MySQL Grant 帳號權限後,想要移除或修改權限該怎麼做?
關於 MySQL 帳號權限開放的命令,可以參考下述幾篇:
MySQL 帳號權限(Grant)的移除、修改
MySQL Grant 要修改權限,基本上只能移除再新增,不過移除、修改權限時,不用擔心會干擾到線上運作,全部修改都會在 flush privileges 或 MySQL restart 時才會生效。
查看 MySQL 帳號的權限
- mysql -u root -p mysql
- SELECT user,host FROM mysql.user;
- SHOW grants for 'user'@'host';
- ex: SHOW grants for 'root'@'localhost';
MySQL 帳號權限移除、修改
以下使用 backup@localhost 來做範例:
先開一個帳號 backup@localhost,拿來做備份用,然後開給 SELECT 權限,但是 mysqldump 需要 LOCK TABLES 的權限,如何做呢?
開 MySQL 帳號權限
- 開權限語法:grant SELECT,INSERT,UPDATE,DELETE ON `db`.* TO 'backup'@'localhost' IDENTIFIED BY 'password';
- grant SELECT ON `dbname`.* TO 'backup'@'localhost' IDENTIFIED BY 'password'; # 開 SELECT 權限
- grant SELECT ON *.* TO 'backup'@'localhost' IDENTIFIED BY 'password'; # 開 SELECT 權限
- flush privileges; # 更新授權權限
移除 MySQL 帳號權限
- revoke all privileges on *.* from 'backup'@'localhost';
- flush privileges; # 更新授權權限
修改 MySQL 帳號權限(移除再新增)
- SHOW grants for 'backup'@'localhost'; # 先把密碼 "*xxxxxxxx" 一大串複製下來
- revoke all privileges on *.* from 'backup'@'localhost'; # 移除所有權限
- GRANT SELECT,LOCK TABLES ON *.* TO 'backup'@'localhost' IDENTIFIED BY PASSWORD '*xxxxxxxxxx'; # 新增 SELECT, LOCK TABLS 的權限
- flush privileges; # 更新授權權限
相關網頁
- MySQL :: MySQL Enterprise Backup User's Guide (Version 3.9.0) :: 3.1.2 Grant MySQL Privileges to Backup Administrator
- MySQL :: MySQL 5.7 Reference Manual :: 13.7.1.4 GRANT Syntax
- Privileges of MySQL backup user for mysqldump
- How do I change the privileges for MySQL user that is already created?
