mysql授权帮助命令
help grant
mysql> help grant
Name: 'GRANT'
Description:
Syntax:
GRANT
priv_type [(column_list)]
[, priv_type [(column_list)]] ...
ON [object_type] priv_level
TO user [auth_option] [, user [auth_option]] ...
[REQUIRE {NONE | tls_option [[AND] tls_option] ...}]
[WITH {GRANT OPTION | resource_option} ...]
GRANT PROXY ON user
TO user [, user] ...
[WITH GRANT OPTION]
object_type: {
TABLE
| FUNCTION
| PROCEDURE
}
priv_level: {
*
| *.*
| db_name.*
| db_name.tbl_name
| tbl_name
| db_name.routine_name
}
user:
(see https://dev.mysql.com/doc/refman/5.7/en/account-names.html)
auth_option: {
IDENTIFIED BY 'auth_string'
| IDENTIFIED WITH auth_plugin
| IDENTIFIED WITH auth_plugin BY 'auth_string'
| IDENTIFIED WITH auth_plugin AS 'auth_string'
| IDENTIFIED BY PASSWORD 'auth_string'
}
tls_option: {
SSL
| X509
| CIPHER 'cipher'
| ISSUER 'issuer'
| SUBJECT 'subject'
}
resource_option: {
| MAX_QUERIES_PER_HOUR count
| MAX_UPDATES_PER_HOUR count
| MAX_CONNECTIONS_PER_HOUR count
| MAX_USER_CONNECTIONS count
}
The GRANT statement grants privileges to MySQL user accounts.
To grant a privilege with GRANT, you must have the GRANT OPTION
privilege, and you must have the privileges that you are granting.
(Alternatively, if you have the UPDATE privilege for the grant tables
in the mysql system database, you can grant any account any privilege.)
When the read_only system variable is enabled, GRANT additionally
requires the SUPER privilege.
The REVOKE statement is related to GRANT and enables administrators to
remove account privileges. See [HELP REVOKE].
Each account name uses the format described in
https://dev.mysql.com/doc/refman/5.7/en/account-names.html. For
example:
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
The host name part of the account, if omitted, defaults to '%'.
Normally, a database administrator first uses CREATE USER to create an
account and define its nonprivilege characteristics such as its
password, whether it uses secure connections, and limits on access to
server resources, then uses GRANT to define its privileges. ALTER USER
may be used to change the nonprivilege characteristics of existing
accounts. For example:
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost';
ALTER USER 'jeffrey'@'localhost' WITH MAX_QUERIES_PER_HOUR 90;
*Note*:
Examples shown here include no IDENTIFIED clause. It is assumed that
you establish passwords with CREATE USER at account-creation time to
avoid creating insecure accounts.
*Note*:
If an account named in a GRANT statement does not already exist, GRANT
may create it under the conditions described later in the discussion of
the NO_AUTO_CREATE_USER SQL mode. It is also possible to use GRANT to
specify nonprivilege account characteristics such as whether it uses
secure connections and limits on access to server resources.
However, use of GRANT to create accounts or define nonprivilege
characteristics is deprecated in MySQL 5.7. Instead, perform these
tasks using CREATE USER or ALTER USER.
From the mysql program, GRANT responds with Query OK, 0 rows affected
when executed successfully. To determine what privileges result from
the operation, use SHOW GRANTS. See [HELP SHOW GRANTS].
URL: https://dev.mysql.com/doc/refman/5.7/en/grant.htmlmysql授权语句帮助在MySQL中,您可以使用GRANT语句来授予用户权限。以下是一些基本的GRANT语句的例子:
授予用户在所有数据库上的权限:
GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' IDENTIFIED BY 'password';
授予用户在特定数据库上的SELECT, INSERT, UPDATE权限:
GRANT SELECT, INSERT, UPDATE ON database_name.table_name TO 'username'@'localhost' IDENTIFIED BY 'password';
授予用户在所有数据库上的权限,但是只能从特定的IP地址连接:
GRANT ALL PRIVILEGES ON *.* TO 'username'@'192.168.1.100' IDENTIFIED BY 'password';
授予用户管理员权限(能够执行任何操作):
GRANT ALL ON *.* TO 'username'@'localhost';
记得在执行完GRANT语句后执行FLUSH PRIVILEGES;来刷新权限。
请根据实际需求和环境替换username, password, database_name, table_name和localhost为实际的用户名、密码、数据库名、表名和主机地址。
