對於mysql數據庫的操作,有時爲了安全及分級管理的需求,需要對不同的用戶授予不同的權限,並且對於授權的用戶,不僅要給予其對數據庫的增產改查等操作權限,還要使其有執行數據庫的函數和存儲過程的權限,具體的操作如下:
一般有幾種類別的授權操作:
【對網站連接用戶授權】
1、新建授權用戶,主要其中涉及的的權限
mysql> GRANTUSAGE,SELECT,INSERT,UPDATE,DELETE,SHOW VIEW,CREATE TEMPORARY TABLES,EXECUTE ON dbname.* TO 'dbuser'@'192.168.2.%' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
2、還要使以上賬號具有調用系統中函數和存儲過程的權限
mysql> update mysql.proc set DEFINER='[email protected].%' WHERE db='dbname' AND `type`= 'FUNCTION';
mysql> update mysql.proc set DEFINER='[email protected].%' WHERE db='dbname' AND `type`= 'PROCEDURE';
mysql> FLUSH PRIVILEGES;
【數據庫DBA用戶授權】
mysql> GRANT ALL PRIVILEGES ON *.* TO 'dbauser'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;
【供開發人員查詢用賬號】
mysql> GRANT USAGE,SELECT,SHOW VIEW,CREATE TEMPORARY TABLES,EXECUTE ON dbname.* TO 'dbuser'@'%' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
【mysql雙機熱備用戶授權】
mysql> GRANT ALL PRIVILEGES ON *.* TO 'Rep_user'@'192.168.2.%' IDENTIFIED BY 'password' WITH GRANT OPTION; ----雙機熱備必須內網
mysql> FLUSH PRIVILEGES;