First, create a user:
命令:CREATE USER 'username'@'host' IDENTIFIED BY 'password';
Description: username - the username you will create, host - specify the host on which the user can log in, if it is a local user, you can use localhost. If you want the user to log in from any remote host, you can use the wildcard %. password - the The user's login password, the password can be empty, if it is empty, the user does not need a password to log in to the server.
例子: CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456';
CREATE USER 'pig'@'192.168.1.101' IDENDIFIED BY '123456';
CREATE USER 'pig'@'192.168.1.%' IDENDIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '';
CREATE USER 'pig'@'%';
Second, authorization:
命令:GRANT privileges ON databasename.tablename TO 'username'@'host'
Description: privileges - user's operating privileges, such as SELECT, INSERT, UPDATE , etc. (see the end of this article for a detailed list). If you want to grant all privileges, use ALL .;databasename - database name, tablename-table name, if you want to grant The corresponding operation permissions of the user to all databases and tables can be represented by *, such as *.*.
例子: GRANT SELECT, INSERT ON test.user TO 'pig'@'%';
GRANT ALL ON *.* TO 'pig'@'%';
Note: The user authorized by the above command cannot authorize other users. If you want the user to be authorized, use the following command:
GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION ;
Privilege information is stored in the mysql database (ie, in a database named mysql) with the user, db, host, tables_priv, and columns_priv tables.
Privilege column Context
select Select_priv table
insert Insert_priv table
update Update_priv table
delete Delete_priv table
index Index_priv table
alter Alter_priv table
create Create_priv database, table or index
drop Drop_priv database or table
grant Grant_priv database or table
references References_priv database or table
reload Reload_priv server management
shutdown Shutdown_priv server management
process Process_priv server management
file File_priv file access on the server
3. Setting and changing user password
Command: SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword'); If it is the current login user, use SET PASSWORD = PASSWORD("newpassword");
例子: SET PASSWORD FOR 'pig'@'%' = PASSWORD("123456");
四.撤销用户权限
命令: REVOKE privilege ON databasename.tablename FROM 'username'@'host';
说明: privilege, databasename, tablename - 同授权部分.
例子: REVOKE SELECT ON *.* FROM 'pig'@'%';
注意: 假如你在给用户'pig'@'%'授权的时候是这样的(或类似的):GRANT SELECT ON test.user TO 'pig'@'%', 则在使用REVOKE SELECT ON *.* FROM 'pig'@'%';命令并不能撤销该用户对test数据库中user表的SELECT 操作.相反,如果授权使用的是GRANT SELECT ON *.* TO 'pig'@'%';则REVOKE SELECT ON test.user FROM 'pig'@'%';命令也不能撤销该用户对test数据库中user表的Select 权限.
具体信息可以用命令SHOW GRANTS FOR 'pig'@'%'; 查看.
五.删除用户
命令: DROP USER 'username'@'host';
六 查看用户的授权
mysql> show grants for 'test01'@'localhost';
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for test01@localhost |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'test01'@'localhost' |
| GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `test001`.* TO 'test01'@'localhost' |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.01 sec)
mysql> show grants for 'test02'@'localhost';
+-------------------------------------------------------------+
| Grants for test02@localhost |
+-------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'test02'@'localhost' |
| GRANT ALL PRIVILEGES ON `test001`.* TO 'test02'@'localhost' |
+-------------------------------------------------------------+
2 rows in set (0.00 sec)
转载地址: