MySQL creates user and authorization methods
- 2020-05-13 03:43:09
- OfStack
Note: my operating environment is widnows xp professional + MySQL5.0
1. Create users:
Command :CREATE USER 'username'@'host' IDENTIFIED BY 'password';
Description: username - you will create a user name, host - specify that the user can log in, on which host if it is local user localhost are available, and if you want the user to login from any remote host, you can use wildcard %. password - the user's password, the password can be null, if is empty, the user can is not need a password to log on to the server.
Example: CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456';
CREATE USER 'pig'@'192.168.1.101_' IDENDIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '';
CREATE USER 'pig'@'%';
2, the authorization:
Command :GRANT privileges ON databasename.tablename TO 'username'@'host'
Note: privileges - user's operation permissions, such as SELECT, INSERT, UPDATE, etc. (see the end of this article for a detailed list). databasename - database name,tablename- table name, and can be represented by * if you want to grant this user appropriate access to all databases and tables, such as *.*.
Example: GRANT SELECT, INSERT ON test.user TO 'pig'@'%';
GRANT ALL ON *.* TO 'pig'@'%';
Note: users authorized by the above command cannot authorize other users. If you want the user to be authorized, use the following command:
GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION;
3. Set and change user password
Command :SET PASSWORD FOR '@'host' = PASSWORD('newpassword'); If the user is currently logged in, SET PASSWORD = PASSWORD("newpassword");
Example: SET PASSWORD FOR '@'%' = PASSWORD("123456");
4. Revoke user privileges
Command: REVOKE privilege ON databasename.tablename FROM 'username'@'host';
Description: privilege, databasename, tablename - same authorization part.
Example: REVOKE SELECT ON *.* FROM 'pig'@'%';
Note: if you are authorizing user 'pig'@'%' as follows (or similar):GRANT SELECT TO pig'@'%', you are using REVOKE SELECT ON *.* FROM 'pig'@'%'; The command does not undo the user's SELECT operation on the user table in the test database. Instead, if the user is authorized to use GRANT SELECT ON *. REVOKE SELECT ON test.user FROM 'pig'@'%'; The command also does not revoke the user's Select permission to the user table in the test database.
You can use the command SHOW GRANTS FOR 'pig'@'%'; Look at it.
5. Delete users
Command: DROP USER 'username'@'host';
Schedule: operation permissions in MySQL
ALTER Allows use of ALTER TABLE. ALTER ROUTINE Alters or drops stored routines. CREATE Allows use of CREATE TABLE. CREATE ROUTINE Creates stored routines. CREATE TEMPORARY TABLE Allows use of CREATE TEMPORARY TABLE. CREATE USER Allows use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES. CREATE VIEW Allows use of CREATE VIEW. DELETE Allows use of DELETE. DROP Allows use of DROP TABLE. EXECUTE Allows the user to run stored routines. FILE Allows use of SELECT... INTO OUTFILE and LOAD DATA INFILE. INDEX Allows use of CREATE INDEX and DROP INDEX. INSERT Allows use of INSERT. LOCK TABLES Allows use of LOCK TABLES on tables for which the user also has SELECT privileges. PROCESS Allows use of SHOW FULL PROCESSLIST. RELOAD Allows use of FLUSH. REPLICATION Allows the user to ask where slave or master CLIENT servers are. REPLICATION SLAVE Needed for replication slaves. SELECT Allows use of SELECT. SHOW DATABASES Allows use of SHOW DATABASES. SHOW VIEW Allows use of SHOW CREATE VIEW. SHUTDOWN Allows use of mysqladmin shutdown. SUPER Allows use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL SQL statements. Allows mysqladmin debug command. Allows one extra connection to be made if maximum connections are reached. UPDATE Allows use of UPDATE. USAGE Allows connection without any specific privileges.
1. Create users:
Command :CREATE USER 'username'@'host' IDENTIFIED BY 'password';
Description: username - you will create a user name, host - specify that the user can log in, on which host if it is local user localhost are available, and if you want the user to login from any remote host, you can use wildcard %. password - the user's password, the password can be null, if is empty, the user can is not need a password to log on to the server.
Example: CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456';
CREATE USER 'pig'@'192.168.1.101_' IDENDIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '';
CREATE USER 'pig'@'%';
2, the authorization:
Command :GRANT privileges ON databasename.tablename TO 'username'@'host'
Note: privileges - user's operation permissions, such as SELECT, INSERT, UPDATE, etc. (see the end of this article for a detailed list). databasename - database name,tablename- table name, and can be represented by * if you want to grant this user appropriate access to all databases and tables, such as *.*.
Example: GRANT SELECT, INSERT ON test.user TO 'pig'@'%';
GRANT ALL ON *.* TO 'pig'@'%';
Note: users authorized by the above command cannot authorize other users. If you want the user to be authorized, use the following command:
GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION;
3. Set and change user password
Command :SET PASSWORD FOR '@'host' = PASSWORD('newpassword'); If the user is currently logged in, SET PASSWORD = PASSWORD("newpassword");
Example: SET PASSWORD FOR '@'%' = PASSWORD("123456");
4. Revoke user privileges
Command: REVOKE privilege ON databasename.tablename FROM 'username'@'host';
Description: privilege, databasename, tablename - same authorization part.
Example: REVOKE SELECT ON *.* FROM 'pig'@'%';
Note: if you are authorizing user 'pig'@'%' as follows (or similar):GRANT SELECT TO pig'@'%', you are using REVOKE SELECT ON *.* FROM 'pig'@'%'; The command does not undo the user's SELECT operation on the user table in the test database. Instead, if the user is authorized to use GRANT SELECT ON *. REVOKE SELECT ON test.user FROM 'pig'@'%'; The command also does not revoke the user's Select permission to the user table in the test database.
You can use the command SHOW GRANTS FOR 'pig'@'%'; Look at it.
5. Delete users
Command: DROP USER 'username'@'host';
Schedule: operation permissions in MySQL
ALTER Allows use of ALTER TABLE. ALTER ROUTINE Alters or drops stored routines. CREATE Allows use of CREATE TABLE. CREATE ROUTINE Creates stored routines. CREATE TEMPORARY TABLE Allows use of CREATE TEMPORARY TABLE. CREATE USER Allows use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES. CREATE VIEW Allows use of CREATE VIEW. DELETE Allows use of DELETE. DROP Allows use of DROP TABLE. EXECUTE Allows the user to run stored routines. FILE Allows use of SELECT... INTO OUTFILE and LOAD DATA INFILE. INDEX Allows use of CREATE INDEX and DROP INDEX. INSERT Allows use of INSERT. LOCK TABLES Allows use of LOCK TABLES on tables for which the user also has SELECT privileges. PROCESS Allows use of SHOW FULL PROCESSLIST. RELOAD Allows use of FLUSH. REPLICATION Allows the user to ask where slave or master CLIENT servers are. REPLICATION SLAVE Needed for replication slaves. SELECT Allows use of SELECT. SHOW DATABASES Allows use of SHOW DATABASES. SHOW VIEW Allows use of SHOW CREATE VIEW. SHUTDOWN Allows use of mysqladmin shutdown. SUPER Allows use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL SQL statements. Allows mysqladmin debug command. Allows one extra connection to be made if maximum connections are reached. UPDATE Allows use of UPDATE. USAGE Allows connection without any specific privileges.