MySQL用户和权限

在MySQL中有一个系统自身就带有的数据库叫MySQL,数据库装好以后系统自带了好几个数据库MySQL就是其中过一个,MySQL数据库有个用户账户权限相关的表叫user表,在其中就有创建的用户。

MySQL中完整的用户名是由用户+主机名形成,主机名决定了这个用户在哪个主机上能登陆。

一、用户的创建和密码修改

1.用户的创建

create user 'USERNAME'@'HOST' identified by 'PASSWORD';

示例:

MariaDB [(none)]> create user masuri@192.168.73.133 identified by 'centos';Query OK, 0 rows affected (0.01 sec)MariaDB [(none)]> select user,host,password from mysql.user;+--------+-----------------------+-------------------------------------------+| user | host     | password         |+--------+-----------------------+-------------------------------------------+| root | localhost    |           || root | localhost.localdomain |           || root | 127.0.0.1    |           || root | ::1     |           ||  | localhost    |           ||  | localhost.localdomain |           || masuri | 192.168.73.133  | *128977E278358FF80A246B5046F51043A2B1FCED |+--------+-----------------------+-------------------------------------------+7 rows in set (0.00 sec)

删除用户:

DROP USER 'USERNAME'@'HOST';
MariaDB [(none)]> select user,host,password from mysql.user;+--------+-----------------------+-------------------------------------------+| user | host     | password         |+--------+-----------------------+-------------------------------------------+| root | localhost    |           || root | localhost.localdomain |           || root | 127.0.0.1    |           || root | ::1     |           ||  | localhost    |           ||  | localhost.localdomain |           || masuri | 192.168.73.133  | *128977E278358FF80A246B5046F51043A2B1FCED |+--------+-----------------------+-------------------------------------------+7 rows in set (0.00 sec)MariaDB [(none)]> DROP USER ''@'localhost';Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> DROP USER ''@'localhost.localdomain';Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> select user,host,password from mysql.user;+--------+-----------------------+-------------------------------------------+| user | host     | password         |+--------+-----------------------+-------------------------------------------+| root | localhost    |           || root | localhost.localdomain |           || root | 127.0.0.1    |           || root | ::1     |           || masuri | 192.168.73.133  | *128977E278358FF80A246B5046F51043A2B1FCED |+--------+-----------------------+-------------------------------------------+5 rows in set (0.00 sec)

mysql密码的修改

SET PASSWORD FOR user = PASSWORD('cleartext password')UPDATE table SET password = password('cleartext password')

对masuri用户做密码的修改

MariaDB [(none)]> SET PASSWORD FOR masuri@192.168.73.133 = PASSWORD ('magedu');Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> select user,host,password from mysql.user;+--------+-----------------------+-------------------------------------------+| user | host     | password         |+--------+-----------------------+-------------------------------------------+| root | localhost    |           || root | localhost.localdomain |           || root | 127.0.0.1    |           || root | ::1     |           || masuri | 192.168.73.133  | *6B8CCC83799A26CD19D7AD9AEEADBCD30D8A8664 |+--------+-----------------------+-------------------------------------------+#此时密码已经发生改变
MariaDB [(none)]> update mysql.user set password=password('centos') where user='root';Query OK, 4 rows affected (0.01 sec)Rows matched: 4 Changed: 4 Warnings: 0MariaDB [(none)]> select user,host,password from mysql.user;+--------+-----------------------+-------------------------------------------+| user | host     | password         |+--------+-----------------------+-------------------------------------------+| root | localhost    | *128977E278358FF80A246B5046F51043A2B1FCED || root | localhost.localdomain | *128977E278358FF80A246B5046F51043A2B1FCED || root | 127.0.0.1    | *128977E278358FF80A246B5046F51043A2B1FCED || root | ::1     | *128977E278358FF80A246B5046F51043A2B1FCED || masuri | 192.168.73.133  | *6B8CCC83799A26CD19D7AD9AEEADBCD30D8A8664 |+--------+-----------------------+-------------------------------------------+5 rows in set (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;Query OK, 0 rows affected (0.00 sec)

权限管理涉及到多种权限的类别,比如说有管理类、程序类、数据库级别、表级别和字段级别

管理类:能否创建用户,能否显示数据库列表,能否重新加载配置文件,能否关闭数据库,和复制相关的能否执行,能否管理进程,能否创建临时表,能否创建数据库中的文件。

程序类主要涉及3个程序,函数,存储过程和触发器,例如能否创建,修改,删除和执行这些程序库,表和字段级别的权限:比如能否在库,表字段里进行增、删、查、改等操作

1.授权GRANT

授权用户时如果用户不存在可以将其创建出来,在授权前首先要确认自己是管理员有授权的权限。

GRANT  priv_type [(column_list)]  [, priv_type [(column_list)]] ... ON [object_type] priv_level TO user_specification [, user_specification] ... [REQUIRE {NONE | ssl_option [[AND] ssl_option] ...}] [WITH with_option ...]

创建一个wordpress的用户,并授权。

MariaDB [(none)]> CREATE DATABASE wordpress;Query OK, 1 row affected (0.02 sec)MariaDB [(none)]> GRANT ALL ON wordpress.* TO wpuser@'192.168.73.%' identified by 'mylinuxops';Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> show grants for wpuser@'192.168.73.%';+------------------------------------------------------------------------------------------------------------------+| Grants for wpuser@192.168.73.%                     |+------------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'wpuser'@'192.168.73.%' IDENTIFIED BY PASSWORD '*EC0DBFB480593BB6ED2EC028A4231A72D8137406' || GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wpuser'@'192.168.73.%'             |+------------------------------------------------------------------------------------------------------------------+2 rows in set (0.00 sec)
MAX_QUESRIES_PER_HOUR count #每小时最多查多少次MAX_UPDATES_PER_HOUR count #每小时最多改多少次MAX_CONNECTIONS_PER_HOUR count #每小时最多连多少次MAX_USER_CONNECTIONS count #用户的最大数连接数
REVOKE priv_type [(column_list)]  [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user] ...
MariaDB [(none)]> revoke delete on wordpress.* from wpuser@'192.168.73.%';Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> show grants for wpuser@'192.168.73.%';+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| Grants for wpuser@192.168.73.%                                                   |+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'wpuser'@'192.168.73.%' IDENTIFIED BY PASSWORD '*EC0DBFB480593BB6ED2EC028A4231A72D8137406'                              || GRANT SELECT, INSERT, UPDATE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `wordpress`.* TO 'wpuser'@'192.168.73.%' |+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+2 rows in set (0.00 sec)# 此时wpuser@'192.168.73.%'已经没有了delete权限

工作中有时候可能会遇到root口令丢失的情况,此时可以通过以下方法进行找回root口令

以下为示范如何破解root口令

一、密码未知无法登陆MySQL

[root@localhost ~]# mysqlERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

1.修改配置文件/etc/my.cnf,添加两行参数

skip_grant_tables:跳过授权表信息,此项生效后再次使用MySQL就无需使用密码了,但是远程的其他用户也可以不使用密码登陆,有一定的风险性

skip_networking:关闭网路功能,由于光启用skip_grant_tables选项,其他用户也可以无需密码登陆MySQL非常危险,所以需要关闭网路功能只允许本地的用户进行操作。

[root@localhost ~]# vim /etc/my.cnf[mysqld]skip_networking=on   #不启用网络功能skip_grant_tables=on   #跳过授权表[root@localhost ~]# service mysqld restart       #对位置文件修改后需要重新启动服务Restarting mysqld (via systemctl):       [ OK ]
[root@localhost ~]# mysql           #此时已经无需输入密码就能登陆Welcome to the MariaDB monitor. Commands end with ; or \g.Your MariaDB connection id is 11Server version: 10.2.23-MariaDB-log Source distributionCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> UPDATE mysql.user SET password=PASSWORD('123456') where user='root';  #对root的口令进行修改Query OK, 4 rows affected (0.01 sec)Rows matched: 4 Changed: 4 Warnings: 0

将刚才启用的两个选项进行注销或者删除,然后重启服务

[root@localhost ~]# vim /etc/my.cnf[mysqld]#skip_networking=on   #skip_grant_tables=on   [root@localhost ~]# service mysqld restartRestarting mysqld (via systemctl):       [ OK ]
[root@localhost ~]# mysql -uroot -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g.Your MariaDB connection id is 10Server version: 10.2.23-MariaDB-log Source distributionCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]>

更多相关文章

  1. MySQL系列多表连接查询92及99语法示例详解教程
  2. Andorid Dialog 示例【慢慢更新】
  3. Android(安卓)PureMVC
  4. Ubunu下搭建android NDK环境
  5. 自定义SeekBar主题
  6. android SQLite数据库基本操作示例
  7. android draw bitmap 示例代码
  8. Android启动时启动Activity 的定义的位置
  9. Android适配器之------BaseAdapter(例子)

随机推荐

  1. 如何在AOSP构建中设置默认启动程序?
  2. 最新Eclipse配置Android开发环境SDK 并安
  3. android应用如何在有需要时申请root权限?
  4. Android混合应用程序:JQueryMobile ajax不
  5. Android MediaCodec硬解码AAC音频文件(实
  6. 【Android应用开发技术:应用组件】Android
  7. 自定义适配器的实现
  8. Gradle返回包不存在
  9. 与adb的连接已关闭,并且发生了严重错误[重
  10. Kotlin 学习之类和继承