Mysql user management and permission settings
Command related to mysql user management and permission settings.
User Management
Mysql> use mysql;
View
Mysql> select host, user, password from user;
Create
Mysql> create user zx_root;
Modify
Mysql> rename user feng to newuser; // mysql 5 can be used later. You must use update to update the user table before.
Delete
Mysql> drop user newuser; // When deleting a user before mysql5, you must first use revoke to delete the user permission and then delete the user. After mysql5, you can drop the command to delete the user's permissions while deleting the user.
Change Password
Mysql> set password for zx_root = password ('xxxxxx ');
Mysql> update mysql. user set password = password ('xxxx') where user = 'otheruser'
View User Permissions
Mysql> show grants for zx_root;
Grant Permissions
Mysql> grant select on dmc_db. * to zx_root;
Revoke permissions
Mysql> revoke select on dmc_db. * from zx_root; // if the permission does not exist, an error is returned.
The preceding commands can also be granted and recycled with Multiple permissions, separated by commas (,).
Mysql> grant select, update, delete, insert on dmc_db. * to zx_root;
If you want to see the result immediately, use
Flush privileges;
Command update
Information must be provided when permission is set
1. permissions to be granted
2. databases or tables granted access permissions
3. User Name
Grant and revoke can control access permissions at several levels
1. The entire server uses grant ALL and revoke ALL
2. The entire database uses on database .*
3. Feature table: on database. table
4. Specific Columns
5. Specific stored procedures
Significance of the value of the host column in the user table
% Match all hosts
Localhost is not resolved to an IP address and is directly connected through UNIXsocket
127.0.0.1 is connected through the TCP/IP protocol and can only be accessed on the local machine
: 1: 1 is compatible with ipv6, indicating 127.0.0.1 of the same ipv4
Grant normal data users the right to query, insert, update, and delete all table data in the database.
Grant select on testdb. * to common_user @ '%'
Grant insert on testdb. * to common_user @ '%'
Grant update on testdb. * to common_user @ '%'
Grant delete on testdb. * to common_user @ '%'
Alternatively, replace the following with a MySQL command:
Grant select, insert, update, delete on testdb. * to common_user @ '%'
9>. grant database developers to create tables, indexes, views, stored procedures, and functions... .
Grant permissions to create, modify, and delete MySQL Data Table structures.
Grant create on testdb. * to developer @ '192. 192.% ';
Grant alter on testdb. * to developer @ '192. 192.% ';
Grant drop on testdb. * to developer @ '192. 192.% ';
Grant the MySQL foreign key operation permission.
Grant references on testdb. * to developer @ '192. 192.% ';
Grant the permission to operate MySQL temporary tables.
Grant create temporary tables on testdb. * to developer @ '2017. 192.% ';
Grant the permission to operate MySQL indexes.
Grant index on testdb. * to developer @ '192. 192.% ';
Grant permissions to operate the MySQL view and view the source code.
Grant create view on testdb. * to developer @ '192. 192.% ';
Grant show view on testdb. * to developer @ '192. 192.% ';
Grant permissions to operate MySQL stored procedures and functions.
Grant create routine on testdb. * to developer @ '192. 192.% '; -- now, can show procedure status
Grant alter routine on testdb. * to developer @ '192. 192.% '; -- now, you can drop a procedure
Grant execute on testdb. * to developer @ '192. 192.% ';
10>. grant common DBA permission to manage a MySQL database.
Grant all privileges on testdb to dba @ 'localhost'
The keyword "privileges" can be omitted.
11>. grant senior DBA permission to manage all databases in MySQL.
Grant all on *. * to dba @ 'localhost'
12>. MySQL grant permissions can be applied to multiple levels.
1. grant applies to the entire MySQL Server:
Grant select on *. * to dba @ localhost; -- dba can query tables in all databases in MySQL.
Grant all on *. * to dba @ localhost; -- dba can manage all databases in MySQL
2. grant applies to a single database:
Grant select on testdb. * to dba @ localhost; -- dba can query tables in testdb.
3. grant applies to a single data table:
Grant select, insert, update, delete on testdb. orders to dba @ localhost;
4. grant applies to columns in the table:
Grant select (id, se, rank) on testdb. apache_log to dba @ localhost;
5. grant applies to stored procedures and functions:
Grant execute on procedure testdb. pr_add to 'dba '@ 'localhost'
Grant execute on function testdb. fn_add to 'dba '@ 'localhost'
Note: After modifying the permissions, you must refresh the service or restart the Service to use flush privileges.