上QQ阅读APP看本书,新人免费读10天
设备和账号都新为新人
1.4 创建用户、库、表、数据
不要直接使用DML语句操作mysql.user表,而是要使用grant、revoke或者create user、drop user语句。如果必须要使用DML语句操作mysql.user表,那么请注意,在MySQL 5.7.x中password字段名称变更为了authentication_string。
1.4.1 创建管理用户并授权
创建管理用户,并为这个管理用户授予任意地址访问的所有权限(包括with grant option权限)。
# 创建管理用户 mysql> create user 'gangshen'@'%' identified by 'admin'; Query OK, 0 rows affected(0.01 sec) mysql> create user 'gangshen'@'localhost' identified by 'admin'; Query OK, 0 rows affected(0.00 sec) mysql> grant all on *.* to 'gangshen'@'%' with grant option; Query OK, 0 rows affected(0.00 sec) # 注:在MySQL 5.7.x较新的版本及其8.0.x版本中,在授予%号地址来源时也同时包含了localhost,不再单独区分 mysql> grant all on *.* to 'gangshen'@'localhost' with grant option; Query OK, 0 rows affected(0.00 sec) # 使用新创建的管理账号重新登录MySQL,验证这个管理账号是否可用 [root@localhost mysql]# mysql -ugangshen -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 Server version: 5.6.35-log MySQL Community Server(GPL) Copyright(c)2000, 2016, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help; ' or '\h' for help. Type '\c' to clear the current input statement. mysql> show grants; +--------------------------------------------------------------------+ | Grants for gangshen@localhost | +--------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'gangshen'@'localhost' IDENTIFIED BY PASSWORD '*4ACFE3202A5FF5CF467898FC58AAB1D615029441' WITH GRANT OPTION | +--------------------------------------------------------------------+ 1 row in set(0.00 sec)
1.4.2 创建库、表、程序账号
创建程序账号(在生产环境中不建议直接使用root账号,所以这里新建一个管理员账号,一个程序账号)。
程序账号一般给开发人员使用,给定权限推荐:create routine、alter routine、execute、select、delete、insert、update。
程序账号需要指定具体的库或表,且指定具体的访问来源。
# 使用管理员账号创建库、表 mysql> create database shengang_db; Query OK, 1 row affected(0.00 sec) mysql> use shengang_db Database changed mysql> create table shengang_table(id int primary key auto_increment, shengang_test varchar(50), datetime_current datetime); Query OK, 0 rows affected(0.02 sec) # 创建程序账号并赋予权限 mysql> create user 'program'@'192.168.2.105' identified by 'admin'; Query OK, 0 rows affected(0.00 sec) mysql> create user 'program'@'localhost' identified by 'admin'; Query OK, 0 rows affected(0.00 sec) mysql> grant create routine, alter routine, execute, select, delete, insert, update on shengang_db.* to 'program'@'localhost'; Query OK, 0 rows affected(0.00 sec) mysql> grant create routine, alter routine, execute, select, delete, insert, update on shengang_db.* to 'program'@'192.168.2.105'; Query OK, 0 rows affected(0.00 sec) mysql> flush privileges; Query OK, 0 rows affected(0.00 sec)
1.4.3 插入数据
使用程序账号登录MySQL,并插入数据。
[root@localhost mysql]# mysql -uprogram -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 9 Server version: 5.6.35-log MySQL Community Server(GPL) Copyright(c)2000, 2016, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help; ' or '\h' for help. Type '\c' to clear the current input statement. mysql> select user(); +-------------------+ | user() | +-------------------+ | program@localhost | +-------------------+ 1 row in set(0.00 sec) # 查看程序账号的权限是否正确 mysql> show grants; +------------------------------------------------------------------+ | Grants for program@localhost | +------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'program'@'localhost' IDENTIFIED BY PASSWORD <secret>| | GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, CREATE ROUTINE, ALTER ROUTINE ON`shengang_db`.* TO 'program'@'localhost' | +------------------------------------------------------------------+ 2 rows in set(0.00 sec) mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | shengang_db | +--------------------+ 2 rows in set(0.00 sec) mysql> use shengang_db Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +-----------------------+ | Tables_in_shengang_db | +-----------------------+ | shengang_table | +-----------------------+ 1 row in set(0.00 sec) # 查看表结构是否创建正确 mysql> show create table shengang_table; +----------------+-------------------------------------------------+ | Table | Create Table | +----------------+-------------------------------------------------+ | shengang_table | CREATE TABLE `shengang_table`( `id` int(11)NOT NULL AUTO_INCREMENT, `shengang_test` varchar(50)DEFAULT NULL, `datetime_current` datetime DEFAULT NULL, PRIMARY KEY(`id`) )ENGINE=InnoDB DEFAULT CHARSET=latin1 | +----------------+-------------------------------------------------+ 1 row in set(0.00 sec) mysql> insert into shengang_table(`shengang_test`, `datetime_current`)values('shengang', now()); Query OK, 1 row affected(0.00 sec) # 查看插入数据是否正确 mysql> select * from shengang_table; +----+---------------+---------------------+ | id | shengang_test | datetime_current | +----+---------------+---------------------+ | 1 | shengang | 2017-02-13 00:21:37 | +----+---------------+---------------------+ 1 row in set(0.00 sec) mysql>