User Management (MySQL)

From vwiki
Jump to navigation Jump to search

Create Users and Grant/Revoke Privileges

To create a new user you need to specify the username, the location/IP address it will be connecting from (use % for any location), and their password 

 CREATE USER '<user>'@'localhost' identified by '<password>';

You can then give permissions to that user 

 GRANT ALL ON <dayabase>.* TO '<user>'@'localhost';

Depending on the version of MySQL running you can do this in one command (note that the WITH GRANT OPTION allows the user to create more users and/or grant privileges to users). 

 GRANT ALL PRIVILEGES on <database>.* to '<user>'@'%' identified by '<password>' WITH GRANT OPTION;

To give no privileges to a new user coming from a specific host; 

 GRANT USAGE on <database>.* to '<user>'@'<host>' identified by '<password>';

To give an existing user read-only access; 

 GRANT SELECT on <database>.* to '<user>'@'<host>';

To give an existing user web-user, read-only access to local database webdb; 

 GRANT SELECT ON webdb.* TO 'web-user'@'localhost';

To remove/revoke a privilege from an existing user web-user; 

 REVOKE SELECT ON webdb.* FROM 'web-user'@'localhost';

After making any changes to user privilages, you need to flush them to ensure they're applied... 

 FLUSH PRIVILEGES;

Delete Users

To remove an existing user use the following... 

 DROP USER '<user>'@'<host>';
  • You need to specify the full user@host entry (or MySQL assumes the wild-card host %)
  • Existing users sessions are not dropped, but will be unable to re-establish

Display Users

To display all configured users; 

SELECT CONCAT('SHOW GRANTS FOR \'', user ,'\'@\'', host, '\';') FROM mysql.user;

Then use the displayed lines to see the detail of each user

Change User Password

SET PASSWORD FOR 'user'@'%' = PASSWORD('newpass');
Retrieved from ‘https://vwiki.co.uk/index.php?title=User_Management_(MySQL)&oldid=2710