1. Create a user
Order:
CREATE USER 'username'@'host' IDENTIFIED BY 'password';
illustrate:
- username: the username you will create
- host: Specify the host on which the user can log in. If it is a local user, localhost can be used. If you want the user to log in from any remote host, you can use wildcards
% - password: the user's login password, the password can be empty, if it is empty, the user does not need a password to log in to the server
Case:
CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456'; CREATE USER 'pig'@'192.168.1.101_' IDENDIFIED BY '123456'; CREATE USER 'pig'@'%' IDENTIFIED BY '123456'; CREATE USER 'pig'@'%' IDENTIFIED BY ''; CREATE USER 'pig'@'%';
2. Authorization:
Order:
grant all privileges ON databasename.tablename TO 'username'@'host' grant all privileges ON databasename.tablename TO 'username'@'host' identified by '123456';
illustrate:
- all: represents all permissions
- Privileges: The user's operating authority, such as
SELECT,INSERT,UPDATEetc. If you want to grant additions, deletions, modifications, and inquiries, replace all privileges with the corresponding permissions. - databasename: database name
- tablename: table name, if you want to grant the user the corresponding operation permissions on all databases and tables, it can be
*expressed, such as*.* - username: is the username (if the user is not created, it will be automatically created here)
- host: Refers to the IP address of the client accessing the database, such as the 172.16.5 network segment (172.16.5.%). If all IP addresses are accessible, write % directly.
- If a password is required for authorized access, the identified by '******' parameter needs to be added, followed by the permission inside the single quotation marks.
Case:
#Give leihaidong all permissions on all databases for this user.
grant all privileges on *.* to 'leihaidong'@'%' identified by '123456';
#Give the user leihaidong the right to query and update.
grant select,update on *.* to 'leihaidong'@'%' identified by '123456';
Notice:
After the authorization is completed, you need to use flush privileges; the authorization is not completed until the authorization is refreshed.
Notice:
If you are not the root user to log in to authorize other users, you need to write the following.
GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION;
3. Setting and changing user password
Order:
SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');
If it is a currently logged in user:
SET PASSWORD = PASSWORD("newpassword");
4. Revoke user rights
Order:
REVOKE privilege ON databasename.tablename FROM 'username'@'host';
illustrate:
privilege, databasename, tablename: the same as the authorization part
REVOKE SELECT ON *.* FROM 'pig'@'%';
Notice:
If you 'pig'@'%'authorize the user like this (or similar): GRANT SELECT ON test.user TO 'pig'@'%', then REVOKE SELECT ON *.* FROM 'pig'@'%';the user's operations on the user table in the test database cannot be undone by using the command SELECT . Conversely, if the authorization is used, GRANT SELECT ON *.* TO 'pig'@'%';the REVOKE SELECT ON test.user FROM 'pig'@'%';command cannot revoke the user's authority to the user table in the test database Select.
Check the current authorization status of a user:
SHOW GRANTS FOR 'leihaidong'@'%';
5. Delete user (delete user authorization)
Order:
DROP USER 'username'@'host';
Notice:
1. If the above revocation of user authorization fails, you can directly use the drop user command to directly delete all authorizations of a user.
2. You can also use the Navicat Premium_11 software to log in to mysql, view the user table under mysql, and delete the permissions of the corresponding user (provided that the user you use for remote data has operation permissions to the user table under the mysql database)
