乱码:
创建用户:
=================
工具名称:SQLyog
=================
八、mysql的权限管理
查看mysql版本:# mysql --version
1、授权的基本原则
只授予满足要求的最小权限,但要注意使用户能够授权给别的用户(with grant option)
对用户设置登录的主机限制
删除没有密码的用户
满足密码的复杂度,设置较为复杂的密码
定期检查用户的权限,适当收回不需要的权限
2、进入数据库
若是安装了mysql的主机(199.1),则
# mysql -h localhost -u root
若是进行了mysql多实例配置的主机(10.0.199.1),则
# mysql -u root -h 127.0.0.1 -P3308(由于进行了多实例配置 所以会有多个端口,要选择一个端口进入mysql)
3、进入mysql之后 对用户授权:
语法:grant 用户权限(查询,插入,更新) on 在哪个数据库 to '用名名称'@'IP地址' identified by '用户密码';
10.0.199.1主机:
mysql> grant all on *.* to 'root'@'10.0.5.150' identified by 'aixocm';
mysql> flush privileges;
其它任意主机(10.0.199.2):
#mysql -u root -h 10.0.199.1 -P 3306 -p
aixocm
即可进入其数据库
mysql> grant select on employees.* to 'user01'@'10.0.5.%' identified by 'aixocm' withgrant option;
mysql> grant select on zytest.zybb to 'gongda'@'localhost' identified by 'test1234';
mysql> flush privileges;
[root@localhost~]# mysql -ugongda -p
Enter password:123456
则便可以切换到gongda用户
练习:相邻的两位同学互相授权root用户只能从对方的真实机登录 能进行所有的操作,再授权一个
用户可以在test数据库对下面的表进行select,update操作,然后检验权限设置的正确性
mysql> grant select,update on test.* to 'zll'@'10.0.199.%' identified by 'aixocm'
with grant option;
4、查看用户的的授权
mysql> show grants for 'user01'@'10.0.5.150';
mysql> show grants for 'user01'@'10.0.5.%';
mysql> show grants; \\查看当前用户的授权情况
(1)、创建普通用户
语法:create user '用户名成'@'授权的IP地址' identified by '用户的密码'
mysql> create user 'gongda'@'localhost' identified by 'test1234'
mysql> create user user03@'%' identified by 'aixocm';
mysql> create user user02;
(2)、删除普通用户
语法:drop User username@'IP地址'
mysql> drop user user02;
mysql> drop user 'gongda'@'localhost';
(3)、更新普通用户
(4)、修改普通用户密码
# mysql -ugongda -paa123456
mysql>set password=password('123456') 修改gongda普通用户的密码为123456
(5)创建一个远程超级用户
mysql>grant all privileges on *.* to admin@'%' identified by '123456' with grant option;
5、查看用户的登录和权限情况;权表介绍 mysql库
(1)、user表 包括了3个字段:Host,User,Password 分别表示:主机名、用户名、密码
(2)、db表 包括了3个字段:Host,Db User,分别表示:主机名 数据库名 和用户名
(3)、host表 包括了2个字段:Host,Db,
mysql> use mysql;
mysql> select host,user,password from user;
6、收回用户的权限
mysql> revoke all on employees.* from user01@10.0.0.254;
mysql> revoke delete on employees.* from user01@10.0.0.254;
mysql> flush privileges;
========== 本章练习题目 ==============
=====
(1)create user 'gongda1'@'localhost' identified by '123456';
select host,user,password from mysql.user;
(2)grant select on test.* to 'gongda1'@'localhost' identified by '123456';
# mysql -ugongda1 -p
(3)# mysql -ugongda1 -p
Enter password:123456
set password=password('gongda123456');
# mysql -ugongda1 -p
Enter password:gongda123456
(4)update mysql.user set password=password('luluhost') where host='localhost' and user='root';
flush privileges;
exit
# mysql -uroot -p
Enter password:luluhost
或者 # mysqladmin -uroot -p password 'luluhost'
Enter password:
(5)update mysql.user set password=password('') where host='localhost' and user='root';
flush privileges;
(6)
========
create database gongda;
use gongda;
create table student(
user_id int primary key unique not null,
user_name varchar(20) not null,
sex enum('m','f'));
delimiter &&
create procedure student_while()
begin
declare count int default 0;
while count<10000 do
insert into student(user_id,user_name,sex) values(count,'zhang','m');
set count=count + 1;
end while;
end &&
delimiter ;
call student_while();
select * from student;
(4)mysqldump -uroot -p gongda student > student.sql
(5)mysqldump -uroot -p gongda > gongda.sql
(6)drop table student;
mysql -uroot -p gongda < student.sql
(7)drop database gongda;
mysql -uroot -p < gongda.sql