mysql放开权限控制_mysql06---权限控制-阿里云开发者社区

mysql权限管理：

mysql的权限控制，首先在user表判断有没有权限连，连上后看有没有全局权限。然后看db表有哪些库级别的权限。然后看tables_priv表有哪些表级别的权限。最后还可以看有哪些列级别的权限。

mysql权限检查：1.有没有权连接上来2.有没有权执行操作(crud)

服务器是如何判断用户有没有权限连接上来：1.你从哪里来，host2.你是谁，user

3.你的密码

用户的这3个信息存储在mysql数据库的user表下

mysql> usemysql

mysql> desc user;

mysql> select Host,User from user;+-----------+---------------+

| Host | User |

+-----------+---------------+

就算知道用户名和密码，但是可以限制ip。

修改user的host域，update user set host="192.168.1.101" where user='root';

flushprivileges; 冲刷权限，

如何修改用户的密码：update user set password=passwiord('111111') where user='root'flushprivileges;

mysql库下有一个db表，

用户连上来先通过user表，看能不能进来，然后经过db表判断有没有某个库的操作权，然后通过tables_priv判断有没有库下哪个表的权限。//新增一个用户，grant[权限1，权限2，权限3......] on 哪个库.哪个表 to 用户@'host' identified by 'password'常用权限all(所有权限)，creat,drop,insert,delete,update,selectmysql> grant all on *.* to lisi@'127.0.0.1' identified by '111111';

Query OK,0rows affected

mysql> select Host,User from user;+-----------+---------------+

| Host | User |

+-----------+---------------+

| 127.0.0.1 | lisi |

| localhost | mysql.session |

| localhost | mysql.sys |

| localhost | root |

+-----------+---------------+

C:\Users\Administrator>mysql -h127.0.0.1 -ulisi -p //用户lisi登陆

Enter password:******Welcometo the MySQL monitor. Commands end with ; or\g.

Your MySQL connection idis 8Server version:5.7.20MySQL Community Server (GPL)

mysql> select * from user where user='lisi'\G;*************************** 1. row ***************************Host:127.0.0.1

User: lisi

Select_priv: Y

Insert_priv: Y

Update_priv: Y

Delete_priv: Y

Create_priv: Y

Drop_priv: Y

Reload_priv: Y

Shutdown_priv: Y

Process_priv: Y

File_priv: Y

Grant_priv: N

References_priv: Y

Index_priv: Y

Alter_priv: Y

Show_db_priv: Y

Super_priv: Y

Create_tmp_table_priv: Y

Lock_tables_priv: Y

Execute_priv: Y

Repl_slave_priv: Y

Repl_client_priv: Y

Create_view_priv: Y

Show_view_priv: Y

Create_routine_priv: Y

Alter_routine_priv: Y

Create_user_priv: Y

Event_priv: Y

Trigger_priv: Y

Create_tablespace_priv: Y

ssl_type:

ssl_cipher:

x509_issuer:

x509_subject:

max_questions:0max_updates:0max_connections:0max_user_connections:0plugin: mysql_native_password

authentication_string:*FD571203974BA9AFE270FE62151AE967ECA5E0AA

password_expired: N

password_last_changed:2017-12-29 21:30:25password_lifetime:NULLaccount_locked: N1 row in set (0.00sec)//收回权限，revoke all on *.* from lisi@'127.0.0.1',

mysql> revoke all on *.* from lisi@'127.0.0.1';

Query OK,0rows affected

mysql> select * from user where user='lisi'\G;*************************** 1. row ***************************Host:127.0.0.1

User: lisi

Select_priv: N

Insert_priv: N

Update_priv: N

Delete_priv: N

Create_priv: N

Drop_priv: N

Reload_priv: N

Shutdown_priv: N

Process_priv: N

File_priv: N

Grant_priv: N

References_priv: N

Index_priv: N

Alter_priv: N

Show_db_priv: N

Super_priv: N

Create_tmp_table_priv: N

Lock_tables_priv: N

Execute_priv: N

Repl_slave_priv: N

Repl_client_priv: N

Create_view_priv: N

Show_view_priv: N

Create_routine_priv: N

Alter_routine_priv: N

Create_user_priv: N

Event_priv: N

Trigger_priv: N

Create_tablespace_priv: N

ssl_type:

ssl_cipher:

x509_issuer:

x509_subject:

max_questions:0max_updates:0max_connections:0max_user_connections:0plugin: mysql_native_password

authentication_string:*FD571203974BA9AFE270FE62151AE967ECA5E0AA

password_expired: N

password_last_changed:2017-12-29 21:30:25password_lifetime:NULLaccount_locked: N1 row in set (0.00sec)

mysql库下面的user里面可以检测能不能登陆，并且里面的权限是全局的，所有库所有表的。//不是全局授权，而是分库分表管理权限。grant all on test3.* to lidi@'127.0.0.1'; //给lisi test3库所有表的所有权限。//针对某个表做授权grant creat,drop,insert,update,select on test3.goods to lisi@'127.0.0.1';//test3库的goods表做权限控制，//数据库级别的权限在db表中，表级别的权限在tables_priv表中。

mysql> select * from db \G; //哪个用户在哪个库哪个主机有哪些权限*************************** 1. row ***************************Host: localhost

Db: performance_schemaUser: mysql.session

Select_priv: Y

Insert_priv: N

Update_priv: N

Delete_priv: N

Create_priv: N

Drop_priv: N

Grant_priv: N

References_priv: N

Index_priv: N

Alter_priv: N

Create_tmp_table_priv: N

Lock_tables_priv: N

Create_view_priv: N

Show_view_priv: N

Create_routine_priv: N

Alter_routine_priv: N

Execute_priv: N

Event_priv: N

Trigger_priv: N*************************** 2. row ***************************Host: localhost

Db: sysUser: mysql.sys

Select_priv: N

Insert_priv: N

Update_priv: N

Delete_priv: N

Create_priv: N

Drop_priv: N

Grant_priv: N

References_priv: N

Index_priv: N

Alter_priv: N

Create_tmp_table_priv: N

Lock_tables_priv: N

Create_view_priv: N

Show_view_priv: N

Create_routine_priv: N

Alter_routine_priv: N

Execute_priv: N

Event_priv: N

Trigger_priv: Y*************************** 4. row ***************************Host:127.0.0.1Db: test2User: lisi

Select_priv: Y

Insert_priv: Y

Update_priv: Y

Delete_priv: Y

Create_priv: Y

Drop_priv: Y

Grant_priv: N

References_priv: Y

Index_priv: Y

Alter_priv: Y

Create_tmp_table_priv: Y

Lock_tables_priv: Y

Create_view_priv: Y

Show_view_priv: Y

Create_routine_priv: Y

Alter_routine_priv: Y

Execute_priv: Y

Event_priv: Y

Trigger_priv: Y4 rows in set (0.00sec)

mysql> select * fromtables_priv \G;*************************** 1. row ***************************Host: localhost

Db: mysqlUser: mysql.session

Table_name:userGrantor: boot@connectinghostTimestamp: 0000-00-00 00:00:00Table_priv:SelectColumn_priv:*************************** 2. row ***************************Host: localhost

Db: sysUser: mysql.sys

Table_name: sys_config

Grantor: root@localhost

Timestamp: 2017-12-25 15:09:21Table_priv:SelectColumn_priv:*************************** 3. row ***************************Host:127.0.0.1Db: test3User: lisi

Table_name: goods

Grantor: root@localhost

Timestamp: 0000-00-00 00:00:00Table_priv:Select,Insert,Update,Create,DropColumn_priv:3 rows in set (0.00sec)//mysql的权限控制可以精确到列，常用的授权项，

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/news/527932.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！