db,host,tables_priv,columns_priv,procs_priv:

User:user Account,global privileges and other non-privileges column; global level (Super,replication Slave,shutdown)

DB:database-levelprivileges Library-level permissions

Host:obsolete deprecated

Tables-priv:table-level privileges table-level permissions (delete,alter,trigger,select,insert,update)

Columns_priv:column-level Privileges column-level permissions (select,insert,update)

Procs_priv:stored procedure andfunction privileges stored procedure and storage function permissions

Proxies_priv:proxy-user Privileges Delegate user Rights

MySQL will read these six tables at startup and generate authorization tables in memory, and each SQL statement executed will check for permission to read or write;

2,>select * from Db\g

>create temporary TABLE tb_name; (temporary table--memory table);

Usage (used only for connection Mysql-server and some simple commands)

trigger Trigger: Active database (triggers defined statements, such as logging, when performing certain operations)

>help Create user

>create USER ' username ' @ ' host ' [Identified by ' NEW_PW '];

>flush privileges;

>help Grant (for user authorization)

>grant privileges1,privileges2 on [object_type] db_name.tb_name to ' username ' @ ' host ' [Identified by ' NEW_PW '] [RE Quire none|ssl_option] [with with_option];









Grant_option users can delegate their own rights to other users, very dangerous, not recommended to use

| Max_queries_per_hour count per hour maximum number of queries

| Max_updates_per_hour count Hour max number of updates

| Max_connections_per_hour count can fail the maximum number of connections per hour

| Max_user_connections count How many times the same user account is connected

Example:>grant EXECUTE on FUNCTION to [email protected] '% '; (using this object_type when it is not possible to determine What object tb_name is, this example makes it clear that ABC is a function,tb_name is not necessarily a table, it is a stored procedure PROCEDURE and stored function functions )

>grant UPDATE on jiaowu.tutors to ' username ' @ '% ' REQUIRE SSL; (the connection must be SSL establishes a secure connection and can also be X509 )

>grant UPDATE (age) on Jiaowu,stu to ' username ' @ ' host '; (only one field is authorized)

>grant SUPER on * * to ' username ' @ ' host '; ( SUPER and with grantoption two items to be carefully authorized)

>show GRANTS for ' username ' @ ' host '; (View a user right, field authorization is not in the same row as the Library, table authorization)

>help REVOKE

>revoke priv1,priv2 on db_name.tb_name from ' user ' @ ' host ';

3. Re-retrieve the administrator password:

#service mysqld Stop


$bindir/mysqld_safe--skip-grant-tables--skip-networking--datadir= "$datadir"--pid-file= "$mysqld _pid ... (Add --skip-grant-tables Bypass authorization table and --skip-networking prohibit network connection)

#service mysqld Start


>update mysql.user SET password=password (' New_password ') WHERE user= ' root ';

( You cannot change the password with SET and mysqladmin only by manually changing the contents of the user table, because the authorization table has been skipped)

#service mysqld Stop(Stop the service to change/etc/rc.d/init.d/mysqld back to its original state and restart the service).

This article is to learn "ma Brother Network Video" made notes.

This article is from the "Linux operation and maintenance of difficult learning notes" blog, declined reprint!

Linux Operations Phase IV (v) MySQL User and Rights management

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.