创建用户:
命令:
CREATE USER 'username'@'host' IDENTIFIED BY 'password';
说明:username – 你将创建的用户名, host – 指定该用户在哪个主机上可以登陆,如果是本地用户可用localhost, 如 果想让该用户可以从任意远程主机登陆,可以使用通配符%. password – 该用户的登陆密码,密码可以为空,如果为空则该用户可以不需要密码登 陆服务器.
例子:
CREATE USER 'dog'@'localhost' IDENTIFIED BY '123456';
CREATE USER 'pig'@'192.168.1.101_' IDENDIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '123456';
CREATE USER 'pig'@'%' IDENTIFIED BY '';
CREATE USER 'pig'@'%';
授权:
命令:
GRANT privileges ON databasename.tablename TO 'username'@'host'
说明: privileges – 用户的操作权限,如SELECT , INSERT , UPDATE 等(详细列表见该文最后面).如果要授予所 的权限则使用ALL.;databasename – 数据库名,tablename-表名,如果要授予该用户对所有数据库和表的相应操作权限则可用* 表示, 如*.*.
例子:
GRANT SELECT, INSERT ON test.user TO 'pig'@'%';
GRANT ALL ON *.* TO 'pig'@'%';
注意:用以上命令授权的用户不能给其它用户授权,如果想让该用户可以授权,用以下命令:
GRANT privileges ON databasename.tablename TO 'username'@'host' WITH GRANT OPTION;
设置与更改用户密码
命令:
SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');
如果是当前登陆用户用
SET PASSWORD = PASSWORD("newpassword");
撤销用户权限
命令:
REVOKE privilege ON databasename.tablename FROM 'username'@'host';
说明: privilege, databasename, tablename – 同授权部分.
例子
REVOKE SELECT ON *.* FROM 'pig'@'%';
注意: 假如你在给用户’pig’@’%’授权的时候是这样的(或类似 的):GRANT SELECT ON test.user TO ‘pig’@’%’, 则在使用 REVOKE SELECT ON *.* FROM ‘pig’@’%’;命令并不能撤销该用户对test数据库中user表的SELECT 操作. 相反,如果授权使用的是GRANT SELECT ON *.* TO ‘pig’@’%’;则 REVOKE SELECT ON test.user FROM ‘pig’@’%’;命令也不能撤销该用户对test数据库中user表的 Select 权限.
具体信息可以用命令SHOW GRANTS FOR ‘pig’@’%’; 查看.
删除用户
命令:
DROP USER ‘username’@'host’;
一个典型的数据库建表, 建用户过程:
创建用于localhost连接的用户并指定密码
mysql> create user 'pcom'@'localhost' identified by 'aaa7B2249';
Query OK, 0 rows affected (0.00 sec)
创建数据库
mysql> create database pcom default character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
给本地用户授权, 这里不需要指定密码
mysql> grant all on pcom.* to 'pcom'@'localhost';
Query OK, 0 rows affected (0.00 sec)
给其他IP地址下的用户授权, 注意: 这里必须指定密码, 否则就可以无密码访问
mysql> grant all on pcom.* to 'pcom'@'192.168.0.0/255.255.0.0' identified by 'aaa7B2249';
Query OK, 0 rows affected (0.00 sec)
同理
mysql> grant all on pcom.* to 'pcom'@'172.20.0.0/255.255.0.0' identified by 'aaa7B2249';
Query OK, 0 rows affected (0.00 sec)
Done!
附表:在MySQL中的操作权限
ALTER
Allows use of ALTER TABLE.
ALTER ROUTINE
Alters or drops stored routines.
CREATE
Allows use of CREATE TABLE.
CREATE ROUTINE
Creates stored routines.
CREATE TEMPORARY TABLE
Allows use of CREATE TEMPORARY TABLE.
CREATE USER
Allows use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES.
CREATE VIEW
Allows use of CREATE VIEW.
DELETE
Allows use of DELETE.
DROP
Allows use of DROP TABLE.
EXECUTE
Allows the user to run stored routines.
FILE
Allows use of SELECT… INTO OUTFILE and LOAD DATA INFILE.
INDEX
Allows use of CREATE INDEX and DROP INDEX.
INSERT
Allows use of INSERT.
LOCK TABLES
Allows use of LOCK TABLES on tables for which the user also has SELECT privileges.
PROCESS
Allows use of SHOW FULL PROCESSLIST.
RELOAD
Allows use of FLUSH.
REPLICATION
Allows the user to ask where slave or master
CLIENT
servers are.
REPLICATION SLAVE
Needed for replication slaves.
SELECT
Allows use of SELECT.
SHOW DATABASES
Allows use of SHOW DATABASES.
SHOW VIEW
Allows use of SHOW CREATE VIEW.
SHUTDOWN
Allows use of mysqladmin shutdown.
SUPER
Allows use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL SQL statements. Allows mysqladmin debug command. Allows one extra connection to be made if maximum connections are reached.
UPDATE
Allows use of UPDATE.
USAGE
Allows connection without any specific privileges.
最后不要忘记刷新数据库
flush privileges;