mysql删除无用用户
1、删除不用的账户
(1) 查看当前已存在账户
mysql> select user,host,password from mysql.user; 或下面的命令
#mysql> sELECT DISTINCT CONCAT('User: ''',user,'''@''',host,''';') AS query FROM mysql.user;
+---------------------------------------+
| query |
+---------------------------------------+
| User: 'root'@'127.0.0.1'; | #不要删
| User: 'wenqiang'@'172.16.1.%'; |
| User: 'root'@'localhost'; | #不要删
| User: 'root'@'localhost.localdomain'; |
+---------------------------------------+
4 rows in set (0.00 sec)
mysql> drop user wenqiang@'172.16.1.%'; #删除不需要的用户
(2) 授权用户时尽量不要使用%(该符号表示用户可以从任何地方都可以登陆)
授权格式:grant 权限 on 数据库.* to 用户名@用户所在网段 identified by "密码";
#只允许root用户从10.0.0.10登陆mysql并授予全库访问权限,同时为root用户设置密码123456
mysql> grant all on *.* to root@'10.0.0.10' identified by '123456';
#这种情况是只授权,root用户可以使用空密码从本地登录
mysql> grant all on *.* to root@'localhost';
#这种情况是root用户可以从本地登录,同时设置密码abc123(root用户可以设置多套登录密码)
mysql> grant all on *.* to root@'localhost' identified by 'abc123';
3、如果不小心把’root’@‘localhost’; 的授权删掉,应该这样解决
(1)这样登陆上去,并增加一条localhost的权限
[root@localhost ~]# mysql -uroot -p -h 127.0.0.1 #通过127.0.0.1登录上去
mysql> grant all on *.* to root@'localhost' identified by 'abc123'; #在增加一条localhost的授权
mysql> flush privileges;
新增加的root用户可能没有最高权限,见第3.1
3.1、当root用户无法给普通用户授权的时候
(1)登录mysql
[root@localhost ~]# mysql -uroot -p -h localhost
mysql> grant all on *.* to root@'localhost' identified by '123456';
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) #报错
(2)查看当前有哪些用户
mysql> SELECT DISTINCT CONCAT('User: ''',user,'''@''',host,''';') AS query FROM mysql.user;
+---------------------------------------+
| query |
+---------------------------------------+
| User: 'root'@'127.0.0.1'; | #使用 mysql -uroot -p -h127.0.0.1登录mysql授权没问题
| User: 'wenqiang'@'172.16.1.%'; |
| User: 'root'@'localhost'; | #我发现从localhost登录的root用户无法给普通用户授权
| User: 'root'@'localhost.localdomain'; |
+---------------------------------------+
4 rows in set (0.00 sec)
(3)查看该root用户的Grant_priv选项是Y还是N(N表示无权给普通用户授权)
mysql> select * from mysql.user where User='root' and Host='localhost'\G;
*************************** 1. row ***************************
Host: localhost
User: root
Password: *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Reload_priv: Y
Shutdown_priv: Y
Process_priv: Y
File_priv: Y
Grant_priv: N #无授权权限
References_priv: Y
Index_priv: Y
Alter_priv: Y
Show_db_priv: Y
Super_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Execute_priv: Y
Repl_slave_priv: Y
Repl_client_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
Create_user_priv: Y
Event_priv: Y
Trigger_priv: Y
Create_tablespace_priv: Y
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin: mysql_native_password
authentication_string:
password_expired: N
1 row in set (0.00 sec)
ERROR:
No query specified
(3)把Grant_priv选项的N改为Y就可以了
mysql> update mysql.user set Grant_priv='Y' where User='root' and Host='localhost';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
(4)退出重新登录mysql,再次给普通用户授权(一定要先退出mysql)
mysql> grant all on *.* to root@'localhost' identified by '123456';
Query OK, 0 rows affected (0.00 sec)