About user authorization and how to delete authorization in MySQL

 

This article mainly introduces relevant information about user authorization and methods to delete authorization in MySQL. Friends who need it can refer to it.

User authorization method

You can add new users by issuing a GRANT statement:

shell> mysql --user=root mysql
　mysql> GRANT ALL PRIVILEGES ON *.* TO monty@localhost
　IDENTIFIED BY 'something' WITH GRANT OPTION;
　mysql> GRANT ALL PRIVILEGES ON *.* TO monty@"%"
　IDENTIFIED BY 'something' WITH GRANT OPTION;
　mysql> GRANT RELOAD,PROCESS ON *.* TO admin@localhost;
　mysql> GRANT USAGE ON *.* TO dummy@localhost;

These GRANT statements install 3 new users

Authorization:

Order:

GRANT privileges ON databasename.tablename TO 'username'@'host'

Description: privileges - user's operation permissions, such as SELECT, INSERT, UPDATE, etc. (see the end of this article for a detailed list). If you want to grant all permissions, use ALL.; databasename - database name, tablename - table name, if you want to grant The corresponding operation permissions of this user on all databases and tables can be represented by *, such as *.*.

example:

GRANT SELECT, INSERT ON test.user TO 'pig'@'%';
GRANT ALL ON *.* TO 'pig'@'%';

Note: A user authorized with the above command cannot authorize other users. If you want this user to be able to authorize, use the following command:

GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION;

3. Set and change user password

Order:

SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');

If the currently logged in user uses

SET PASSWORD = PASSWORD("newpassword");

example:

SET PASSWORD FOR 'pig'@'%' = PASSWORD("123456");

Revoke authority and delete user

To revoke a user's permissions, use the REVOKE statement. The syntax of REVOKE is very similar to the GRANT statement, except that TO is replaced by FROM and there are no INDETIFED BY and WITH GRANT OPTION clauses:

REVOKE privileges (columns) ON what FROM user

The user part must match the user part of the original GRANT statement from the user you want to revoke. The privileges part does not need to match. You can use the GRANT statement to authorize, and then use the REVOKE statement to revoke only part of the permissions.

The REVOKE statement only removes permissions, not users. Even if you revoke all permissions, the user record in the user table is still retained, which means that the user can still connect to the server. To completely delete a user, you must explicitly delete the user record from the user table with a Delete statement:

%mysql -u root mysqlmysql>Delete FROM user ->Where User="user_name" and Host="host_name";mysql>FLUSH PRIVILEGES;

The Delete statement deletes user records, while the FLUSH statement tells the server to reload the authorization table. (The table is automatically reloaded when you use the GRANT and REVOKE statements, but not when you modify the grant table directly.)

Reprinted from: Weidian Reading    https://www.weidianyuedu.com