【總結】:
drop user |
會將該用戶的信息全部刪掉 |
delete |
只會清除user表,其他的比如db表中的信息還是存在。如果delete後,再創建一個最小權限的用戶,那麼他會重用以前的權限。 |
今天才測試出這個問題,看來以後不能簡單的delete用戶收回權限了,最簡單的方法就是drop user user_name;就好了
【測試delete from mysql.user】
mysql> delete from mysql.user where user='xxx';
Query OK, 1 row affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'xxx'@'10.0.0.1';
ERROR 1141 (42000): There is no such grant defined for user 'xxx' on host '10.0.0.1'
mysql> grant select,update,insert on xxx.* to 'xxx'@'10.0.0.1';
Query OK, 0 rows affected (0.00 sec)
只給了xxx庫的一些權限,但是發現卻有以前yyy和zzz庫的權限,顯然這麼刪除user的權限是不嚴謹的!
mysql> show grants for 'xxx'@'10.0.0.1';
+------------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'xxx'@'10.0.0.1' |
| GRANT SELECT, INSERT, UPDATE ON `xxx`.* TO 'xxx'@'10.0.0.1' |
| GRANT SELECT, INSERT, UPDATE ON `yyy`.* TO 'xxx'@'10.0.0.1' |
| GRANT SELECT, INSERT, UPDATE ON `zzz`.* TO 'xxx'@'10.0.0.1' |
+------------------------------------------------------------------------------------------------+
4 rows in set (0.00 sec)
【測試drop user】
mysql> DROP USER xxx@'10.0.0.1';
Query OK, 0 rows affected (0.00 sec)
mysql> grant select,update,insert on xxx.* to xxx@'10.0.0.1';
Query OK, 0 rows affected (0.00 sec)
此時看到的結果就對了
mysql> show grants for xxx@'10.0.0.1';
+-------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+-------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'xxx'@'10.0.0.1' |
| GRANT SELECT, INSERT, UPDATE ON `xxx`.* TO 'xxx'@'10.0.0.1' |
+-------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)