MySQL modifies the granted permissions

Source: Internet
Author: User


Modify the user rights that have been granted.

We know:
Grant is an authorization command, or permission modification action can be made after authorization
Attention
When modifying permissions, you can use identified by password to keep the previous password unchanged!


Generally we grant authorization, use Identitied by, followed by the plaintext password, generated in the Mysql.user table query account information displayed is the cipher password
But grant authorization, you can also add password after identified by, so that the password is set after the cipher

Sometimes, by the developers to generate their own ciphertext password, that is, they are now on their own test machine to create a password, query to the ciphertext password, and then the cipher to our operations personnel for grant authorization,
This gives them the authorization of the password only they know, our OPS personnel also do not know.


Revoke is the Reclaim permission command (All/or partial permissions can be reclaimed)
Flush privileges is the Refresh permissions table

Show grants is viewing root user rights
Show grants for [email protected] ' IP ' view normal user rights


Reclaim partial permissions with revoke
Reclaim All permissions except Select
Usage is the default initial state, which means no permissions!!

Mysql> Show grants for [email protected] ' 61.148.60.42 ';
+-------------------------------------------------------------------------------------------------------------- -----------+
| Grants for [email protected] |
+-------------------------------------------------------------------------------------------------------------- -----------+
| GRANT USAGE on *. xqshijie_test ' @ ' 61.148.60.42 ' identified by PASSWORD ' *6de35f444d5e33c31295a5d891098cd40229d9d9 ' |
| GRANT SELECT, INSERT, UPDATE, DELETE on ' zh_o2o_db '. * to ' xqshijie_test ' @ ' 61.148.60.42 ' |
+-------------------------------------------------------------------------------------------------------------- -----------+
2 rows in Set (0.00 sec)


Mysql> REVOKE INSERT, UPDATE, DELETE on ' zh_o2o_db '. * from ' xqshijie_test ' @ ' 61.148.60.42 ';
Query OK, 0 rows Affected (0.00 sec)


Under this, only select query permission is left!!!
Mysql> Show grants for [email protected] ' 61.148.60.42 ';
+-------------------------------------------------------------------------------------------------------------- -----------+
| Grants for [email protected] |
+-------------------------------------------------------------------------------------------------------------- -----------+
| GRANT USAGE on *. xqshijie_test ' @ ' 61.148.60.42 ' identified by PASSWORD ' *6de35f444d5e33c31295a5d891098cd40229d9d9 ' |
| GRANT SELECT on ' zh_o2o_db '. * to ' xqshijie_test ' @ ' 61.148.60.42 ' |
+-------------------------------------------------------------------------------------------------------------- -----------+
2 rows in Set (0.00 sec)


You can also use grant to modify permissions, and the modified permission overrides the previous permissions directly
When you modify permissions, you can use the ciphertext you view directly.
as follows, add the update database permissions, and the permissions are overwritten before you add them!

Mysql> show grants for [email protected] ' 124.65.197.154 ';
+---------------------------------------------------------------------------------------------------------- -----------------+
| Grants for [email protected] |
+---------------------------------------------------------------------------------------------------------- -----------------+
| GRANT USAGE on *. xqshijie_test ' @ ' 124.65.197.154 ' identified by PASSWORD ' * 6de35f444d5e33c31295a5d891098cd40229d9d9 ' |
| GRANT SELECT on ' fanghu_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
| GRANT SELECT on ' xqsj_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
| GRANT SELECT ' zh_o2o_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
+---------------------------------------------------------------------------------------------------------- -----------------+
4 rows in Set (0.00 sec)

Mysql> GRANT select,update on fanghu_db.* to [email protected] ' 124.65.197.154 ' identified by PASSWORD ' * 6de35f444d5e33c31295a5d891098cd40229d9d9 ';
mysql> GRANT select,update on xqsj_db.* to [email protected] ' 124.65.197.154 ' identified by PASSWORD ' * 6de35f444d5e33c31295a5d891098cd40229d9d9 ';
mysql> GRANT select,update on zh_o2o_db.* to [email protected] ' 124.65.197.154 ' identified by PASSWORD ' * 6de35f444d5e33c31295a5d891098cd40229d9d9 ';
mysql> FLUSH privileges;

Mysql> Show grants for [email protected] ' 124.65.197.154 ';
+-------------------------------------------------------------------------------------------------------------- -------------+
| Grants for [email protected] |
+-------------------------------------------------------------------------------------------------------------- -------------+
| GRANT USAGE on *. xqshijie_test ' @ ' 124.65.197.154 ' identified by PASSWORD ' * 6de35f444d5e33c31295a5d891098cd40229d9d9 ' |
| GRANT select,update on ' fanghu_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
| GRANT select,update on ' xqsj_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
| GRANT select,update ' zh_o2o_db '. * to ' xqshijie_test ' @ ' 124.65.197.154 ' |
+-------------------------------------------------------------------------------------------------------------- -------------+
4 rows in Set (0.00 sec)

MySQL modifies the granted permissions

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.