溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章主要介紹mysql中用戶管理和權限控制的示例分析,文中介紹的非常詳細,具有一定的參考價值,感興趣的小伙伴們一定要看完!
一:用戶的創建(兩種方法):
方法一:CREATE USER 'username'@'%' IDENTIFIED BY 'password';
方法二:GRANT select ON databasename.tablename TO 'username'@'%' ;
二:mysql root用戶密碼設置以及修改。
方法1: 用SET PASSWORD命令
mysql -u root
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpass');
方法2:用mysqladmin
mysqladmin -u root password "newpass"
如果root已經設置過密碼,采用如下方法
mysqladmin -u root password oldpass "newpass"
方法3: 用UPDATE直接編輯user表
mysql -u root
mysql> use mysql;
mysql> UPDATE user SET Password = PASSWORD('newpass') WHERE user = 'root';
mysql> FLUSH PRIVILEGES;
在丟失root密碼的時候,可以這樣
mysqld_safe --skip-grant-tables&
mysql -u root mysql
mysql> UPDATE user SET password=PASSWORD("new password") WHERE user='root';
mysql> FLUSH PRIVILEGES;
三:重點講解創建mysql用戶時,@后面的ip的意義:就是為了限制登陸mysql的ip,具體有如下:
1)只允許在本地登錄;
mysql> CREATE USER 'liuwenhe'@'localhost' IDENTIFIED BY 'liuwenhelocal';
Query OK, 0 rows affected (0.00 sec)
2)允許在192.168.0網段登陸mysql;
mysql> CREATE USER 'liuwenhe'@'192.168.0.%' IDENTIFIED BY 'liuwenhe0';
Query OK, 0 rows affected (0.00 sec)
3)允許在192.168.8網段登陸mysql;
mysql> CREATE USER 'liuwenhe'@'192.168.8.%' IDENTIFIED BY 'liuwenhe8';
Query OK, 0 rows affected (0.00 sec)
4)沒有限制,也就是可以在任何網絡段登陸(前提是網絡得通);
mysql> CREATE USER 'liuwenhe'@'%' IDENTIFIED BY 'liuwenheall';
Query OK, 0 rows affected (0.00 sec)
針對上面這幾個liuwenhe用戶做了一些測試,結果如下:
1) 'liuwenhe'@'192.168.0.%'這類的用戶是不能在本地登錄的,要想在本地登錄,需要有localhost或者127.0.0.1的登陸權限;
需要注意的是,如果你只創建了用戶 'liuwenhe'@'localhost' ,
1.mysql> CREATE USER 'liuwenhe'@'localhost' IDENTIFIED BY 'liuwenhelocal';
Query OK, 0 rows affected (0.00 sec)
mysql> select host,user from mysql.user;
+--------------+----------+
| host | user |
+--------------+----------+
| % | ogg |
| % | root |
| 127.0.0.1 | root |
| 192.168.0.% | ncms |
| 192.168.0.13 | rep |
| localhost | liuwenhe |
| localhost | ncms |
| localhost | ogg |
| localhost | root |
| server01 | root |
+--------------+----------+
10 rows in set (0.00 sec)
如下兩種登陸方式都能成功:
[root@server02 ~]# mysql -uliuwenhe -pliuwenhelocal -hlocalhost
[root@server02 ~]# mysql -uliuwenhe -pliuwenhelocal -h227.0.0.1
2.如果你只創建了liuwenhe'@'l127.0.0.1',
mysql> select host,user from mysql.user;
+--------------+----------+
| host | user |
+--------------+----------+
| % | ogg |
| % | root |
| 127.0.0.1 | liuwenhe |
| 127.0.0.1 | root |
| 192.168.0.% | ncms |
| 192.168.0.13 | rep |
| localhost | ncms |
| localhost | ogg |
| localhost | root |
| server01 | root |
+--------------+----------+
10 rows in set (0.00 sec)
只能通過mysql -uliuwenhe -pliuwenhelocal -h227.0.0.1登陸,不能通過 mysql -uliuwenhe -pliuwenhelocal -hlocalhost登陸;
[root@server02 ~]# mysql -uliuwenhe -pliuwenhelocal -h227.0.0.1
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3628
Server version: 5.6.26-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
不能通過localhost登陸,如下報錯:
[root@server02 ~]# mysql -uliuwenhe -pliuwenhelocal -hlocalhost
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'liuwenhe'@'localhost' (using password: YES)
2)如果你同時創建了'liuwenhe'@'192.168.0.%'和'liuwenhe'@'%'這兩個用戶,那么當你從192.168.0網段去登陸數據庫的時候,'liuwenhe'@'%'用戶是不能登陸數據庫的,只能通過'liuwenhe'@'192.168.0.%'登陸,但是當你刪除'liuwenhe'@'192.168.0.%'用戶的時候,'liuwenhe'@'%'用戶就可以登陸了,可以理解為mysql優先并且只會驗證匹配度高的用戶,
具體驗證過程如下:
mysql> select host,user from mysql.user;
+--------------+----------+
| host | user |
+--------------+----------+
| % | liuwenhe |
| % | ogg |
| % | root |
| 127.0.0.1 | root |
| 192.168.0.% | liuwenhe |
| 192.168.0.% | ncms |
| 192.168.0.13 | rep |
| localhost | ncms |
| localhost | ogg |
| localhost | root |
| server01 | root |
+--------------+----------+
11 rows in set (0.00 sec)
在另一臺機器S244(192.168.0.244)嘗試登陸mysql:
使用'liuwenhe'@'%'用戶登錄失敗:如下
[root@S244 ~]# mysql -uliuwenhe -pliuwenheall -h292.168.0.12
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'liuwenhe'@'192.168.0.244' (using password: YES)
使用'liuwenhe'@'192.168.0.%'用戶登錄成功,如下:
[root@S244 ~]# mysql -uliuwenhe -pliuwenhe0 -h292.168.0.12
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3679
Server version: 5.6.26-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
當你刪除'liuwenhe'@'192.168.0.%'用戶的時候,'liuwenhe'@'%'用戶就可以登陸了,如下:
mysql> delete from mysql.user where user='liuwenhe' and host='192.168.0.%';
Query OK, 1 row affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
依舊在另一臺機器S244(192.168.0.244)嘗試使用'liuwenhe'@'%'用戶登陸mysql,成功了:
[root@S244 ~]# mysql -uliuwenhe -pliuwenheall -h292.168.0.12
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3681
Server version: 5.6.26-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
3)我的這臺mysql所在的服務器上面有兩個ip,如下:
現在我創建了一個 'liuwenhe'@'192.168.8.%' ,
那么只能通過
mysql -uliuwenhe -pliuwenhe8 -h292.168.8.238登陸,不能通過mysql -uliuwenhe -pliuwenhe8 -h292.168.0.12登陸,同理創建了一個 'liuwenhe'@'192.168.0.%' ,只能通過
mysql -uliuwenhe -pliuwenhe0 -h292.168.0.12登陸,不能通過mysql -uliuwenhe -pliuwenhe0 -h292.168.8.238登陸
驗證如下:
mysql> CREATE USER 'liuwenhe'@'192.168.0.%' IDENTIFIED BY 'liuwenhe0';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> exit
Bye
[root@server02 ~]# mysql -uliuwenhe -pliuwenhe0 -h292.168.0.12
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3704
Server version: 5.6.26-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> exit
Bye
[root@server02 ~]# mysql -uliuwenhe -pliuwenhe0 -h292.168.8.238
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'liuwenhe'@'192.168.8.238' (using password: YES)
以上是“mysql中用戶管理和權限控制的示例分析”這篇文章的所有內容,感謝各位的閱讀!希望分享的內容對大家有幫助,更多相關知識,歡迎關注億速云行業資訊頻道!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
