课程名称:课程版本(301)+ 3.3 TiDB Database Administration(TiDB 数据库管理操作)
学习时长:12分钟
课程收获:了解并掌握如何创建账户权限及相关操作
课程内容:
1.用户账户管理
1)创建账号并设置密码以及赋权
create user ‘finley’@’localhost’ identified by ‘some_pass’;
grant all privileges on . to ‘finley’@’localhost’ whith grant option;
create user ‘finley’@’% identified by ‘some_pass’;
grant all privileges on . to ‘finley’@’% whith grant option;
create user ‘admin@’localhost’ identified by ‘some_pass’;
grant reload,process on . to ‘admin@’localhost’;
create user ‘dummy’@’localhost’
2)查看现有账号权限
show grants for ‘admin’@’localhost’;
存放权限的系统表mysql.user mysql.db mysql.tables_priv
3)密码设置
A) 创建用户时候指定密码
Eg:create user ‘alica’@’localhost’ identified by ‘pass’;
B) 更改密码
set password for ‘root’@’%’ =’newpass’;
alter user ‘root’@’localhost’ identified by ‘newpass’;
4) 删除用户
drop user ‘alcs’@‘localhost’;
5)root 用户密码重置
A)配置文件跳过密码
[security]
Skip-grant-table = true
2.账户登陆
mysql -h 127.0.0.1 -P4000 -uroot
3.用户权限设置
1)赋权
grant all privileges on test.db1 to ‘test’@’%’;
grant select on test.* to ‘test’@’%’;
grant update on . to ‘test’,’%’;
grant all privilegs on ‘te%’.* to ‘test’@’%’
2)回收权限
revoke update on . to ‘test’,’%’;
revoke all privileges on test.db1 to ‘test’@’%’;
3)权限生效
flush privileges;
4) 一部分常用的权限 tidb是不支持的
file usage shutdown execute process index
列级别权限控制 tidb不支持
4.角色访问控制,Role语法兼容mysql 8.0
1)创建role
creat role test@‘%’
2)删除role
drop role test@’%’
3)对role 授权和取消权限
grant select on . to ‘test’@’%’;
grant all privileges on test.* to ‘test’@‘%’;
revoke all privileges on test.* from ‘test’@’%’;
4)一般role 是自动生成的,如果需要做改变需要set改变
set default role ‘add_developer’,’add_admin’ to ‘test’@’localhost’;
set default role all to ‘test’@’localhost’;
set default role none ro ‘test’@’localhost’;
set role ‘app_developer’,’app_admin’;
set role default;
set role all;
set role none;
set role all except ‘app_admin’;
学习过程中参考的其他资料