mysql -uroot -proot
MySQL5.7 mysql.user table has no password field to change authentication_string;
1. Create a user:
命令:CREATE USER 'username'@'host' IDENTIFIED BY 'password';
例子: CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456';
CREATE USER 'dog2'@'localhost' IDENTIFIED BY '';
PS: username - the username you will create,
host - specifies the host on which the user can log in. The "localhost" here means that the user can only log in locally and cannot log in remotely on another machine. If you want to log in remotely, change "localhost" to It is "%", which means that you can log in on any computer; you can also specify that a certain machine can log in remotely;
password - the user's login password, the password can be empty, if it is empty, the user does not need a password to log in to the server.
2. Authorization:
命令:GRANT privileges ON databasename.tablename TO 'username'@'host'
PS: privileges - user's operating permissions, such as SELECT, INSERT, UPDATE, etc. (see the end of this article for a detailed list). If you want to grant all permissions, use ALL.;databasename - database name, tablename-table name, if you want to grant The corresponding operation authority of the user to all databases and tables can be represented by *, such as *.*.
例子: GRANT SELECT, INSERT ON mq.* TO 'dog'@'localhost';
3. Create a user and authorize at the same time
mysql> grant all privileges on mq.* to test@localhost identified by '1234';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)
PS: flush privileges must be executed;
Otherwise, it will prompt when logging in: ERROR 1045 (28000): Access denied for user 'user'@'localhost' (using password: YES )
4. Set and change user password
命令:SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');
例子: SET PASSWORD FOR 'dog2'@'localhost' = PASSWORD("dog");
5. Revoke user permissions
命令: REVOKE privilege ON databasename.tablename FROM 'username'@'host';
Description: privilege, databasename, tablename - same as authorization section.
例子: REVOKE SELECT ON mq.* FROM 'dog2'@'localhost';
PS: If you authorize user 'dog'@'localhost'' like this (or similar): GRANT SELECT ON test.user TO 'dog'@'localhost', then use REVOKE SELECT ON *. * The FROM 'dog'@'localhost'; command does not revoke the user's SELECT operation on the user table in the test database. On the contrary, if the authorization is GRANT SELECT ON *.* TO 'dog'@'localhost'; REVOKE The SELECT ON test.user FROM 'dog'@'localhost'; command also cannot revoke the user's Select permission on the user table in the test database.
The specific information can be viewed with the command SHOW GRANTS FOR 'dog'@'localhost';.
6. Delete users
命令: DROP USER 'username'@'host';
7. Check the user's authorization
mysql> show grants for dog@localhost;
+---------------------------------------------+
| Grants for dog@localhost |
+---------------------------------------------+
| GRANT USAGE ON *.* TO 'dog'@'localhost' |
| GRANT INSERT ON `mq`.* TO 'dog'@'localhost' |
+---------------------------------------------+
2 rows in set (0.00 sec)
PS:GRANT USAGE:mysql usage permission is empty permission, the default create user permission, can only connect to the library, can't do anything