• 辛星解读mysql的用户管理


         可能做开发的多半不太关注这方面,可是要说到做运维。那就不能不关注了。由于我们都知道,root的权限太大了。不是随便能用的。我们平时最好用一些比較低的权限的用户。这样会让我们的安全性大大提高,也能防止我们寻常中由于误操作而造成不必要的损失。

          首先我们须要查看mysql中的全部账户,我们在mysql数据库中的user表中查看信息就可以。可是呢。因为我们直接select * from user的话会显示非常多的和权限相关的信息,极大的影响我们的阅读。因此我们这里仅仅查看三个比較重要的字段,以下是我的机器中的操作演示:

    mysql>   select host,user,password from mysql.user;
    +-----------+------+-------------------------------------------+
    | host      | user | password                                  |
    +-----------+------+-------------------------------------------+
    | localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | 127.0.0.1 | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | ::1       | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    +-----------+------+-------------------------------------------+
    3 rows in set (0.00 sec)
    


         然后我们创建一个用户,这里我们须要制定username和连接的地址,也就是一样的username(user)。不一样的host。也会被当做不一样的对象,我们能够使用通配符。当中%表示匹配不论什么多个字符,而-表示匹配一个字符。以下我创建一个用户test。并且制定password为xin,并且能够从不论什么主机登录。看我操作:

    mysql> create user 'test'@'%' identified by 'xin';
    Query OK, 0 rows affected (0.23 sec)

        这里我们用该用户登录的信息显演示样例如以下:

    C:UsersAdministrator>mysql -u test -pxin
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 14
    Server version: 5.7.3-m13 MySQL Community Server (GPL)
    
    Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql>

    比方我们此时想查看一下user信息都有什么。结果却发现:

    mysql> select host,user,password from mysql.user;
    ERROR 1142 (42000): SELECT command denied to user 'test'@'localhost' for table 'user'
    mysql>


    也就是我们这里并不用有select该user表的权限。那么就会涉及到权限管理了,我们这里能够用show grants来查看一下自己的权限:

    mysql> show grants;
    +-----------------------------------------------------------------------------------------------------+
    | Grants for test@%                                                                                   |
    +-----------------------------------------------------------------------------------------------------+
    | GRANT USAGE ON *.* TO 'test'@'%' IDENTIFIED BY PASSWORD '*76995602B7611FA37648852F235D6ECB29D844E2' |
    +-----------------------------------------------------------------------------------------------------+
    1 row in set (0.00 sec)
    
    
    

          因为这里的test用户的权限还是非常小的。我们还是使用root用户登录,然后此时我们看一下用户表,就发现多了一个新用户:

    mysql> select host,user,password from mysql.user;
    +-----------+------+-------------------------------------------+
    | host      | user | password                                  |
    +-----------+------+-------------------------------------------+
    | localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | 127.0.0.1 | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | ::1       | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | %         | test | *76995602B7611FA37648852F235D6ECB29D844E2 |
    +-----------+------+-------------------------------------------+
    4 rows in set (0.00 sec)


           root用户具有至高无上的权限。因此他能够改动password,第一种方式就是使用set  password语句,比方我们给刚才的新用户设置一个password。我们能够使用例如以下命令:

    mysql> set  password for 'test'@'%' = password('qian');
    Query OK, 0 rows affected (0.00 sec)
    

         此时我们就能够使用test这个用户登录了,以下看我代码:

    C:UsersAdministrator>mysql -u test -pqian
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 17
    Server version: 5.7.3-m13 MySQL Community Server (GPL)
    
    Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql>


       事实上我们还能够直接使用update语句来改动user这个表,可是我们须要使用flush privileges;来让它马上生效:

    mysql> update mysql.user set password = password('nan') where user = 'test';
    Query OK, 1 row affected (0.05 sec)
    Rows matched: 1  Changed: 1  Warnings: 0
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.03 sec)
    

       然后我们就能够用'nan‘这个password登录了,我这里就不给出演示代码了,毕竟非常easy的操作,我是辛星。求支持。

  • 相关阅读:
    HDU 4492 Mystery (水题)
    UVA 10480 Sabotage (最大流)
    POJ 2446 Chessboard (二分匹配)
    VS2008下用MFC 的MSComm控件编写串口程序
    退役了~~~
    STL Algorithms 之 unique
    cocos2d中CCCallFuncND传参数的注意事项
    好太太晾衣架市场价格表(仅供参考)
    Linux VNC黑屏(转)
    C++ TinyXml操作(含源码下载)
  • 原文地址:https://www.cnblogs.com/yxwkf/p/5250612.html
Copyright © 2020-2023  润新知