azhou 2020-04-20
系统:centos7
mysql版本:5.7
修改 vi /etc/my.cnf
添加
[mysqld]
skip-grant-tables
重启mysql
service mysqld restart
进入mysql
mysql -uroot
进入后修改密码为abc.123
update mysql.user set authentication_string=password(‘abc.123‘) where user=‘root‘;
flush privileges;
quit退出后,重启mysql
systemctl restart mysqld
测试,使用密码 abc.123
mysq -uroot -p
授权其他IP访问,%任何主机,如果是某网段为 192.168%
grant all privileges on *.* to ‘root‘@‘%‘ identified by ‘abc.123‘ with grant option;
flush privileges;
另外:对应之前只限定某个test用户,只能从某个具体IP访问,比如之前已经授权了192.168.1.1访问,现在要授权test,192.168.1.2访问
还是用如下授权就报错
grant all privileges on *.* to ‘test‘@‘192.168.0.14‘;
需要先新增一条记录,再授权就不会报错。
CREATE USER ‘test‘@‘192.168.0.14‘ IDENTIFIED WITH mysql_native_password BY ‘password‘;
grant all privileges on *.* to ‘test‘@‘192.168.0.14‘;
flush privileges;
授权部分所有 db*数据库
grant all on db.* to ‘user‘@‘%‘ identified by "abc.123" with grant option;
注意:如果密码策略不允许,执行如下(测试环境下使用,生产环境不能这么做)
set global validate_password_policy=LOW; #设置密码强度,默认中,设置为低
set global validate_password_length=6; #密码长度
SHOW VARIABLES LIKE ‘validate_password%‘;#查看
回收权限
REVOKE ALL PRIVILEGES ON db.* FROM root;