MySQL basic command in Linux environment (4) User authorization----Database

MySQL database root user has all the library, the table of all permissions, frequent use of the root user will bring great risk to the database, so should establish some low-privileged users, only responsible for a portion of the Library, table management maintenance operations, and even to increase, delete, change, check each operation further refine the restrictions, This minimizes the risk to the database.

One, grant permissions

GRANT statement: used to set access permissions for a database user, and the grant statement creates a new user when the specified user does not exist. User records authorized with the grant statement are saved to the MySQL library in the user, DB, host, Tables_priv, and other tables, and take effect immediately without a refresh.

command syntax: GRANT permission list on library name. Table name to User name @ source address [identified by ' Password '];

permissions list: used to list the various database operations used by authorization, separated by commas, such as "Select,insert,update,delete" using "all" to denote all permissions

library name. Table name: used to specify the library name and table name of the authorization database, where wildcards "*" can be used. such as "name.*" means that the object of the authorization action is all tables under the name library

User name @ Source address: used to specify the authorized user name and the client address to allow access, and who can connect and where to connect from. The source address can be a domain name, an IP, or a wildcard "%" that represents all the addresses within a region or within a network segment, such as "%.ys.com", "192.168.1.%".

identified by: used to set the password that is used when the user connects to the database, and if this is omitted when creating a new user, the password is blank.

Example: Adding a "liuqi" data user, allowing it to be accessed locally, having view permissions on all tables in the name library, and a verification code of "123456".

Use the command: GRANT Select on names.*-' liuqi ' @ ' localhost ' identified by ' 123456 ';

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M00/79/57/wKiom1aOdbOixJkQAAAqfWNMRIM173.jpg "title=" 5.jpg " alt= "Wkiom1aodboixjkqaaaqfwnmrim173.jpg"/>

Second, view permissions

SHOW Grants statement: specifically used to view authorization information for a database user, you can specify which objects to view through a for child statement.

command syntax: SHOW GRANTS for User name @ source address;

Use the command: SHOW GRANTS for ' liuqi ' @ ' localhost ';

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/79/57/wKiom1aOd2Gz2N8PAACei7igibM340.jpg "title=" 6.jpg " alt= "Wkiom1aod2gz2n8paacei7igibm340.jpg"/>

Third, revoke permissions

REVOKE statement: used to revoke the database permissions of the specified user, the revoked user can also connect to the database, but will be prevented from performing the corresponding database operation.

command syntax: REVOKE permissions list on database name. Table name from user name @ Source Address

Use the command: REVOKE all on names.* from ' Liuqi ' @ ' localhost ';

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/79/57/wKiom1aOeQOhivtRAAAi43mP7EM146.jpg "title=" 7.jpg " alt= "Wkiom1aoeqohivtraaai43mp7em146.jpg"/>

This article is from the "New Start" blog, so be sure to keep this source http://yuanshuai.blog.51cto.com/10539781/1732718

MySQL basic command in Linux environment (4) User authorization----Database