MySQL权限授权认证详解

　　　　　　　　　　　　　　　　MySQL权限授权认证详解

　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　作者：尹正杰

一.MySQL权限系统介绍
1>.权限系统的作用是授予来自某个主机的某个用户可以查询、插入、修改、删除等数据库操作的权限
2>.不能明确的指定拒绝某个用户的连接
3>.权限控制(授权与回收)的执行语句包括create user, grant, revoke
4>.授权后的权限都会存放在MySQL的内部数据库中（数据库名叫mysql）,并在数据库启动之后把权限信息复制到内存中
5>.MySQL用户的认证信息不光包括用户名，还要包含连接发起的主机名(以下两个yinzhengjie被认为不是同一个用户，因为它们的主机名不同)

>>>SHOW GRANTS FOR ‘yinzhengjie’@‘node101.yinzhengjie.org.cn’;
>>>SHOW GRANTS FOR 'yinzhengjie’@‘node102.yinzhengjie.org.cn’;

二.MySQL权限级别介绍

1>.MySQL权限级别

全局性的管理权限，作用于整个MySQL实例级别;
数据库级别的权限，作用于某个指定的数据库上或者所有的数据库上;
数据库对象级别的权限，作用于指定的数据库对象上（表、视图等）或者所有的数据库对象上;

2>.权限存储在mysql库的user, db, tables_priv, columns_priv, and procs_priv这几个系统表中，待MySQL实例启动后就加载到内存中

3>.查看mysql实例默认root用户的权限(来自localhost)

mysql> SHOW GRANTS FOR root@localhost\G
*************************** . row ***************************
Grants for root@localhost: GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** . row ***************************
Grants for root@localhost: GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** . row ***************************
Grants for root@localhost: GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 rows in set (0.01 sec)
 
mysql>

mysql> SHOW GRANTS FOR root@localhost\G

4>.对比root用户在几个权限系统表中的数据

mysql> SELECT * FROM user WHERE user='root' AND host='localhost'\G
*************************** . row ***************************
                    Host: localhost
                    User: root
             Select_priv: Y
             Insert_priv: Y
             Update_priv: Y
             Delete_priv: Y
             Create_priv: Y
               Drop_priv: Y
             Reload_priv: Y
           Shutdown_priv: Y
            Process_priv: Y
               File_priv: Y
              Grant_priv: Y
         References_priv: Y
              Index_priv: Y
              Alter_priv: Y
            Show_db_priv: Y
              Super_priv: Y
   Create_tmp_table_priv: Y
        Lock_tables_priv: Y
            Execute_priv: Y
         Repl_slave_priv: Y
        Repl_client_priv: Y
        Create_view_priv: Y
          Show_view_priv: Y
     Create_routine_priv: Y
      Alter_routine_priv: Y
        Create_user_priv: Y
              Event_priv: Y
            Trigger_priv: Y
  Create_tablespace_priv: Y
                ssl_type:
              ssl_cipher:
             x509_issuer:
            x509_subject:
           max_questions:
             max_updates:
         max_connections:
    max_user_connections:
                  plugin: caching_sha2_password
   authentication_string: $A$$_DHTgn}dT9t%>5eMM4wjrUWB.UY3A60WfUlqsZAVP0HhJ3Xxp1bFRs76g9B
        password_expired: N
   password_last_changed: -- ::
       password_lifetime: NULL
          account_locked: N
        Create_role_priv: Y
          Drop_role_priv: Y
  Password_reuse_history: NULL
     Password_reuse_time: NULL
Password_require_current: NULL
         User_attributes: NULL
 row in set (0.00 sec)
 
mysql>

观察“root@localhost”在user表中的增删改查权限，基本上都是“Y”（mysql> SELECT * FROM user WHERE user='root' AND host='localhost'\G）

mysql> SELECT * FROM db WHERE user='root' AND host='localhost'\G
Empty set (0.00 sec)
 
mysql>

观察“root@localhost”在db表中是无记录的（mysql> SELECT * FROM db WHERE user='root' AND host='localhost'\G）

mysql> SELECT * FROM tables_priv WHERE host='localhost' AND user = 'root'\G
Empty set (0.00 sec)
 
mysql>

观察“root@localhost”在tables_priv表中是无记录的（mysql> SELECT * FROM tables_priv WHERE host='localhost' AND user = 'root'\G ）

mysql> SELECT * FROM columns_priv WHERE host='localhost' AND user = 'root'\G
Empty set (0.00 sec)
 
mysql>

观察“root@localhost”在columns_priv表中是无记录的（mysql> SELECT * FROM columns_priv WHERE host='localhost' AND user = 'root'\G ）

mysql> SELECT * FROM procs_priv WHERE host='localhost' AND user = 'root'\G
Empty set (0.00 sec)
 
mysql>

观察“root@localhost”在procs_priv表中是无记录的（mysql> SELECT * FROM procs_priv WHERE host='localhost' AND user = 'root'\G）

5>.查看mysql实例默认mysql.sys用户的权限（来自localhost）

mysql> SHOW GRANTS FOR 'mysql.sys'@localhost;
+---------------------------------------------------------------+
| Grants for mysql.sys@localhost                                |
+---------------------------------------------------------------+
| GRANT USAGE ON *.* TO `mysql.sys`@`localhost`                 |
| GRANT TRIGGER ON `sys`.* TO `mysql.sys`@`localhost`           |
| GRANT SELECT ON `sys`.`sys_config` TO `mysql.sys`@`localhost` |
+---------------------------------------------------------------+
 rows in set (0.00 sec)
 
mysql>
mysql> SHOW GRANTS FOR 'mysql.sys'@localhost\G
*************************** . row ***************************
Grants for mysql.sys@localhost: GRANT USAGE ON *.* TO `mysql.sys`@`localhost`
*************************** . row ***************************
Grants for mysql.sys@localhost: GRANT TRIGGER ON `sys`.* TO `mysql.sys`@`localhost`
*************************** . row ***************************
Grants for mysql.sys@localhost: GRANT SELECT ON `sys`.`sys_config` TO `mysql.sys`@`localhost`
 rows in set (0.00 sec)
 
mysql>

mysql> SHOW GRANTS FOR 'mysql.sys'@localhost;

6>.对比mysql.sys用户在几个权限系统表中的数据

mysql> SELECT * FROM user WHERE user='mysql.sys' AND host='localhost'\G
*************************** . row ***************************
                    Host: localhost
                    User: mysql.sys
             Select_priv: N
             Insert_priv: N
             Update_priv: N
             Delete_priv: N
             Create_priv: N
               Drop_priv: N
             Reload_priv: N
           Shutdown_priv: N
            Process_priv: N
               File_priv: N
              Grant_priv: N
         References_priv: N
              Index_priv: N
              Alter_priv: N
            Show_db_priv: N
              Super_priv: N
   Create_tmp_table_priv: N
        Lock_tables_priv: N
            Execute_priv: N
         Repl_slave_priv: N
        Repl_client_priv: N
        Create_view_priv: N
          Show_view_priv: N
     Create_routine_priv: N
      Alter_routine_priv: N
        Create_user_priv: N
              Event_priv: N
            Trigger_priv: N
  Create_tablespace_priv: N
                ssl_type:
              ssl_cipher:
             x509_issuer:
            x509_subject:
           max_questions:
             max_updates:
         max_connections:
    max_user_connections:
                  plugin: caching_sha2_password
   authentication_string: $A$$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
        password_expired: N
   password_last_changed: -- ::
       password_lifetime: NULL
          account_locked: Y
        Create_role_priv: N
          Drop_role_priv: N
  Password_reuse_history: NULL
     Password_reuse_time: NULL
Password_require_current: NULL
         User_attributes: NULL
 row in set (0.00 sec)
 
mysql>

观察“mysql.sys@localhost”在user表中的增删改查权限，基本上都是“N”（mysql> SELECT * FROM user WHERE user='mysql.sys' AND host='localhost'\G）

mysql> SELECT * FROM db WHERE user='mysql.sys' AND host='localhost'\G
*************************** . row ***************************
                 Host: localhost
                   Db: sys
                 User: mysql.sys
          Select_priv: N
          Insert_priv: N
          Update_priv: N
          Delete_priv: N
          Create_priv: N
            Drop_priv: N
           Grant_priv: N
      References_priv: N
           Index_priv: N
           Alter_priv: N
Create_tmp_table_priv: N
     Lock_tables_priv: N
     Create_view_priv: N
       Show_view_priv: N
  Create_routine_priv: N
   Alter_routine_priv: N
         Execute_priv: N
           Event_priv: N
         Trigger_priv: Y
 row in set (0.00 sec)
 
mysql>

观察“mysql.sys@localhost”在db表中的只有一条记录，在sys数据库上的Trigger_priv字段是‘Y’,其他权限都是‘N’（mysql> SELECT * FROM db WHERE user='mysql.sys' AND host='localhost'\G）

mysql> SELECT * FROM tables_priv WHERE user='mysql.sys' AND host='localhost'\G
*************************** . row ***************************
       Host: localhost
         Db: sys
       User: mysql.sys
 Table_name: sys_config
    Grantor: root@localhost
  Timestamp: -- ::
 Table_priv: Select
Column_priv:
 row in set (0.00 sec)
 
mysql>
mysql>

观察“mysql.sys@localhost”在tables_priv表中的只有一条记录，在sys_config表上有SELECT权限（mysql> SELECT * FROM tables_priv WHERE user='mysql.sys' AND host='localhost'\G）

mysql> SELECT * FROM columns_priv WHERE user='mysql.sys' AND host='localhost'\G
Empty set (0.00 sec)
 
mysql>

观察“mysql.sys@localhost”在columns_priv表中的是无记录的（mysql> SELECT * FROM columns_priv WHERE user='mysql.sys' AND host='localhost'\G）

mysql> SELECT * FROM procs_priv WHERE user='mysql.sys' AND host='localhost'\G
Empty set (0.00 sec)
 
mysql>
mysql>

观察“mysql.sys@localhost”在procs_priv表中是无记录的（mysql> SELECT * FROM procs_priv WHERE user='mysql.sys' AND host='localhost'\G）

三.MySQL权限详解

1>.ALL/ALL PRIVILEGES权限

　　代表全局或者全数据库对象级别的所有权限。

2>.ALTER权限

　　代表允许修改表结构的权限，但必须要求有CREATE和INSERT权限配合。如果是RENAME表名，则必须要求有ALTER和DROP原表，CREATE和INSERT新表的权限。

3>.ALTER ROUTINE权限

　　代表允许修改或者删除存储过程，函数的权限。

4>.CREATE权限

　　CREATE权限代表允许创建新的数据库和表的权限。

5>.CREATE ROUTINE权限

　　代表允许创建存储过程，函数的权限。

6>.CREATE TABLESPACE权限

　　代表允许创建，修改，删除表空间和日志组的权限。

7>.CRATE TEMPOARY TABLES权限

　　代表允许创建临时表的权限。

8>.CREATE USER权限

　　代表允许创建，修改，删除，重命名USRER的权限。

9>.CREATE VIEW权限

　　代表允许创建视图的权限。

10>.DELETE权限

　　代表允许删除行数据的权限。

11>.DROP权限

　　代表允许删除数据库，表，视图的权限，包括TRUNCATE TABLE命令。

12>.EVENT权限

　　代表允许查询，创建，修改，删除MySQL事件。

13>.Execute权限

　　代表允许执行存储过程和函数的权限。

14>.FILE权限

　　代表允许在MySQL可以访问的目录进行读写磁盘文件操作，可使用的命令包括LOAD DATA INFILE，SELECT ... INTO OUTFILE，LOAD FILE()函数。

15>.GRANT OPTION权限

　　代表是否允许此用户授权或者收回其他用户你给予的权限。

16>.INDEX权限

　　代表是否允许创建和删除索引。

17>.INSERT权限

　　代表是否允许在表里插入数据，同时在执行ANALYZE TABLE，OPTIMIZE TABLE，REPAIR TABLE语句的时候也需要INSERT权限。

18>.LOCK权限

　　代表允许对拥有SELECT权限的表进行锁定，以防止其他链接对此表的读或写。

19>.PROCESS权限

　　代表允许查看MySQL中的进程信息，比如执行SHOW PROCESSLIST,mysqladmin processlist（命令行），SHOW ENGINES等命令。

mysql> SHOW PROCESSLIST\G
*************************** . row ***************************
     Id:
   User: event_scheduler
   Host: localhost
     db: NULL
Command: Daemon
   Time:
  State: Waiting on empty queue
   Info: NULL
*************************** . row ***************************
     Id:
   User: root
   Host: localhost
     db: mysql
Command: Query
   Time:
  State: starting
   Info: SHOW PROCESSLIST
 rows in set (0.00 sec)
 
mysql>

mysql> SHOW PROCESSLIST\G

mysql> SHOW ENGINES\G
*************************** . row ***************************
      Engine: FEDERATED
     Support: NO
     Comment: Federated MySQL storage engine
Transactions: NULL
          XA: NULL
  Savepoints: NULL
*************************** . row ***************************
      Engine: InnoDB
     Support: DEFAULT
     Comment: Supports transactions, row-level locking, and foreign keys
Transactions: YES
          XA: YES
  Savepoints: YES
*************************** . row ***************************
      Engine: PERFORMANCE_SCHEMA
     Support: YES
     Comment: Performance Schema
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: MyISAM
     Support: YES
     Comment: MyISAM storage engine
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: MRG_MYISAM
     Support: YES
     Comment: Collection of identical MyISAM tables
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: BLACKHOLE
     Support: YES
     Comment: /dev/null storage engine (anything you write to it disappears)
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: MEMORY
     Support: YES
     Comment: Hash based, stored in memory, useful for temporary tables
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: CSV
     Support: YES
     Comment: CSV storage engine
Transactions: NO
          XA: NO
  Savepoints: NO
*************************** . row ***************************
      Engine: ARCHIVE
     Support: YES
     Comment: Archive storage engine
Transactions: NO
          XA: NO
  Savepoints: NO
 rows in set (0.00 sec)
 
mysql>

mysql> SHOW ENGINES\G

[root@node105 ~]# mysqladmin processlist -uroot -pyinzhengjie
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
+----+-----------------+-----------+----+---------+------+------------------------+------------------+
| Id | User            | Host      | db | Command | Time | State                  | Info             |
+----+-----------------+-----------+----+---------+------+------------------------+------------------+
|   | event_scheduler | localhost |    | Daemon  |  | Waiting on empty queue |                  |
|  | root            | localhost |    | Query   |     | starting               | show processlist |
+----+-----------------+-----------+----+---------+------+------------------------+------------------+
[root@node105 ~]#
[root@node105 ~]#

[root@node105 ~]# mysqladmin processlist -uroot -pyinzhengjie

20>.REFERENCE权限

　　是在5.7.6版本之后引入，代表是否允许创建外键。

21>.RELOAD权限

　　代表允许执行FLUSH命令，指明重新家在权限表到系统内存中，REFRESH命令代表关闭和重新开启日志文件并刷新所有到表。

22>.REPLICATION CLIENT权限

　　代表允许执行SHOW MASTER STATUS，SHOW SLAVE STATUS,SHOW BINARY LOGS命令。

mysql> SHOW MASTER STATUS;
+---------------+----------+--------------+------------------+-------------------+
| File          | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
+---------------+----------+--------------+------------------+-------------------+
| binlog.000003 |      155 |              |                  |                   |
+---------------+----------+--------------+------------------+-------------------+
1 row in set (0.00 sec)
 
mysql>

mysql> SHOW MASTER STATUS;

mysql> SHOW SLAVE STATUS;
Empty set (0.00 sec)
 
mysql>

mysql> SHOW SLAVE STATUS;

mysql>
mysql> SHOW BINARY LOGS;
+---------------+-----------+-----------+
| Log_name      | File_size | Encrypted |
+---------------+-----------+-----------+
| binlog.000001 |       513 | No        |
| binlog.000002 |       178 | No        |
| binlog.000003 |       155 | No        |
+---------------+-----------+-----------+
3 rows in set (0.00 sec)
 
mysql>
mysql>

mysql> SHOW BINARY LOGS;

23>.REPLICATION SLAVE权限

　　代表允许SLAVE主机通过此用户连接MASTER以便建立主从复制关系。

24>.SELECT权限

　　代表允许从表中查看数据，某些不查询表数据的SELECT执行则不需要此权限，如SELECT 1+1，SELECT PI() +5 等等；而且SELECT权限在执行UPDATA/DELETE语句中含有WHERE条件的情况下也是需要的。

mysql> SELECT PI()+5;
+----------+
| PI()+5   |
+----------+
| 8.141593 |
+----------+
1 row in set (0.00 sec)
 
mysql>

mysql> SELECT PI()+5;

25>.SHOW DATABASES权限

　　代表通过执行SHOW DATABASES名称查看所有的数据库名。

26>.SHOW VIEW权限

　　代表通过执行SHOW CREATE VIEW命令查看视图创建的语句。

27>.SHUTDOWN权限

　　代表允许关闭数据库实例，执行语句包括mysqladmin shutdown。

[root@node105 ~]# ss -ntl
State      Recv-Q Send-Q   Local Address:Port                  Peer Address:Port
LISTEN     0      128                  *:22                               *:*
LISTEN     0      128                 :::3306                            :::*
LISTEN     0      128                 :::22                              :::*
LISTEN     0      70                  :::33060                           :::*
[root@node105 ~]#
[root@node105 ~]#
[root@node105 ~]# mysqladmin -uroot -pyinzhengjie shutdown
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
[root@node105 ~]#
[root@node105 ~]# ss -ntl
State      Recv-Q Send-Q   Local Address:Port                  Peer Address:Port
LISTEN     0      128                  *:22                               *:*
LISTEN     0      128                 :::22                              :::*
[root@node105 ~]#
[root@node105 ~]#

[root@node105 ~]# mysqladmin -uroot -pyinzhengjie shutdown

28>.SUPER权限

　　代表允许执行一系列数据库管理命令，包括kill强制关闭某个连接命令，CHANGE MASTER TO 创建复制关系命令，以及CRETE/ALTER/DROP SERVER等命令。

29>.TRIGGER权限

　　代表允许创建，删除，执行，现实触发器等权限。

30>.UPADTE权限

　　代表允许修改表中等数据等权限。

31>.USAGE权限

　　它是创建一个用户之后等默认权限，其本身代表连接登陆权限。

mysql> CREATE USER yinzhengjie@node105.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.01 sec)
 
mysql> SHOW GRANTS FOR yinzhengjie@node105.yinzhengjie.org.cn;
+------------------------------------------------------------------+
| Grants for yinzhengjie@node105.yinzhengjie.org.cn                |
+------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `yinzhengjie`@`node105.yinzhengjie.org.cn` |
+------------------------------------------------------------------+
1 row in set (0.00 sec)
 
mysql>

mysql> SHOW GRANTS FOR yinzhengjie@node105.yinzhengjie.org.cn;

四.系统权限表

1>.权限存储在mysql库的user，db，tables_priv，columns_priv和procs_priv这5个系统表中。待MySQL实力启动成功后就家在到内存中。

• User表:
    存放用户账户信息以及全局级别(所有数据库)权限，决定了 来自哪些主机的哪些用户可以访问数据库实例，如果有全局权限则意味着对所有数据库都有此权限。
 
• Db表:
    存放数据库级别的权限，决定了来自哪些主机的哪些用户可以访 问此数据库。
 
• Tables_priv表:
    存放表级别的权限，决定了来自哪些主机的哪些用户可以 访问数据库的这个表。
 
• Columns_priv表:
    存放列（字段）级别的权限，决定了来自哪些主机的哪些用户可 以访问数据库表的这个字段。
 
• Procs_priv表:
    存放存储过程和函数级别的权限。

2>.user和db权限表结构

mysql> desc mysql.user\G
*************************** 1. row ***************************
  Field: Host
   Type: char(60)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 2. row ***************************
  Field: User
   Type: char(32)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 3. row ***************************
  Field: Select_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 4. row ***************************
  Field: Insert_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 5. row ***************************
  Field: Update_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 6. row ***************************
  Field: Delete_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 7. row ***************************
  Field: Create_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 8. row ***************************
  Field: Drop_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 9. row ***************************
  Field: Reload_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 10. row ***************************
  Field: Shutdown_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 11. row ***************************
  Field: Process_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 12. row ***************************
  Field: File_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 13. row ***************************
  Field: Grant_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 14. row ***************************
  Field: References_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 15. row ***************************
  Field: Index_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 16. row ***************************
  Field: Alter_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 17. row ***************************
  Field: Show_db_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 18. row ***************************
  Field: Super_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 19. row ***************************
  Field: Create_tmp_table_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 20. row ***************************
  Field: Lock_tables_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 21. row ***************************
  Field: Execute_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 22. row ***************************
  Field: Repl_slave_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 23. row ***************************
  Field: Repl_client_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 24. row ***************************
  Field: Create_view_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 25. row ***************************
  Field: Show_view_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 26. row ***************************
  Field: Create_routine_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 27. row ***************************
  Field: Alter_routine_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 28. row ***************************
  Field: Create_user_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 29. row ***************************
  Field: Event_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 30. row ***************************
  Field: Trigger_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 31. row ***************************
  Field: Create_tablespace_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 32. row ***************************
  Field: ssl_type
   Type: enum('','ANY','X509','SPECIFIED')
   Null: NO
    Key:
Default:
  Extra:
*************************** 33. row ***************************
  Field: ssl_cipher
   Type: blob
   Null: NO
    Key:
Default: NULL
  Extra:
*************************** 34. row ***************************
  Field: x509_issuer
   Type: blob
   Null: NO
    Key:
Default: NULL
  Extra:
*************************** 35. row ***************************
  Field: x509_subject
   Type: blob
   Null: NO
    Key:
Default: NULL
  Extra:
*************************** 36. row ***************************
  Field: max_questions
   Type: int(11) unsigned
   Null: NO
    Key:
Default: 0
  Extra:
*************************** 37. row ***************************
  Field: max_updates
   Type: int(11) unsigned
   Null: NO
    Key:
Default: 0
  Extra:
*************************** 38. row ***************************
  Field: max_connections
   Type: int(11) unsigned
   Null: NO
    Key:
Default: 0
  Extra:
*************************** 39. row ***************************
  Field: max_user_connections
   Type: int(11) unsigned
   Null: NO
    Key:
Default: 0
  Extra:
*************************** 40. row ***************************
  Field: plugin
   Type: char(64)
   Null: NO
    Key:
Default: caching_sha2_password
  Extra:
*************************** 41. row ***************************
  Field: authentication_string
   Type: text
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 42. row ***************************
  Field: password_expired
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 43. row ***************************
  Field: password_last_changed
   Type: timestamp
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 44. row ***************************
  Field: password_lifetime
   Type: smallint(5) unsigned
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 45. row ***************************
  Field: account_locked
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 46. row ***************************
  Field: Create_role_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 47. row ***************************
  Field: Drop_role_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 48. row ***************************
  Field: Password_reuse_history
   Type: smallint(5) unsigned
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 49. row ***************************
  Field: Password_reuse_time
   Type: smallint(5) unsigned
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 50. row ***************************
  Field: Password_require_current
   Type: enum('N','Y')
   Null: YES
    Key:
Default: NULL
  Extra:
*************************** 51. row ***************************
  Field: User_attributes
   Type: json
   Null: YES
    Key:
Default: NULL
  Extra:
51 rows in set (0.00 sec)
 
mysql>

查看user的表结构（mysql> desc mysql.user\G）

mysql> desc mysql.db\G
*************************** 1. row ***************************
  Field: Host
   Type: char(60)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 2. row ***************************
  Field: Db
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 3. row ***************************
  Field: User
   Type: char(32)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 4. row ***************************
  Field: Select_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 5. row ***************************
  Field: Insert_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 6. row ***************************
  Field: Update_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 7. row ***************************
  Field: Delete_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 8. row ***************************
  Field: Create_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 9. row ***************************
  Field: Drop_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 10. row ***************************
  Field: Grant_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 11. row ***************************
  Field: References_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 12. row ***************************
  Field: Index_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 13. row ***************************
  Field: Alter_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 14. row ***************************
  Field: Create_tmp_table_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 15. row ***************************
  Field: Lock_tables_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 16. row ***************************
  Field: Create_view_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 17. row ***************************
  Field: Show_view_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 18. row ***************************
  Field: Create_routine_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 19. row ***************************
  Field: Alter_routine_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 20. row ***************************
  Field: Execute_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 21. row ***************************
  Field: Event_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
*************************** 22. row ***************************
  Field: Trigger_priv
   Type: enum('N','Y')
   Null: NO
    Key:
Default: N
  Extra:
22 rows in set (0.00 sec)
 
mysql>

查看db的表结构（mysql> desc mysql.db\G）

 User权限表结构中的特殊字段
    • Plugin,password,authentication_string三个字段存放用户认证信息
    • Password_expired设置成’Y’则表明允许DBA将此用户的密码设置成过期而 且过期后要求用户的使用者重置密码(alter user/set password重置密码)
    • Password_last_changed作为一个时间戳字段代表密码上次修改时间，执 行create user/alter user/set password/grant等命令创建用户或修改用户密 码时此数值自动更新
    • Password_lifetime代表从password_last_changed时间开始此密码过期的天 数
    • Account_locked代表此用户被锁住，无法使用

3>.tables_priv和columns_priv权限表结构

mysql> desc mysql.tables_priv\G
*************************** 1. row ***************************
  Field: Host
   Type: char(60)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 2. row ***************************
  Field: Db
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 3. row ***************************
  Field: User
   Type: char(32)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 4. row ***************************
  Field: Table_name
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 5. row ***************************
  Field: Grantor
   Type: char(93)
   Null: NO
    Key: MUL
Default:
  Extra:
*************************** 6. row ***************************
  Field: Timestamp
   Type: timestamp
   Null: NO
    Key:
Default: CURRENT_TIMESTAMP
  Extra: DEFAULT_GENERATED on update CURRENT_TIMESTAMP
*************************** 7. row ***************************
  Field: Table_priv
   Type: set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create View','Show view','Trigger')
   Null: NO
    Key:
Default:
  Extra:
*************************** 8. row ***************************
  Field: Column_priv
   Type: set('Select','Insert','Update','References')
   Null: NO
    Key:
Default:
  Extra:
8 rows in set (0.00 sec)
 
mysql>

查看tables_priv表结构,Grantor和Timestamp两个字段暂时没用（mysql> desc mysql.tables_priv\G）

mysql> desc mysql.columns_priv\G
*************************** 1. row ***************************
  Field: Host
   Type: char(60)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 2. row ***************************
  Field: Db
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 3. row ***************************
  Field: User
   Type: char(32)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 4. row ***************************
  Field: Table_name
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 5. row ***************************
  Field: Column_name
   Type: char(64)
   Null: NO
    Key: PRI
Default:
  Extra:
*************************** 6. row ***************************
  Field: Timestamp
   Type: timestamp
   Null: NO
    Key:
Default: CURRENT_TIMESTAMP
  Extra: DEFAULT_GENERATED on update CURRENT_TIMESTAMP
*************************** 7. row ***************************
  Field: Column_priv
   Type: set('Select','Insert','Update','References')
   Null: NO
    Key:
Default:
  Extra:
7 rows in set (0.00 sec)
 
mysql>

查看columns_priv表结构mysql> desc mysql.columns_priv\G

procs_priv权限表结构
    • Routine_type是枚举类型，代表是存储过程还是函数
    • Timestamp和grantor两个字段暂时没用

4>.系统权限表字段长度限制表

5>.权限认证中的大小写铭感问题

• 字段user,password,authencation_string,db,table_name大小写敏感 
• 字段host,column_name,routine_name大小写不敏感

mysql> CREATE USER yinzhengjie@node110.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> CREATE USER Yinzhengjie@node110.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> select User,Host from mysql.user where Host='node110.yinzhengjie.org.cn';
+-------------+----------------------------+
| User        | Host                       |
+-------------+----------------------------+
| Yinzhengjie | node110.yinzhengjie.org.cn |
| yinzhengjie | node110.yinzhengjie.org.cn |
+-------------+----------------------------+
2 rows in set (0.00 sec)
 
mysql>
mysql>

USER用户大小写铭感案例。欢聚话说，就是区分大小写。（mysql> CREATE USER Yinzhengjie@node105.yinzhengjie.org.cn; ）

mysql> CREATE USER jason@node110.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> CREATE USER jason@NODE110.yinzhengjie.org.cn;       #这里报错了，说明MySQL的主机名是不区分大小写的！如果你写成大写他会默认给你转换成小写在user表中进行对比！
ERROR 1396 (HY000): Operation CREATE USER failed for 'jason'@'node110.yinzhengjie.org.cn'
mysql>
mysql>
mysql> select User,Host from mysql.user where Host='node110.yinzhengjie.org.cn';
+-------------+----------------------------+
| User        | Host                       |
+-------------+----------------------------+
| Yinzhengjie | node110.yinzhengjie.org.cn |
| jason       | node110.yinzhengjie.org.cn |
| yinzhengjie | node110.yinzhengjie.org.cn |
+-------------+----------------------------+
3 rows in set (0.00 sec)
 
mysql>
mysql>

Host主机名大小写不铭感。换句话说，就是不区分大小写（mysql> CREATE USER jason@node110.yinzhengjie.org.cn;）

6>.查看用户权限信息

mysql> SHOW GRANTS FOR 'root'@'localhost'\G
*************************** 1. row ***************************
Grants for root@localhost: GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** 2. row ***************************
Grants for root@localhost: GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** 3. row ***************************
Grants for root@localhost: GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
3 rows in set (0.00 sec)
 
mysql>

查看已经授给用户的权限信息（mysql> SHOW GRANTS FOR 'root'@'localhost'\G）

mysql> SHOW CREATE USER root@localhost\G
*************************** 1. row ***************************
CREATE USER for root@localhost: CREATE USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$_DHTgn}dT9t%1>5eMM4wjrUWB.UY3A60WfUlqsZAVP0HhJ3Xxp1bFRs76g9B' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT
1 row in set (0.00 sec)
 
mysql>
mysql>

查看用户的其他非授权信息（mysql> SHOW CREATE USER root@localhost\G）

五.MySQL授权用户

1>.MySQL授权用户的组成部分

　　MySQL的授权用户由两部分组成，即用户名和登陆主机名。关于用户名和主机名需要遵循以下几点规则：

    • 表达用户的语法为‘user_name’@‘host_name’
    • 单引号不是必须，但如果其中包含特殊字符则是必须的
    • ‘’@‘localhost’代表匿名登录的用户
    • Host_name可以使主机名或者ipv4/ipv6的地址。Localhost代表本机，127.0.0.1代表ipv4的 本机地址，::1代表ipv6的本机地址
    • Host_name字段允许使用%和_两个匹配字符，比如’%’代表所有主机，’%.mysql.com’代表 来自mysql.com这个域名下的所有主机，‘192.168.1.%’代表所有来自192.168.1网段的主机

2>.MySQL修改权限的生效周期

    • 执行Grant,revoke,setpassword,renameuser命令修改权限之后，MySQL会自动将修改后的权限信息同步加载到系统内存中
    • 如果执行insert/update/delete操作上述的系统权限表之后，则必须再执行刷 新权限命令才能同步到系统内存中，刷新权限命令包括:flush privileges/mysqladmin flush-privileges/mysqladmin reload
    • 如果是修改tables和columns级别的权限，则客户端的下次操作新权限就会生效
    • 如果是修改database级别的权限，则新权限在客户端执行use database命令后生效
    • 如果是修改global级别的权限，则需要重新创建连接新权限才能生效
    • --skip-grant-tables可以跳过所有系统权限表而允许所有用户登录，只在特殊 情况下暂时使用

3>.MySQL用户连接各种姿势

[root@node105 ~]# mysql --user=root --password mysql
Enter password:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 8.0.14 MySQL Community Server - GPL
 
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> select database();
+------------+
| database() |
+------------+
| mysql      |
+------------+
1 row in set (0.00 sec)
 
mysql>
mysql> quit
Bye
[root@node105 ~]#
[root@node105 ~]#

姿势一，输入完整的命令参数连接指定的数据库（[root@node105 ~]# mysql --user=root --password mysql）

[root@node105 ~]# mysql --user=root -p mysql
Enter password:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 8.0.14 MySQL Community Server - GPL
 
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> select database();
+------------+
| database() |
+------------+
| mysql      |
+------------+
1 row in set (0.00 sec)
 
mysql> quit
Bye
[root@node105 ~]#

姿势二,对姿势一对password参数简写形式（[root@node105 ~]# mysql --user=root -p mysql ）

[root@node105 ~]# mysql --user=root --password=yinzhengjie mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 16
Server version: 8.0.14 MySQL Community Server - GPL
 
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> select database();
+------------+
| database() |
+------------+
| mysql      |
+------------+
1 row in set (0.00 sec)
 
mysql> quit
Bye
[root@node105 ~]#
[root@node105 ~]# history  |  tail -5
  282  mysql --user=yinzhengjie@node105.yinzhengjie.org.cn --password mysql
  283  mysql --user=root --password mysql
  284  mysql --user=root -p mysql
  285  mysql --user=root --password=yinzhengjie mysql     #密码被history记录住了
  286  history  |  tail -5
[root@node105 ~]#

姿势三，输入完整的命令参数连接指定的数据库，容易报漏密码给history！不推荐使用（[root@node105 ~]# mysql --user=root --password=yinzhengjie mysql）

[root@node105 ~]# mysql -uroot -pyinzhengjie mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 17
Server version: 8.0.14 MySQL Community Server - GPL
 
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> select database();
+------------+
| database() |
+------------+
| mysql      |
+------------+
1 row in set (0.00 sec)
 
mysql> quit;
Bye
[root@node105 ~]# history  |  tail -2
  289  mysql -uroot -pyinzhengjie mysql
  290  history  |  tail -2
[root@node105 ~]#

姿势四，对姿势三参数的简写形式，由于容易报漏密码，俺不推荐大家使用这种方式，如果在测试环境下使用倒也无所谓（[root@node105 ~]# mysql -uroot -pyinzhengjie mysql）

4>.创建MySQL用户案例展示

　　有两种创建MySQL授权用户：

　　　　姿势一：执行CREATE USER/GRANT命令（博主推荐）

　　　　姿势二：通过INSERT语句直接操作MySQL系统权限表（不推荐使用）

mysql> SELECT User,Host from mysql.user;
+------------------+-----------+
| User             | Host      |
+------------------+-----------+
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
+------------------+-----------+
4 rows in set (0.00 sec)
 
mysql>
mysql>
mysql> CREATE USER 'jason'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
5 rows in set (0.00 sec)
 
mysql>

创建用户（mysql> CREATE USER 'jason'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie';）

mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';
+------------------------------------------------------------+
| Grants for jason@node110.yinzhengjie.org.cn                |
+------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jason`@`node110.yinzhengjie.org.cn` |
+------------------------------------------------------------+
1 row in set (0.00 sec)
 
mysql>

创建用户后，查看该用户的默认权限（mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';）

mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';
+------------------------------------------------------------+
| Grants for jason@node110.yinzhengjie.org.cn                |
+------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jason`@`node110.yinzhengjie.org.cn` |
+------------------------------------------------------------+
row in set (0.00 sec)
 
mysql>
mysql> CREATE DATABASE yinzhengjie;
Query OK, 1 row affected (0.00 sec)
 
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
| yinzhengjie        |
+--------------------+
rows in set (0.00 sec)
 
mysql>
mysql> GRANT ALL PRIVILEGES ON yinzhengjie.* TO `jason`@`node110.yinzhengjie.org.cn` WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';
+--------------------------------------------------------------------------------------------------+
| Grants for jason@node110.yinzhengjie.org.cn                                                      |
+--------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jason`@`node110.yinzhengjie.org.cn`                                       |
| GRANT ALL PRIVILEGES ON `yinzhengjie`.* TO `jason`@`node110.yinzhengjie.org.cn` WITH GRANT OPTION |
+--------------------------------------------------------------------------------------------------+
rows in set (0.00 sec)
 
mysql>

将自定义的yinzhengjie数据库授权给jason@node110.yinzhengjie.org.cn用户，并且该用户还可以把这个权限授权给其他用户哟！（mysql> GRANT ALL PRIVILEGES ON yinzhengjie.* TO `jason`@`node110.yinzhengjie.org.cn` WITH GRANT OPTION;）

[root@node110 ~]# hostname
node110.yinzhengjie.org.cn
[root@node110 ~]#
[root@node110 ~]# hostname -i
172.30.1.110
[root@node110 ~]#
[root@node110 ~]# cat /etc/hosts | grep yinzhengjie
172.30.1.101 node101.yinzhengjie.org.cn
172.30.1.102 node102.yinzhengjie.org.cn
172.30.1.103 node103.yinzhengjie.org.cn
172.30.1.105 node105.yinzhengjie.org.cn
172.30.1.110 node110.yinzhengjie.org.cn
[root@node110 ~]#
[root@node110 ~]#
[root@node110 ~]# mysql -h node105.yinzhengjie.org.cn -ujason -pyinzhengjie
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 21
Server version: 8.0.14 MySQL Community Server - GPL
 
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| yinzhengjie        |
+--------------------+
2 rows in set (0.00 sec)
 
mysql> use yinzhengjie;
Database changed
mysql>
mysql> SELECT database();
+-------------+
| database()  |
+-------------+
| yinzhengjie |
+-------------+
1 row in set (0.00 sec)
 
mysql> show tables;
Empty set (0.00 sec)
 
mysql> quit
Bye
[root@node110 ~]#
[root@node110 ~]#

使用客户端（node110.yinzhengjie.org.cn）访问数据库服务器（node105.yinzhengjie.org.cn） [root@node110 ~]# mysql -h node105.yinzhengjie.org.cn -ujason -pyinzhengjie

5>.回收MySQL用户权限

mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';
+---------------------------------------------------------------------------------------------------+
| Grants for jason@node110.yinzhengjie.org.cn                                                       |
+---------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jason`@`node110.yinzhengjie.org.cn`                                        |
| GRANT ALL PRIVILEGES ON `yinzhengjie`.* TO `jason`@`node110.yinzhengjie.org.cn` WITH GRANT OPTION |
+---------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
 
mysql>
mysql> REVOKE SELECT,UPDATE,DELETE ON yinzhengjie.* FROM 'jason'@'node110.yinzhengjie.org.cn';
Query OK, 0 rows affected (0.00 sec)
 
mysql> SHOW GRANTS FOR 'jason'@'node110.yinzhengjie.org.cn';
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for jason@node110.yinzhengjie.org.cn                                                                                                                                                                                                             |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jason`@`node110.yinzhengjie.org.cn`                                                                                                                                                                                              |
| GRANT INSERT, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `yinzhengjie`.* TO `jason`@`node110.yinzhengjie.org.cn` WITH GRANT OPTION |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
 
mysql>

通过REVOKE命令收回用户权限（mysql> REVOKE SELECT,UPDATE,DELETE ON yinzhengjie.* FROM 'jason'@'node110.yinzhengjie.org.cn';）

6>.删除MySQL用户

mysql>
mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
5 rows in set (0.00 sec)
 
mysql>
mysql> DROP USER jason@node110.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SELECT User,Host from mysql.user;
+------------------+-----------+
| User             | Host      |
+------------------+-----------+
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
+------------------+-----------+
4 rows in set (0.00 sec)
 
mysql>

通过执行DROP USER命令删除MySQL用户（mysql> DROP USER jason@node110.yinzhengjie.org.cn;）

7>.设置MySQL用户资源

    • 通过设置全局变量max_user_connections可以限制所有用户在同一时间连接MySQL实例的数量，但此参数无法对每个用户区别对待，所以MySQL提供了对每个用户的资源限制管理
    • MAX_QUERIES_PER_HOUR:一个用户在一个小时内可以执行查询的次数(基本包含所有语句)
    • MAX_UPDATES_PER_HOUR:一个用户在一个小时内可以执行修改的次数(仅包含修改数据库或表的语句)
    • MAX_CONNECTIONS_PER_HOUR:一个用户在一个小时内可以连接MySQL的时间

    • MAX_USER_CONNECTIONS:一个用户可以在同一时间连接MySQL实例的数量，注意，当针对某个用户当MAX_USER_CONNECTIONS非0时，则忽略全局系统参数MAX_USER_CONNECTIONS,反之则全局系统参数生效！

    • 从5.0.3版本开始，对用户‘user’@‘%.example.com’的资源限制是指所有 通过example.com域名主机连接user用户的连接，而不是分别指从 host1.example.com和host2.example.com主机过来的连接

mysql> SELECT User,Host from mysql.user;
+------------------+-----------+
| User             | Host      |
+------------------+-----------+
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
+------------------+-----------+
4 rows in set (0.00 sec)
 
mysql>
mysql> CREATE USER 'jason'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie'
    -> WITH MAX_QUERIES_PER_HOUR 20
    -> MAX_UPDATES_PER_HOUR 5
    -> MAX_CONNECTIONS_PER_HOUR 3
    -> MAX_USER_CONNECTIONS 2;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
5 rows in set (0.00 sec)
 
mysql>

在创建MySQL用户时指定MySQL资源限制（mysql> CREATE USER 'jason'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie' WITH MAX_QUERIES_PER_HOUR 20 MAX_UPDATES_PER_HOUR 5 MAX_CONNECTIONS_PER_HOUR 3 MAX_USER_CONNECTIONS 2;）

mysql> ALTER USER jason@node110.yinzhengjie.org.cn WITH MAX_USER_CONNECTIONS 5;
Query OK, 0 rows affected (0.01 sec)
 
mysql>

对已经创建的用户进行资源限制（mysql> ALTER USER jason@node110.yinzhengjie.org.cn WITH MAX_USER_CONNECTIONS 5;）

mysql> ALTER USER jason@node110.yinzhengjie.org.cn WITH MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.01 sec)
 
mysql>

取消某项资源限制既是把原先的值修改成0（mysql> ALTER USER jason@node110.yinzhengjie.org.cn WITH MAX_USER_CONNECTIONS 0;）

8>.设置MySQL用户当密码

mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
5 rows in set (0.00 sec)
 
mysql>
mysql> CREATE USER 'yinzhengjie'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
| yinzhengjie      | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
6 rows in set (0.00 sec)
 
mysql>

姿势一，执行CREATE USER创建用户和密码（mysql> CREATE USER 'yinzhengjie'@'node110.yinzhengjie.org.cn' IDENTIFIED BY 'yinzhengjie';）

mysql> ALTER USER jason@node110.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie2019';
Query OK, 0 rows affected (0.01 sec)
 
mysql>

姿势二，修改已经存在的MySQL用户的密码（mysql> ALTER USER jason@node110.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie2019';）

mysql> SELECT USER();
+----------------+
| USER()         |
+----------------+
| root@localhost |
+----------------+
1 row in set (0.00 sec)
 
mysql>
mysql> ALTER USER USER() IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.01 sec)
 
mysql>

姿势三,修改当前的登陆用户名的密码（mysql> ALTER USER USER() IDENTIFIED BY 'yinzhengjie';）

　　注意，MySQL8.0以后的版本，不支持使用 SET PASSWORD FOR jason@node110.yinzhengjie.org.cn = PASSWORD('yinzhengjie'); 这样的语句修改代码了，使用MySQL5.7的小伙伴们得注意一下了哟～当然，如果你通过mysqladmin的方式修改MySQL密码也是一种方式，但是博主不推荐哟～别忘记Linux中又一个history功能哟！

9>.设置MySQL用户密码过期策略

　　设置系统参数default_password_lifetime作用于所有的用户账户

    • default_password_lifetime=180 设置180天过期
 
    • default_password_lifetime=0 设置密码不过期

　　如果为每个用户设置了密码过期策略，则会覆盖上述系统参数

    • ALTER　USER　'jason'@'node101.yinzhengjie.org.cn'　PASSWORD　EXPIRE　INTERVAL　90　DAY;
    • ALTER　USER　‘jason’@‘node102.yinzhengjie.org.cn’　PASSWORD　EXPIRE　NEVER;　　　　　　　　密码不过期

    • ALTER　USER　‘jason’@‘node103.yinzhengjie.org.cn’　PASSWORD　EXPIRE　DEFAULT;　　　　　　 默认过期策略

　　手动强制某个用户密码过期

    • ALTER　　USER　　'jason'@'node105.yinzhengjie.org.cn'　　PASSWORD　　EXPIRE;

10>.MySQL用户lock

mysql> CREATE USER yzj@node110.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie' ACCOUNT LOCK;
Query OK, 0 rows affected (0.01 sec)
 
mysql>

通过执行CREATE USER语句默认的用户是unlock状态（mysql> CREATE USER yzj@node110.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie' ACCOUNT LOCK;）

mysql> SELECT User,Host from mysql.user;
+------------------+----------------------------+
| User             | Host                       |
+------------------+----------------------------+
| mysql.infoschema | localhost                  |
| mysql.session    | localhost                  |
| mysql.sys        | localhost                  |
| root             | localhost                  |
| jason            | node110.yinzhengjie.org.cn |
| yinzhengjie      | node110.yinzhengjie.org.cn |
| yzj              | node110.yinzhengjie.org.cn |
+------------------+----------------------------+
7 rows in set (0.00 sec)
 
mysql>
mysql> ALTER USER yinzhengjie@node110.yinzhengjie.org.cn ACCOUNT LOCK;
Query OK, 0 rows affected (0.01 sec)
 
mysql>

通过ALTER USER语句将已经存在的MySQL用户锁住（mysql> ALTER USER yinzhengjie@node110.yinzhengjie.org.cn ACCOUNT LOCK;）

　　我们创建时就将用户锁住，那么其时无法登陆MySQL服务器的哟！连接时会提示该用户已经被锁入住，如下所示：

[root@node110 ~]#  mysql -h node105.yinzhengjie.org.cn -uyzj -pyinzhengjie
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 3118 (HY000): Access denied for user 'yzj'@'node110.yinzhengjie.org.cn'. Account is locked.
[root@node110 ~]#
[root@node110 ~]#

　　如果MySQL用户被锁住后，有人申请要解锁的话，其实也很简单，具体操作如下：

mysql> ALTER USER yinzhengjie@node110.yinzhengjie.org.cn ACCOUNT UNLOCK;
Query OK, 0 rows affected (0.00 sec)
 
mysql>

11>.企业应用中的常规MySQL用户

　　MySQL用户的创建通常由DBA统一协调创建，而且按需创建；

　　DBA通常直接使用root用户来管理数据库;

　　通常会创建指定业务数据库上的增删改查、临时表、执行存储过程的权限给应用程序来连接数据库；

　　通常也会创建指定业务数据库上的只读权限给特定应用程序或某些高级别人员来查询数据，防止数据被修改；

　　在MySQL8.0引入了一个角色的概念，具体的SQL操作如下：

mysql> CREATE ROLE app_readonly;　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　#创建一个app_readonly角色（组）
Query OK, 0 rows affected (0.03 sec)
 
mysql>
mysql> GRANT SELECT ON *.* TO app_readonly;　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　#我们为创建的角色授予只读权限
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> CREATE USER apache@node105.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie';　　　　　　  #我们创建一个用户
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> CREATE USER nginx@node105.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> GRANT app_readonly TO  apache@node105.yinzhengjie.org.cn ;　　　　　　　　　　　　　　　　　　#我们将角色的权限授予指定的用户
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> GRANT app_readonly TO   nginx@node105.yinzhengjie.org.cn ;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql>
mysql> CREATE ROLE app_readwrite;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> GRANT SELECT,INSERT,DELETE,UPDATE ON *.* TO app_readwrite;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql>
mysql> CREATE USER django@node105.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.01 sec)
 
mysql>
mysql> CREATE USER vue@node105.yinzhengjie.org.cn IDENTIFIED BY 'yinzhengjie';
Query OK, 0 rows affected (0.01 sec)
 
mysql>
mysql> GRANT app_readwrite TO django@node105.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> GRANT app_readwrite TO vue@node105.yinzhengjie.org.cn;
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SHOW GRANTS FOR django@node105.yinzhengjie.org.cn;
+--------------------------------------------------------------------+
| Grants for django@node105.yinzhengjie.org.cn                       |
+--------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `django`@`node105.yinzhengjie.org.cn`        |
| GRANT `app_readwrite`@`%` TO `django`@`node105.yinzhengjie.org.cn` |
+--------------------------------------------------------------------+
2 rows in set (0.00 sec)
 
mysql>
mysql> SHOW GRANTS FOR django@node105.yinzhengjie.org.cn USING app_readwrite;　　　　　　　　　　　　#使用USING + 角色名称 就可以看到详细的权限信息了，和上面的查看权限的形成了鲜明的对比~
+--------------------------------------------------------------------------------------+
| Grants for django@node105.yinzhengjie.org.cn                                         |
+--------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO `django`@`node105.yinzhengjie.org.cn` |
| GRANT `app_readwrite`@`%` TO `django`@`node105.yinzhengjie.org.cn`                   |
+--------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
 
mysql>
mysql> REVOKE app_readwrite FROM django@node105.yinzhengjie.org.cn;　　　　　　　　　　　　　　　　　　#我们可以收回权限
Query OK, 0 rows affected (0.00 sec)
 
mysql>
mysql> SHOW GRANTS FOR django@node105.yinzhengjie.org.cn;　　　　　　　　　　　　　　　　　　　　　　　　#当然我们也可以把多个角色赋值给同一个用户哟~
+-------------------------------------------------------------+
| Grants for django@node105.yinzhengjie.org.cn                |
+-------------------------------------------------------------+
| GRANT USAGE ON *.* TO `django`@`node105.yinzhengjie.org.cn` |
+-------------------------------------------------------------+
1 row in set (0.00 sec)
 
mysql>

12>.企业应用中的MySQL用户密码设定

    • 企业生产系统中MySQL用户的密码设定有严格的规范，通常要有密码复杂度、密码长度等要求

    • 搜索网上的密码生成器，能按要求生成随机密码 
 
　　 • http://suijimimashengcheng.51240.com/

MySQL权限授权认证详解的更多相关文章

OAuth 2.0 授权认证详解
一.认识 OAuth 2.0 1.1 OAuth 2.0 应用场景 OAuth 2.0 标准目前被广泛应用在第三方登录场景中,以下是虚拟出来的角色,阐述 OAuth2 能帮我们干什么,引用阮一峰这篇理 ...
Shrio授权验证详解
所谓授权,就是控制你是否能访问某个资源,比如说,你可以方位page文件夹下的jsp页面,但是不可以访问page文件夹下的admin文件夹下的jsp页面. 在授权中,有三个核心元素:权限,角色,用户. ...
mysql学习3：mysql之my.cnf详解
mysql之my.cnf详解本文转自:https://www.cnblogs.com/panwenbin-logs/p/8360703.html 以下是 my.cnf 配置文件参数解释: #*** ...
mysql配置文件my.cnf详解
原文地址:mysql配置文件my.cnf详解作者:gron basedir = path 使用给定目录作为根目录(安装目录). character-sets-dir = path 给出存放着字符集的 ...
JWT（Json web token）认证详解
JWT(Json web token)认证详解什么是JWT Json web token (JWT), 是为了在网络应用环境间传递声明而执行的一种基于JSON的开放标准((RFC 7519).该to ...
转 OAuth 2.0授权协议详解
http://www.jb51.net/article/54948.htm 作者:阮一峰字体:[增加减小] 类型:转载时间:2014-09-10我要评论这篇文章主要介绍了OAuth 2.0授权 ...
SQL Server中通用数据库角色权限的处理详解
SQL Server中通用数据库角色权限的处理详解前言安全性是所有数据库管理系统的一个重要特征.理解安全性问题是理解数据库管理系统安全性机制的前提. 最近和同事在做数据库权限清理的事情,主要是删除 ...
MySQL 语句执行过程详解
MySQL 原理篇 MySQL 索引机制 MySQL 体系结构及存储引擎 MySQL 语句执行过程详解 MySQL 执行计划详解 MySQL InnoDB 缓冲池 MySQL InnoDB 事务 My ...
Python中操作mysql的pymysql模块详解
Python中操作mysql的pymysql模块详解前言 pymsql是Python中操作MySQL的模块,其使用方法和MySQLdb几乎相同.但目前pymysql支持python3.x而后者不支持 ...

随机推荐

找工作的程序员必懂的Linux
一.为什么要学习Linux 首先,我想先说一下:“为什么要学习Linux”?Linux 是什么,它是一款操作系统,是一个支持多用户.多任务.支持多线程和多CPU的操作系统:32位和64位的硬件可以在L ...
springmvc使用swagger生成rest api文档
pom.xml <dependency> <groupId>io.springfox</groupId> <artifactId>springfox-s ...
windows新增/修改/删除系统环境变量bat示例，一键配置JAVA_HOME
setx JAVA_HOME "C:\Program Files\java\jdk1.6.0_27" /m setx classpath = ".;%JAVA_HOME% ...
int,String转换
int -> String 第一种方法:s=i+""; //会产生两个String对象第二种方法:s=String.valueOf(i); //直接使用String类的静态 ...
js弹框的3种方法
js的三种弹框的方法 1.第一种 : alert("1"); 2.第二种 : window.open("Tests2.html"); var r = con ...
各种反演细节梳理&模板
炫酷反演魔术课件byVFK stO FDF Orz(证明全有%%%) 莫比乌斯反演 \(F(n)=\sum\limits_{d|n}f(d)\Rightarrow f(n)=\sum\limits_{ ...
mac上安装memcache
1. 安装 brew (http://brew.sh/) /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/H ...
如何在jsp中引入bootstrap
如何在jsp中引入bootstrap包: 1.首先在http://getbootstrap.com/上下载Bootstrap的最新版. 您会看到两个按钮: Download Bootstrap:下载 ...
BZOJ 1370: [Baltic2003]Gang团伙（luogu 1892）（种类并查集）
题面: bzoj题面有误,还是看luogu的吧 https://www.luogu.org/problemnew/show/P1892 题解: 种类并查集.. 因为有敌人的敌人是朋友这个条件,所以需要 ...
SpringBoot整合阿里Druid数据源及Spring-Data-Jpa
SpringBoot整合阿里Druid数据源及Spring-Data-Jpa https://mp.weixin.qq.com/s?__biz=MzU0MDEwMjgwNA==&mid=224 ...

MySQL权限授权认证详解

MySQL权限授权认证详解的更多相关文章

随机推荐

热门专题