分享程序员开发的那些事...
更新时间:2022-10-14 13:09:54
默认用户有root超级管理员,要做一个网站,要连接mysql要一个用户名和密码,不可能是root,防止误操作。Mysql服务里面可以跑多个库,所以需要给单独的用户作一些授权,只需要他对某一个数据库或者某个数据库的某个表有权限。
grant all on . to 'user1' identified by 'passwd'; // grant是授权的意思 all全部的
1.mysql> grant all on . to 'user1'@'127.0.0.1' identified by '123'; //授权user1只能通过127这个ip登录mysql(源ip) identified by密码 .前面这个表示库名,后面是表。Ip也可以使用%表示所有的ip,
Query OK, 0 rows affected (0.63 sec)
2.[root@localhost ~]# mysql -uuser1 -p123 -h127.0.0.1 //用户登录。如果授权ip是localhost那么可以不用-h
3.mysql> grant all on db1.* to 'user1'@'192.168.222.%' identified by '1';
4.[root@localhost ~]# mysql -uuser1 -p1 -h192.168.222.51
5.grant SELECT,UPDATE,INSERT on db1. to 'user2'@'192.168.133.1' identified by 'passwd';
6.grant all on db1. to 'user3'@'%' identified by 'passwd';
7.show grants;//查看当前用户的授权
mysql> show grants; //查看权限必须进入要查询的用户里面
+-------------------------------------------------------------------------------+
| Grants for user1@192.168.222.% |
+-------------------------------------------------------------------------------+
| GRANT USAGE ON . TO 'user1'@'192.168.222.%' IDENTIFIED BY PASSWORD <secret> |
| GRANT ALL PRIVILEGES ON db1.* TO 'user1'@'192.168.222.%' |
+-------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> select user();
+----------------------+
| user() |
+----------------------+
| user1@192.168.222.51 |
+----------------------+
1 row in set (0.00 sec)
8.show grants for user2@192.168.133.1; //查看指定用户的授权
mysql> select user();
+----------------+
| user() |
+----------------+
| root@localhost |
+----------------+
1 row in set (0.00 sec)
mysql> grant SELECT,UPDATE,INSERT on db1.* to 'user3'@'192.168.222.%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for user3@'192.168.222.%';
+------------------------------------------------------------------------------------------------------------------+
| Grants for user3@192.168.222.% |
+------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON . TO 'user3'@'192.168.222.%' IDENTIFIED BY PASSWORD '6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' |
| GRANT SELECT, INSERT, UPDATE ON db1. TO 'user3'@'192.168.222.%' |
+------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
本文转自 虾米的春天 51CTO博客,原文链接:http://blog.51cto.com/lsxme/2061417,如需转载请自行联系原作者