1.密码管理

重置密码

手贱执行如下命令?

truncate mysql.user;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
极度危险命令:清空所有表
truncate mysql.user;

重启后不能登录
[root@db02 ~]# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

解决:(mysql8.0版本之前)
	1.修改配置文件  /etc/my.cnf
		在[mysqld]部分下添加或确保存在skip-grant-tables选项。跳过权限检查
	2.重启mysql
		systemctl restart mysqld
	3.使用msyql进入创建一个新的root用户(出现报错)
		mysql> grant all on *.* to root@'localhost' identified by '';
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
	4.刷新权限
		flush privileges;
	5.再次执行创建用户命令
		grant all on *.* to root@'localhost' identified by '' with grant option;
		
mysql> grant all on *.* to root@'localhost' identified by '';
Query OK, 0 rows affected (0.00 sec)

	6.退出mysql并修改配置文件,  删除跳过权限检查   重启
	
	7.mysql重新登录并查看表
	mysql> select user,host from mysql.user;
+------+-----------+
| user | host      |
+------+-----------+
| root | localhost |
+------+-----------+
1 row in set (0.00 sec)

mysql>

修改密码

1
2
3
4
5
6
7
8
9
#1.mysqladmin命令
#mysqladmin是一个用于管理MySQL服务器的命令行工具,它也可以用来修改密码。使用mysqladmin时,你不需要先登录到MySQL数据库。
mysqladmin -u username -p'old_password' password 'new_password'

#2.MySQL 5.7及之前版本
SET PASSWORD FOR 'username'@'localhost' = PASSWORD('new_password');

#3.MySQL 8.0及更高版本
ALTER USER 'username'@'localhost' IDENTIFIED BY 'new_password';

忘记密码重置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#1.停止MySQL服务:
sudo systemctl stop mysqld

#2.启动MySQL的安全模式(跳过权限表):
sudo mysqld_safe --skip-grant-tables &

#3.登录到MySQL:
mysql -u root
在MySQL提示符下输入:
FLUSH PRIVILEGES;

#4.重置密码:
#MySQL 5.7及以上版本,使用以下命令:
ALTER USER 'root'@'localhost' IDENTIFIED BY '新密码';

#MySQL 5.6及以下版本,使用以下命令:
UPDATE mysql.user SET authentication_string=PASSWORD('新密码') WHERE User='root' AND Host='localhost';

#5.刷新权限:
#在MySQL提示符下输入:
FLUSH PRIVILEGES;

#6.退出MySQL:
EXIT;

#停止MySQL的安全模式并重新启动MySQL服务:
#启动安全模活动的pid号并杀掉
ps -ef |grep [m]ysqld_safe
root      10170   7166  0 15:42 pts/0    00:00:00 /bin/sh /app/mysql...
kill -9 10170
#重启MySQL
systemctl restart mysqld

2.用户权限管理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
MySQL中用户定义:
'用户名'@'主机域'

主机域:(常用)
10.0.0.5%   包含:    10.0.0.50-10.0.0.59 ~ 10.0.0.5
localhost
10.0.0.%

不常用:
10.0.%.% 10.0.0-255.1-255
10.%.%.%
%
10.0.0.0/255.255.255.0

grant all on *.* to test2@'10.0.0.0/255.255.255.0' identified by '123';

MySQL的增删改查

1
2
3
4
5
6
7
8
9
10
#创建用户
1)先创建用户在授权
mysql> create user zls2@'localhost' identified by '123';
mysql> grant all on *.* to zls2@'localhost';

2)直接创建加授权
mysql> grant all on *.* to zls3@'localhost' identified by '123';

3)向表里插入数据(不推荐)
mysql> insert into mysql.user values ('localhost','root',PASSWORD('123')...

1
2
3
4
5
6
7
#删除用户
1)drop user '用户名'@'主机域'
mysql> drop user zls3@'localhost';

2)使用delete指定用户名和主机域
mysql> delete from mysql.user where user='root' and host='10.0.0.%';

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#修改密码
1)命令行修改
mysqladmin -u'用户' -p'旧密码' password '新密码'
mysqladmin -uzls1 -p123 password '111'

2)MySQL5.7以上版本专用
mysql> alter user zls1@'localhost' identified by '123';

3)修改当前登录的用户密码
mysql> set password=PASSWORD('222');

4)只有在使用update修改用户密码时,才需要执行flush privileges;

`MySQL5.6`
mysql> update mysql.user set password=PASSWORD('333') where user='root' and
host='localhost';
mysql> flush privileges; // 危险,全局SQL语句

`MySQL5.7`
mysql> update mysql.user set authentication_string=PASSWORD('333') where
user='root' and host='localhost';
mysql> flush privileges; 				// 危险,全局SQL语句

5)使用grant方式改
mysql> grant all on *.* to root@'localhost' identified by '1111';

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
## 查:查询用户
#查看用户和主机域
mysql> select user,host from mysql.user;
+------+-----------+
| user | host      |
+------+-----------+
| root | localhost |
+------+-----------+
1 row in set (0.00 sec)

#格式化输出
mysql> select * from mysql.user\G
*************************** 1. row ***************************
                  Host: localhost
                  User: root
              Password: 
           Select_priv: Y
           Insert_priv: Y
           Update_priv: Y
           Delete_priv: Y
           Create_priv: Y
             Drop_priv: Y
           Reload_priv: Y
         Shutdown_priv: Y
          Process_priv: Y
             File_priv: Y
            Grant_priv: Y
            
#查看如何授权
mysql> show grants for root@'localhost';
+---------------------------------------------------------------------+
| Grants for root@localhost                                           |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
| GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION        |
+---------------------------------------------------------------------+

MySQL权限管理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#所有权限
INSERT,SELECT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE,
REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK
TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW,
CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE

#创建的用户加上创建权限
	with grant option


#两种写法一样
grant all on *.* to root@'10.0.0.%' identified by '123' with grant option;
grant all privileges on *.* to 'root'@'localhost' identified by '123' with grant option;
权限 作用对象 归属 密码

#给开发权限
INSERT,SELECT, UPDATE

#设置权限
grant all on *.*				[当前MySQL实例中所有库下的所有表]
grant all on wordpress.* [当前MySQL实例中wordpress库中所有表(单库级别)] (常用)
grant all on wordpress.user [当前MySQL实例中wordpress库中的user表(单表级别)]

#如何授权只有字段权限  脱敏处理
mysql> grant insert,select(user,host), update on mysql.user to dev1@'localhost' identified by '123';


# 开发让你开用户流程审批工单
开发 -> 开发总监 -> 运维总监 -> 你
	1.用户名
	2.从哪连
	3.密码
	4.用户
	5.操作的库表

3.连接及启动管理

连接管理

1
2
3
4
5
6
7
[root@db01 ~]# mysql
-u:指定用户
-p:指定密码
-h:指定主机
-S:指定socket
-P:指定端口
-e:免交互指定MySQL的SQL语句

MySQL启动关闭流程

QQ_1723257413195

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# 启动
/etc/init.d/mysqld start
systemctl mysqld start
mysqld_safe --defaults-file=/etc/my.cnf &

# 停止
/etc/init.d/mysqld stop
systemctl mysqld stop
[root@db01 ~]# mysqladmin -uroot -p123 shutdown

# 以下停止方式别用
kill -9 pid ?
killall mysqld ?
pkill mysqld ?
pkill -9 mysqld ?

MySQL启动配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
预编译:MySQL配置 datadir=/app/mysql/data
配置文件:MySQL配置 datadir=/app/tmp/data
命令行:mysqld_safe --datadir=/app/xxx/data

配置文件:
/etc/my.cnf
/etc/mysql/my.cnf
$besedir/my.cnf
mysqld_safe --defaults-extra-file=/opt/my.cnf
~/.my.cnf

## 当MySQL启动时,指定了该参数,那么其他配置文件都不读取 --defaults-file
思考:socket文件在哪?(怎么加载配置文件)
# cmake:
socket=/application/mysql/tmp/mysql.sock
# 命令行:
--socket=/tmp/mysql.sock
# 配置文件:
/etc/my.cnf中[mysqld]标签下:socket=/opt/mysql.sock
# default参数:
--defaults-file=/tmp/a.txt配置文件中[mysqld]标签下:socket=/tmp/test.sock

#命令行优先级最高,所以最后socket文件会在
/tmp/mysql.sock



## 在相同配置情况下,配置生效的优先级
预编译 < 配置文件 ( /etc/my.cnf < /etc/mysql/my.cnf < $besedir/my.cnf < defaults-extra-file < ~/.my.cnf < defaults-file ) < 命令行