标签:mysq 要求 password 权限 AC 控制 inf 数据库 tca
MySQL 数据库用户和权限管理mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
+-----------+-------------------------------------------+-----------+
2 rows in set (0.01 sec)
mysql> create user ‘accp‘@‘localhost‘ identified by ‘123123‘;
Query OK, 0 rows affected (0.01 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *E56A114692FE0DE073F9A1DD68A00EEB9703F3F1 | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> drop user ‘accp‘@‘localhost‘; #删除accp
Query OK, 0 rows affected (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| bent | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> select User,authentication_string,Host from user; #这边我们把bent重命名为accp
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| bent | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> rename user ‘bent‘@‘localhost‘ to ‘accp‘@‘localhost‘ ;
Query OK, 0 rows affected (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> set password=password(‘123123‘); #当前用户是root我把root用户密码改为了"123123"与上面的root密码对比一下秘闻的区别
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *E56A114692FE0DE073F9A1DD68A00EEB9703F3F1 | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *E56A114692FE0DE073F9A1DD68A00EEB9703F3F1 | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *437F1809645E0A92DAB553503D2FE21DB91270FD | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
mysql> set password for ‘accp‘@‘localhost‘=password(‘951116‘); #同样对比一下密文密码的区别
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *E56A114692FE0DE073F9A1DD68A00EEB9703F3F1 | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
[root@localhost ~] systemctl stop mysqld.service #关闭服务
[root@localhost ~] netstat -ntap | grep 3306 #查看端口有没有关闭
[root@localhost ~] mysql --skip-grant-tables #会出现以下代码不要去动它重新开一个终端
2018-06-28T02:16:16.399381Z 0 [Note] - ‘::‘ resolves to ‘::‘;
2018-06-28T02:16:16.399402Z 0 [Note] Server socket created on IP: ‘::‘.
2018-06-28T02:16:16.400217Z 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool
2018-06-28T02:16:16.401959Z 0 [Note] InnoDB: Buffer pool(s) load completed at 180628 10:16:16
2018-06-28T02:16:16.410638Z 0 [Note] Executing ‘SELECT * FROM INFORMATION_SCHEMA.TABLES;‘ to get a list of tables using the deprecated partition engine. You may use the startup option ‘--disable-partition-engine-check‘ to skip this check.
2018-06-28T02:16:16.410661Z 0 [Note] Beginning of list of non-natively partitioned tables
2018-06-28T02:16:16.423678Z 0 [Note] End of list of non-natively partitioned tables
2018-06-28T02:16:16.423748Z 0 [Note] mysqld: ready for connections.
Version: ‘5.7.17‘ socket: ‘/usr/local/mysql/mysql.sock‘ port: 3306 Source distribution
[root@localhost ~] mysql -u root #直接这样登录跳过密码选项
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.17 Source distribution
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
mysql>
mysql> update mysql.user set authentication_string=password(‘123123‘)where user=‘root‘; #修改root密码
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 1
mysql> flush privileges; #刷新数据库
Query OK, 0 rows affected (0.01 sec)
[root@localhost ~]# mysql -u root -p123123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.17 Source distribution
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
mysql> grant select on ×××表.×××信息 to ‘accp‘@‘localhost‘ identified by ‘123123‘;
Query OK, 0 rows affected, 1 warning (0.00 sec)
[root@localhost ~]# mysql -u accp -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.7.17 Source distribution
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
mysql> insert into imployee_英航客户表.×××信息 values (2,‘张三‘,‘广州珠海‘,‘18888888‘);
ERROR 1142 (42000): INSERT command denied to user ‘accp‘@‘localhost‘ for table ‘×××信息‘
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| accp | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
+-----------+-------------------------------------------+-----------+
3 rows in set (0.00 sec)
#用户列表中只有三个用户此时,做一个用户列表中不存在用户权限
mysql> grant select on ×××表.×××信息 to ‘benet‘@‘localhost‘ identified by ‘1223123‘;
Query OK, 0 rows affected, 1 warning (0.01 sec)
mysql> select User,authentication_string,Host from user;
+-----------+-------------------------------------------+-----------+
| User | authentication_string | Host |
+-----------+-------------------------------------------+-----------+
| root | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | localhost |
| benet | *E56A114692FE0DE073F9A1DD68A00EEB9703F3F1 | localhost |
| accp | *0DB339632B48910F8F0BEF61BD7EAD4441267E6E | localhost |
+-----------+-------------------------------------------+-----------+
4 rows in set (0.00 sec)
#上面自动创建了benet用户登陆密码为‘123123’
mysql> grant insert on ×××表.×××信息 to ‘benet‘@‘localhost‘ identified by ‘3221321‘;
Query OK, 0 rows affected, 1 warning (0.00 sec)
[root@localhost ~]# mysql -u benet -p123123
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user ‘benet‘@‘localhost‘ (using password: YES)
#提示你输入正确的登陆密码
mysql> show grants for ‘accp‘@‘localhost‘;
+------------------------------------------------------------------------------+
| Grants for accp@localhost |
+------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO ‘accp‘@‘localhost‘ |
| GRANT SELECT ON "×××表"."×××信息" TO ‘accp‘@‘localhost‘ |
+------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> revoke select on ×××表.×××信息 from ‘accp‘@‘localhost‘;
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for ‘accp‘@‘localhost‘;
+------------------------------------------+
| Grants for accp@localhost |
+------------------------------------------+
| GRANT USAGE ON *.* TO ‘accp‘@‘localhost‘ |
+------------------------------------------+
1 row in set (0.00 sec)
标签:mysq 要求 password 权限 AC 控制 inf 数据库 tca
原文地址:http://blog.51cto.com/13645280/2133603