1、GRANT命令使用說明:
先來看一個例子,創建一個只允許從本地登錄的超級用戶jack,並允許將權限賦予別的用戶,密碼爲:jack.
mysql> grant all privileges on *.* to jack@'localhost' identified by "jack" with grant option; Query OK, 0 rows affected (0.01 sec)
GRANT命令說明:
ALL PRIVILEGES 是表示所有權限,你也可以使用select、update等權限。
ON 用來指定權限針對哪些庫和表。
*.* 中前面的*號用來指定數據庫名,後面的*號用來指定表名。
TO 表示將權限賦予某個用戶。
jack@'localhost' 表示jack用戶,@後面接限制的主機,可以是IP、IP段、域名以及%,%表示任何地方。注意:這裏%有的版本不包括本地,以前碰到過給某個用戶設置了%允許任何地方登錄,但是在本地登錄不了,這個和版本有關係,遇到這個問題再加一個localhost的用戶就可以了。
IDENTIFIED BY 指定用戶的登錄密碼。
WITH GRANT OPTION 這個選項表示該用戶可以將自己擁有的權限授權給別人。注意:經常有人在創建操作用戶的時候不指定WITH GRANT OPTION選項導致後來該用戶不能使用GRANT命令創建用戶或者給其它用戶授權。
備註:可以使用GRANT重複給用戶添加權限,權限疊加,比如你先給用戶添加一個select權限,然後又給用戶添加一個insert權限,那麼該用戶就同時擁有了select和insert權限。
2、刷新權限
使用這個命令使權限生效,尤其是你對那些權限表user、db、host等做了update或者delete更新的時候。以前遇到過使用grant後權限沒有更新的情況,只要對權限做了更改就使用FLUSH PRIVILEGES命令來刷新權限。
mysql> flush privileges; Query OK, 0 rows affected (0.01 sec)
3、查看權限
查看當前用戶的權限: mysql> show grants;+---------------------------------------------------------------------+| Grants for root@localhost |+---------------------------------------------------------------------+| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION || GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |+---------------------------------------------------------------------+2 rows in set (0.00 sec) 查看某個用戶的權限: mysql> show grants for 'jack'@'%';+-----------------------------------------------------------------------------------------------------+| Grants for jack@% |+-----------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'jack'@'%' IDENTIFIED BY PASSWORD '*9BCDC990E611B8D852EFAF1E3919AB6AC8C8A9F0' |+-----------------------------------------------------------------------------------------------------+1 row in set (0.00 sec)
4、回收權限
mysql> revoke delete on *.* from 'jack'@'localhost'; Query OK, 0 rows affected (0.01 sec)
5、刪除用戶
mysql> select host,user,password from user;+-----------+------+-------------------------------------------+| host | user | password |+-----------+------+-------------------------------------------+| localhost | root | || rhel5.4 | root | || 127.0.0.1 | root | || ::1 | root | || localhost | | || rhel5.4 | | || localhost | jack | *9BCDC990E611B8D852EFAF1E3919AB6AC8C8A9F0 |+-----------+------+-------------------------------------------+7 rows in set (0.00 sec) mysql> drop user 'jack'@'localhost'; Query OK, 0 rows affected (0.01 sec)
6、對賬戶重命名
mysql> rename user 'jack'@'%' to 'jim'@'%'; Query OK, 0 rows affected (0.00 sec)
7、修改密碼
1、用set password命令 mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('123456'); Query OK, 0 rows affected (0.00 sec) 2、用mysqladmin [root@rhel5 ~]# mysqladmin -uroot -p123456 password 1234abcd 備註: 格式:mysqladmin -u用戶名 -p舊密碼 password 新密碼 3、用update直接編輯user表 mysql> use mysql Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -ADatabase changed mysql> update user set PASSWORD = PASSWORD('1234abcd') where user = 'root'; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) 4、在丟失root密碼的時候: [root@rhel5 ~]# mysqld_safe --skip-grant-tables &[1] 15953[root@rhel5 ~]# 130911 09:35:33 mysqld_safe Logging to '/mysql/mysql5.5/data/rhel5.4.err'.130911 09:35:33 mysqld_safe Starting mysqld daemon with databases from /mysql/mysql5.5/data[root@rhel5 ~]# mysql -u root Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2Server version: 5.5.22 Source distribution Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> \s--------------mysql Ver 14.14 Distrib 5.5.22, for Linux (i686) using EditLine wrapper Connection id: 2Current database: Current user: root@ SSL: Not in useCurrent pager: stdout Using outfile: ''Using delimiter: ; Server version: 5.5.22 Source distribution Protocol version: 10Connection: Localhost via UNIX socket Server characterset: utf8 Db characterset: utf8 Client characterset: utf8 Conn. characterset: utf8 UNIX socket: /tmp/mysql.sock Uptime: 36 sec Threads: 1 Questions: 5 Slow queries: 0 Opens: 23 Flush tables: 1 Open tables: 18 Queries per second avg: 0.138--------------mysql> use mysql Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -ADatabase changed mysql> update user set password = PASSWORD('123456') where user = 'root'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)