1. Modify the mysql database prompt
1.1 mysql login prompt temporary modification, after the end of the session failed
mysql> prompt \u@\h [\d] \r:\m:\s->
PROMPT set to '\u@\h [\d] \r:\m:\s->'
root@localhost [(none)] 09:18:10->\q1.2 mysql login prompt permanent modification
In the my.cnf configuration file, add [mysql] under the following modules (note, not [mysqld]) saved, without having to restart MySQL, exit the current session, you can log in again; if you add in my.cnf, you can use \, to avoid problems caused by the escape
[root@192168066012_MySQL_5_7_27 ~]# vim /etc/my.cnf
[mysql]
prompt=\\u@\\h [\d] \\r:\\m:\\s->2 use the help in the mysql
By default, MySQL command is case-insensitive;
Help <Command> # methods can view the specific command
root@localhost [(none)] 09:27:28->help show;
Name: 'SHOW'
Description:
SHOW has many forms that provide information about databases, tables,
columns, or status information about the server. This section describes
those following:
SHOW {BINARY | MASTER} LOGS
SHOW BINLOG EVENTS [IN 'log_name'] [FROM pos] [LIMIT [offset,] row_count]
SHOW CHARACTER SET [like_or_where]
SHOW COLLATION [like_or_where]
SHOW [FULL] COLUMNS FROM tbl_name [FROM db_name] [like_or_where]
SHOW CREATE DATABASE db_name
SHOW CREATE EVENT event_name
SHOW CREATE FUNCTION func_name
SHOW CREATE PROCEDURE proc_name
SHOW CREATE TABLE tbl_name
SHOW CREATE TRIGGER trigger_name
SHOW CREATE VIEW view_name
SHOW DATABASES [like_or_where]
SHOW ENGINE engine_name {STATUS | MUTEX}
SHOW [STORAGE] ENGINES
...省略3 Set and modify MySQL USER password
3.1 USER command line to set the password method
Examples of single password provided #MySQL
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot password "boyu123"#MySQL multi-instance password
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot password 'boyu123' -S /application/mysql/data/3306/mysql.sock3.2 Method root password modification command <commonly used method>
#MySQL single instance Change Password
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 password 'boyu1234'#MySQL multi-instance Change Password
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 password 'boyu1234' -S /application/mysql/data/3306/mysql.sock3.3 sql statement modified method <method is dangerous>
# Change the root password for boyu123
root@localhost [(none)] 09:43:22->update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 0 Warnings: 1
#重新加载使配置立即生效
root@localhost [(none)] 09:44:33->flush privileges;
Query OK, 0 rows affected (0.00 sec)Tip:
. A must specify where the conditions, otherwise all the password is changed, danger! ! !
b. You must use password () function encryption changes
4 single instance of MySQL USER recover lost passwords
First stop MySQL 4.1 database
Single Instance stop MySQL database
[root@192168066012_MySQL_5_7_27 ~]# /etc/init.d/mysqld stop
Shutting down MySQL. SUCCESS!4.2 Use --skip-grant-tables start the MySQL database, ignoring authorization login authentication
Command line, type the following command
mysqld_safe --skip-grant-tables --user = mysql &
input mysql can skip to verify access to the database
mysql
Update update root password
mysqladmin elegant close the database
mysql -uroot -pboyu123 you can log in the database
Tip: At startup, plus --skip-grant-tables parameter, omit the authorization form validation
4.3 --skip-grant-tables method of operating parameters
#跳过授权表验证
[root@192168066012_MySQL_5_7_27 ~]# mysqld_safe --skip-grant-tables --user=mysql &
[1] 130775
[root@192168066012_MySQL_5_7_27 ~]# 2019-07-31T13:57:05.294289Z mysqld_safe Logging to '/application/mysql/logs/mysql_5_7_27.err'.
2019-07-31T13:57:05.327331Z mysqld_safe Starting mysqld daemon with databases from /application/mysql/data
#检查一下数据库进程
[root@192168066012_MySQL_5_7_27 ~]# ps -ef|grep 3306
root 359 99061 0 21:57 pts/1 00:00:00 grep --color=auto 3306
mysql 131036 130775 2 21:57 pts/1 00:00:00 /application/mysql/bin/mysqld --basedir=/application/mysql --datadir=/application/mysql/data --plugin-dir=/application/mysql/lib/plugin --user=mysql --skip-grant-tables --log-error=/application/mysql/logs/mysql_5_7_27.err --pid-file=/application/mysql/mysqld.pid --socket=/application/mysql/tmp/mysql.sock --port=3306
#无需密码,即可登入数据库
[root@192168066012_MySQL_5_7_27 ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
#更新root密码
root@localhost [(none)] 10:03:30->update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.01 sec)
Rows matched: 1 Changed: 0 Warnings: 1
#刷新授权表
root@localhost [(none)] 10:04:28->flush privileges;
Query OK, 0 rows affected (0.00 sec)
root@localhost [(none)] 10:04:32->\q
Bye
#优雅停止数据库
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 shutdown
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
2019-07-31T14:05:16.946425Z mysqld_safe mysqld from pid file /application/mysql/mysqld.pid ended
[1]+ Done mysqld_safe --skip-grant-tables --user=mysql
#启动数据库
[root@192168066012_MySQL_5_7_27 ~]# /etc/init.d/mysqld start
Starting MySQL. SUCCESS!
#此时,就可以使用新密码登录数据库了
[root@192168066012_MySQL_5_7_27 ~]# mysql -uroot -pboyu123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
root@localhost [(none)] 10:05:42->More than five instances of MySQL USER recover lost passwords
First stop MySQL 5.1 database
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -p"boyu123" -S /application/mysql/data/3306/mysql.sock shutdown5.2 Use --skip-grant-table start the MySQL database, ignoring authorization login authentication
[root@192168066012_MySQL_5_7_27 ~]# /application/mysql/bin/mysqld_safe --skip-grant-tables --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err &5.3 No password database, change the root password, refresh the grant tables
[root@192168066012_MySQL_5_7_27 ~]# mysql -S /application/mysql/data/3306/mysql.sock
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
mysql> update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.01 sec)
Rows matched: 1 Changed: 0 Warnings: 1
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye5.4 Stop 3306 database, and use the new password database
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -p"boyu123" -S /application/mysql/data/3306/mysql.sock shutdown
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
2019-08-08T03:37:09.248027Z mysqld_safe mysqld from pid file /application/mysql/data/3306/mysql.pid ended
[1]+ Done /application/mysql/bin/mysqld_safe --skip-grant-tables --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err
#启动3306数据库
[root@192168066012_MySQL_5_7_27 ~]# /application/mysql/bin/mysqld --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err &
#新密码登录数据库
[root@192168066012_MySQL_5_7_27 ~]# mysql -uroot -pboyu123 -S /application/mysql/data/3306/mysql.sock
...省略
mysql>6 SQL Structured Query Language
6.1 What is SQL?
SQL (Structured Query Language) is a structured query language (programming language and database query), which is a method for the language data in relational database operations and defined
6.2 Common SQL statement classification
a. DDL --- Data Definition Language (CREATE, ALTER, DROP)
full name (Data Definition Language), database, create a new table or delete tables, indexes, and so added to the table, the action is part of a query
b. DML --- data Manipulation language (SELECT, INSERT, dELETE, UPDATE )
the full name (data Manipulation language), a database, modify, and delete rows in the table (data), also known as action query language
c. DCL --- data control language (GRANT, REVOKE, COMMIT, ROLLBACK)
the full name (Data Control Language), a database, license, determining a single user and group access to the database objects
7 Create a database
Note that the library name can not start with digital
command syntax: create database <database name>
- The default configuration database, create the equivalent of the Latin character set database
root@localhost [(none)] 10:20:09-> create database boyu;- Create database character set gbk
root@localhost [(none)] 10:20:09-> create database boyu_gbk DEFAULT CHARACTER SET gbk COLLATE gbk_chinese_ci;- Create database character set utf8
root@localhost [(none)] 10:20:09-> create database boyu_utf8 DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;- View the database character set has been created
root@localhost [(none)] 10:20:09-> show create database boyu_utf8\G
+-----------+--------------------------------------------------------------------+
| Database | Create Database |
+-----------+--------------------------------------------------------------------+
| boyu_utf8 | CREATE DATABASE "boyu_utf8" /*!40100 DEFAULT CHARACTER SET utf8 */ |
+-----------+--------------------------------------------------------------------+
1 row in set (0.00 sec)Tip:
. A character set is inconsistent database Chinese garbled the contents of the culprit
. B if the compiler when installed, specifies a particular character set, then later creates a corresponding database character set, you need to specify the character set.
c. the enterprise how to create a database?
Determine the character set based on program development (usually UTF8)
compile time specified character set, and then again when created, can be created by default; for example:
-DDEFAULT_CHARSET = utf8 \
-DDEFAULT_COLLATION = utf8_general_ci \
the Create Database boyu;
compiled without specify the character set, or specify a different character sets and procedures, how to solve?
Create a database, you can specify the character set;
8 shows the database
Command Syntax: show databases;
- Displays all the current database
root@localhost [(none)] 10:31:00->show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| boyu |
| boyu_gbk |
| boyu_utf8 |
| mysql |
| performance_schema |
| sys |
+--------------------+
7 rows in set (0.00 sec)- Display boyu database
root@localhost [(none)] 10:31:05->show databases like 'boyu';
+-----------------+
| Database (boyu) |
+-----------------+
| boyu |
+-----------------+
1 row in set (0.00 sec)- Displayed in multiple databases boyu beginning, as a wildcard%
root@localhost [(none)] 10:31:36->show databases like 'boyu%';
+------------------+
| Database (boyu%) |
+------------------+
| boyu |
| boyu_gbk |
| boyu_utf8 |
+------------------+
3 rows in set (0.00 sec)9 Delete Database
Command syntax: drop database <database name>
- Delete the database named boyu_utf8
root@localhost [(none)] 10:31:43->drop database boyu_utf8;
Query OK, 0 rows affected (0.00 sec)9.1 subconscious learning View Help
root@localhost [(none)] 10:39:10->help drop database;
Name: 'DROP DATABASE'
Description:
Syntax:
DROP {DATABASE | SCHEMA} [IF EXISTS] db_name
DROP DATABASE drops all tables in the database and deletes the
database. Be very careful with this statement! To use DROP DATABASE,
you need the DROP privilege on the database. DROP SCHEMA is a synonym
for DROP DATABASE.10 connecting to the database
Command Syntax: use <database name>
- Connection / database into the boyu
root@localhost [(none)] 10:45:04->use boyu;
Database changed- View the database is currently located
root@localhost [boyu] 10:45:07->select database();
+------------+
| database() |
+------------+
| boyu |
+------------+
1 row in set (0.00 sec)- View the current version of the database
root@localhost [boyu] 10:45:24->select version();
+------------+
| version() |
+------------+
| 5.7.27-log |
+------------+
1 row in set (0.00 sec)- Check the system / database current time
root@localhost [boyu] 10:45:33->select now();
+---------------------+
| now() |
+---------------------+
| 2019-07-31 22:45:53 |
+---------------------+
1 row in set (0.00 sec)11 Creating MySQL user and give the user permissions
11.1 with the help grant View command help
By looking at the help grant commands, you can easily find and create user authorization examples
root@localhost [boyu] 10:45:53->help grant;
...省略
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost';
ALTER USER 'jeffrey'@'localhost' WITH MAX_QUERIES_PER_HOUR 90;11.2 operation and maintenance personnel to create a user commonly used method, using a grant to create a user simultaneously authority delegation, for example:
GRANT ALL ON db1.* TO 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';11.3 grant command help which provides a user with the create command to create, and then grant the authorization method, namely, to create a separate user and authorization privileges, for example:
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
以上两条命令相当于下面一条命令:
GRANT ALL ON db1.* TO 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';11.4 Create a user command and authorized by grant
grant语法:grant all privileges on dbname.* to ‘username’@‘localhost’ identified by 'mypass';
| grant | all privileges | on dbname.* | to username@localhost | identified by 'mypass' |
|---|---|---|---|---|
| Authorization command | The corresponding authority | Objectives: Library and tables | The user name and client host | user password |
Description: By all rights the user username dbname database management on the authorization host localhost, password passwd. Wherein username, dbname, passwd can be modified according to the Operational
- Creating boyu user, password boyu123, and authorize access rights to the database boyu
root@localhost [boyu] 11:02:41->grant all privileges on boyu.* to 'boyu'@'localhost' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)- Refresh authority table
root@localhost [boyu] 11:03:13->flush privileges;
Query OK, 0 rows affected (0.00 sec)- Query status
root@localhost [boyu] 11:06:03->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)- Have permission to view boyu
root@localhost [boyu] 11:10:18->show grants for 'boyu'@'localhost';
+--------------------------------------------------------+
| Grants for boyu@localhost |
+--------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu'@'localhost' |
| GRANT ALL PRIVILEGES ON "boyu".* TO 'boyu'@'localhost' |
+--------------------------------------------------------+
2 rows in set (0.00 sec)11.5 Authorization host LAN remote database connection
According grant command syntax, we know oldboy @ localhost position is authorized to access the database host, localhost can use the domain name, IP address, or IP segment instead
a. Matching Percent
root@localhost [boyu] 11:10:41->grant all on boyu.* to boyu@'192.168.66.%' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.01 sec)
root@localhost [boyu] 11:18:50->flush privileges;
Query OK, 0 rows affected (0.00 sec)b. Method subnet mask
root@localhost [boyu] 11:18:55->grant all on boyu.* to boyu1@'192.168.66.0/255.255.255.0' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
root@localhost [boyu] 11:19:34->flush privileges;
Query OK, 0 rows affected (0.00 sec)c. authorize single IP remote connections
root@localhost [boyu] 11:19:37->grant all on boyu.* to boyu2@'192.168.66.11' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
root@localhost [boyu] 11:19:44->flush privileges;
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 11:19:46->select user,host from mysql.user;
+-------+----------------------------+
| user | host |
+-------+----------------------------+
| boyu | 192.168.66.% |
| boyu1 | 192.168.66.0/255.255.255.0 |
| boyu2 | 192.168.66.11 |
| boyu | localhost |
| root | localhost |
+-------+----------------------------+
5 rows in set (0.00 sec)12 Delete MySQL system account surplus
- drop user "user" @ "host domain", note the quotation marks, which can be single or double quotation marks, but can not be quoted
root@localhost [boyu] 11:20:02->drop user 'boyu1'@'192.168.66.0/255.255.255.0';
Query OK, 0 rows affected (0.01 sec)
root@localhost [boyu] 12:47:53->delete from mysql.user where user='boyu2' and host='192.168.66.11';
Query OK, 1 row affected (0.00 sec)
root@localhost [boyu] 01:09:50->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)- Note: If the drop can not be deleted (usually special characters or uppercase), you can delete (to BO # Y & U0 @ 07 users, BOYU host, for example) in the following manner
root@localhost [boyu] 01:27:43->select user,host from mysql.user;
+------------+-----------+
| user | host |
+------------+-----------+
| BO#Y&U0@07 | boyu |
| boyu | localhost |
| root | localhost |
+------------+-----------+
3 rows in set (0.00 sec)
root@localhost [boyu] 01:30:05->delete from mysql.user where user='BO#Y&U0@07' and host='boyu';
Query OK, 1 row affected (0.00 sec)
root@localhost [boyu] 01:30:55->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)
root@localhost [boyu] 01:31:01->flush privileges;
Query OK, 0 rows affected (0.00 sec)13 ALL PRIVILEGES which contains what authority?
| SELECT | INSERT | UPDATE | DELETE | CREATE | DROP | INDEX | ALTER | CREATE TEMPORARY TABLES |
|---|---|---|---|---|---|---|---|---|
| Inquire | insert | Update | delete | Create a library and table | Delete a library and table | index | modify | Create a temporary table |
| LOCK TABLES | EXECUTE | CREATE VIEW | SHOW VIEW | CREATE ROUTINE | ALTER ROUTINE | EVENT | TRIGGER | REFERENCES |
|---|---|---|---|---|---|---|---|---|
| Lock table | carried out | Create a view | Show View | Create a stored procedure | Modify the stored procedure | event | trigger | Foreign key |
Tip: Permissions that authorization, authorized users can meet the business needs of the smallest, rather than to authorize "ALL PRIVILEGES"
- Authorized users have boyu1 "select, insert, update, delete, create, drop" library of permission to perform boyu
root@localhost [boyu] 01:59:22->CREATE USER 'boyu1'@'localhost' IDENTIFIED BY 'boyu123';
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 02:00:20->grant select,insert,update,delete,create,drop ON `boyu`.* TO 'boyu1'@'localhost';
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 02:00:28->show grants for boyu1@localhost;
+---------------------------------------------------------------------------------------+
| Grants for boyu1@localhost |
+---------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu1'@'localhost' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON "boyu".* TO 'boyu1'@'localhost' |
+---------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)- Boyu2 create user and grant "select, insert, update, delete, create, drop" permissions to perform boyu library
root@localhost [boyu] 01:58:31->grant select,insert,update,delete,create,drop on boyu.* to 'boyu2'@'localhost' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.01 sec)
root@localhost [boyu] 01:59:07->show grants for boyu2@localhost;
+---------------------------------------------------------------------------------------+
| Grants for boyu2@localhost |
+---------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu2'@'localhost' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON "boyu".* TO 'boyu2'@'localhost' |
+---------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)How 14 enterprise production environment authorized user rights
14.1 Authorization blog, CMS and other products
For web users authorized to connect as far as possible to minimize principle, many open source software is the web interface installed, therefore, the conventional case to grant select, insert, update, delete permissions can be, for example discuz, bbs and other open source software, but also need to grant create, drop more dangerous permissions
root@localhost [boyu] 02:00:39-> grant select,insert,update,delete,create,drop ON blog.* to 'blog'@'192.168.66.%' identified by 'boyu123';14.2 generate a database table, you need to recover create, drop privileges
root@localhost [boyu] 02:00:39-> REVOKE create ON blog.* FROM 'blog'@'192.168.66.%';
root@localhost [boyu] 02:00:39-> REVOKE drop ON blog.* FROM 'blog'@'192.168.66.%';