Mar*_*ace 7 mysql permissions users
有人新加入了公司,我使用以下命令在 mysql 中为她创建了一个帐户:
CREATE USER 'username' IDENTIFIED BY 'password'
她需要创建自己的模式,因此使用:
GRANT CREATE ON *.* TO username;
问题是现在她能够创建新的模式和表,但她不能用它做任何事情。我希望她不能访问现有的模式/表,但能够创建自己的数据库并对其进行任何操作。这可能吗?
授予对数据库中的所有PRIVSmydb到username
GRANT ALL PRIVILEGES ON mydb.* TO username;
授予对表PRIVSmydb.mytable到username
GRANT ALL PRIVILEGES ON mydb.mytable TO username;
我建议您先删除用户以清除所有服务器范围的权限。
DROP USER username;
CREATE USER username;
GRANT ALL PRIVILEGES ON mydb.* TO username;
为什么要先删除用户?当您第一次创建一个名为username并登录的用户时,用户名没有权限。跑SHOW GRANTS;过去看看就好了。它应该说类似GRANT USAGE ON *.* TO username. 那一刻,username只能登录。这是您创造特权的机会。
如果你跑
GRANT ALL PRIVILEGES ON *.* TO username;
用户名将拥有全局数据库权限(所有数据库)
如果你跑
GRANT ALL PRIVILEGES ON mydb.* TO username;
username 将mydb仅对数据库具有数据库范围的权限。
如果你跑
GRANT ALL PRIVILEGES ON mydb.mytable TO username;
username 将仅对 mydb.mytable 具有表权限。
你不能混合它们。如果你这样做,你不小心滑倒username了username不应该拥有的特权。
如果您想查看三个级别存在哪些权限,请运行以下查询
SELECT table_name,column_name
FROM information_schema.columns
WHERE table_schema='mysql'
AND table_name IN ('user','db','tables_priv')
AND column_name LIKE '%\_priv'
ORDER BY table_name,column_name;
这是 MySQL 5.5 的权限
mysql> SELECT table_name,column_name
-> FROM information_schema.columns
-> WHERE table_schema='mysql'
-> AND table_name IN ('user','db','tables_priv')
-> AND column_name LIKE '%\_priv'
-> ORDER BY table_name,column_name;
+-------------+------------------------+
| table_name | column_name |
+-------------+------------------------+
| db | Alter_priv |
| db | Alter_routine_priv |
| db | Create_priv |
| db | Create_routine_priv |
| db | Create_tmp_table_priv |
| db | Create_view_priv |
| db | Delete_priv |
| db | Drop_priv |
| db | Event_priv |
| db | Execute_priv |
| db | Grant_priv |
| db | Index_priv |
| db | Insert_priv |
| db | Lock_tables_priv |
| db | References_priv |
| db | Select_priv |
| db | Show_view_priv |
| db | Trigger_priv |
| db | Update_priv |
| tables_priv | Column_priv |
| tables_priv | Table_priv |
| user | Alter_priv |
| user | Alter_routine_priv |
| user | Create_priv |
| user | Create_routine_priv |
| user | Create_tablespace_priv |
| user | Create_tmp_table_priv |
| user | Create_user_priv |
| user | Create_view_priv |
| user | Delete_priv |
| user | Drop_priv |
| user | Event_priv |
| user | Execute_priv |
| user | File_priv |
| user | Grant_priv |
| user | Index_priv |
| user | Insert_priv |
| user | Lock_tables_priv |
| user | Process_priv |
| user | References_priv |
| user | Reload_priv |
| user | Repl_client_priv |
| user | Repl_slave_priv |
| user | Select_priv |
| user | Show_db_priv |
| user | Show_view_priv |
| user | Shutdown_priv |
| user | Super_priv |
| user | Trigger_priv |
| user | Update_priv |
+-------------+------------------------+
50 rows in set (0.01 sec)
mysql>
运行查询以查看 5.1 和 5.0 的权限
| 归档时间: |
|
| 查看次数: |
61300 次 |
| 最近记录: |