对除一个 mysql 以外的所有数据库授予选择权限
Ahm*_*sna 6 mysql permissions mysql-5.5
我在 MS Windows 2008R2test_user下有名为created 的用户MySQL 5.5.17,我想授予该用户对除 MySQL 数据库以外的所有数据库的选择权限,注意我在这个实例中有大约 200 个数据库。
编辑:
编辑2:
运行以下查询的输出:
SELECT CONCAT("GRANT SELECT ON ",SCHEMA_NAME,".* TO 'test_user'@'localhost';")
FROM information_schema.SCHEMATA
WHERE SCHEMA_NAME NOT LIKE 'mysql';
既然你有200个数据库,又不想一一授予。最快的方法是
GRANT SELECT ON *.* TO 'test_user'@'localhost';
FLUSH PRIVILEGES;
然后只需撤销mysql db中的权限
REVOKE SELECT ON mysql.* FROM 'test_user'@'localhost' ;
FLUSH PRIVILEGES;
但是当我有选择地 GRANT 然后 REVOKE 在 mysql.* 上。然后它正在工作
user@ubuntu:~$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 150
Server version: 5.5.41-0ubuntu0.12.04.1 (Ubuntu)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> CREATE USER 'mysqlrockstar'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> SHOW GRANTS FOR 'mysqlrockstar'@'localhost';
+---------------------------------------------------+
| Grants for mysqlrockstar@localhost |
+---------------------------------------------------+
| GRANT USAGE ON *.* TO 'mysqlrockstar'@'localhost' |
+---------------------------------------------------+
1 row in set (0.00 sec)
mysql> GRANT SELECT ON mysql.* TO 'mysqlrockstar'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> exit;
Bye
user@ubuntu:~$ mysql -u mysqlrockstar
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 151
Server version: 5.5.41-0ubuntu0.12.04.1 (Ubuntu)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
+--------------------+
2 rows in set (0.06 sec)
mysql> exit;
Bye
user@ubuntu:~$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 152
Server version: 5.5.41-0ubuntu0.12.04.1 (Ubuntu)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> REVOKE SELECT ON mysql.* FROM 'mysqlrockstar'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql> exit;
Bye
user@ubuntu:~$ mysql -u mysqlrockstar
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 153
Server version: 5.5.41-0ubuntu0.12.04.1 (Ubuntu)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.00 sec)
mysql> use mysql;
ERROR 1044 (42000): Access denied for user 'mysqlrockstar'@'localhost' to database 'mysql'
- 不够好——这只会从`mysql.db` 中删除条目。`mysql.user` 中的条目仍然允许用户访问。(投反对票) (2认同)
| 归档时间: |
|
| 查看次数: |
17969 次 |
| 最近记录: |