MySQL is a multi-user database management, you can assign different privileges to different users, into the root user and ordinary users, root user a super administrator with all privileges, while the average user has specified permission.
MySQL is controlled by user permissions table for database access, permissions table stored in the mysql database, the main table has the following permissions: user, db, host, table_priv, columns_priv and procs_priv, first take you to understand that the user table .
Column user (user information to be input connected MySQL database)
Host: host name, the main one double bond,% indicates a match when the value of all hosts. User: user name, one double primary key. Password: password name.
| Host | User | Password |
| % | domain_check | * 55B565DA3839E5955A68EA96EB735 |
| localhost | domain_check | * 55B565DA3839E5955A68EA96EB735 |
| 127.0.0.1 | domain_check | * 55B565DA3839E5955A68EA96EB735 |
| 126.26.98.25 | domain_check | * 55B565DA3839E5955A68EA96EB735 |
| localhost | ||
| ::1 | root | * 26C378D308851D5C717C13623EFD6 |
| localhost | root | * 26C378D308851D5C717C13623EFD6 |
| 127.0.0.1 | root | * 26C378D308851D5C717C13623EFD6 |
(root,%), it represents a remote login, and in addition to any other terminal server
(root, localhost), represents the local log, i.e. can log on the server
(root, 127.0.0.1), represents the machine login that can log on the server
(root, sv01), indicates that the host name can log sv1, SV01 specific means of which the machine can / hostname view CAT / etc
(the root, ::. 1), represents the machine can login to see the password is the same thing, concrete :: 1 represents the meaning, of unknown origin
Permissions column
Permissions columns determine the user's permissions, allowing the user to describe the database and database tables to operate globally, the Enum field types are enumerated, only the value of Y or N, Y represents a privileged, N denotes no authority .
| Permissions field name | instruction manual |
| Select_priv | Determining whether a user can select the data through a SELECT command |
| Insert_priv | Determining whether the user data can be inserted by the INSERT command |
| Delete_priv | Determining whether a user can delete the existing data DELETE command |
| Update_priv | Determining whether a user can modify existing data UPDATE command |
| Create_priv | Determining whether a user can create new databases and tables |
| Drop_priv | Determining whether a user can delete the existing databases and tables |
| Reload_priv | Determining whether a user can execute a specific command to refresh and reload various internal caches used by MySQL, including logs, permissions, host, queries and tables reload the privilege tables |
| Shutdown_priv | When determining whether the user can close any server available to users outside the root MySQL account this privilege, we should be very cautious |
| Process_priv | Determining whether a user can view other users' processes by the command SHOW PROCESSLIST |
| File_priv | Determining whether a user can execute SELECT INTO OUTFILE and LOAD DATA INFILE command |
Security Column
| Security Field Name | instruction manual |
| ssl_type | Support ssl encryption standard security field |
| ssl_cipher | Support ssl encryption standard security field |
| x509_issuer | X509 supports standard field |
| x509_subject | X509 supports standard field |
| password_expired | Password has expired. Y: indicates that the user password has expired N: not expired |
| plugin | Start 5.5.7, mysql introduced plugins for password authentication when users are connected, plugin create an external / proxy user |
| authentication_string | Can be controlled by authentication_string mapping relationship between the two, (PAM plugin, etc., PAM can support multiple service name) |
Resource control columns
| Control field name | Field Type | Is empty | Defaults | instruction manual |
| max_questions | int(11)unsigned | NO | 0 | How many times per hour allows query execution: 0 for no limit |
| max_updates | int(11)unsigned | NO | 0 | How many times per hour can perform updates: 0 for no limit |
| max_connections | int(11)unsigned | NO | 0 | How many times per hour connections that can be established: 0 for no limit |
| max_user_connections | int(11)unsigned | NO | 0 | Single user may have a number of connections simultaneously: 0 indicates unlimited |