MySQL 授予普通用户PROCESS权限
2017-08-24 10:37
387 查看
在MySQL中如何给普通用户授予查看所有用户线程/连接的权限,当然,默认情况下showprocesslist是可以查看当前用户的线程/连接的。
mysql>grantprocessonMyDB.*totest;
ERROR1221(HY000):IncorrectusageofDBGRANTandGLOBALPRIVILEGES
第一次授予这样的权限,错误原因是process权限是一个全局权限,不可以指定在某一个库上(个人测试库为MyDB),所以,把授权语句更改为如下即可:
mysql>grantprocesson*.*totest;
QueryOK,0rowsaffected(0.01sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.01sec)
如果不给拥有授予PROESS权限,showprocesslist命令只能看到当前用户的线程,而授予了PROCESS权限后,使用showprocesslist就能看到所有用户的线程。官方文档的介绍如下:
SHOWPROCESSLISTshowsyouwhichthreadsarerunning.YoucanalsogetthisinformationfromtheINFORMATION_SCHEMAPROCESSLISTtableorthemysqladminprocesslistcommand.IfyouhavethePROCESSprivilege,youcanseeallthreads.Otherwise,youcanseeonlyyourownthreads(thatis,threadsassociatedwiththeMySQLaccountthatyouareusing).IfyoudonotusetheFULLkeyword,onlythefirst100charactersofeachstatementareshownintheInfofield.
我们先创建下面账号test2,然后测试如下:
然后我们给用户test2授予process权限,如下所示,再测试showprocesslist就能看到所有用户的线程/连接信息(如果是之前已经建立连接的会话,必须退出重新登录,否则依然只能看到当前用户的线程。)
mysql>grantprocesson*.*totest2;
QueryOK,0rowsaffected(0.00sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.00sec)
ThePROCESSprivilegepertainstodisplayofinformationaboutthethreadsexecutingwithintheserver(thatis,informationaboutthestatementsbeingexecutedbysessions).TheprivilegeenablesuseofSHOWPROCESSLISTormysqladminprocesslisttoseethreadsbelongingtootheraccounts;youcanalwaysseeyourownthreads.ThePROCESSprivilegealsoenablesuseofSHOWENGINE.
如上官方文档所说,如果给用户授予了PROCESS权限,那么用户就拥有了使用SHOWENGINES命令的权限,如下所示:
mysql>grantprocessonMyDB.*totest;
ERROR1221(HY000):IncorrectusageofDBGRANTandGLOBALPRIVILEGES
第一次授予这样的权限,错误原因是process权限是一个全局权限,不可以指定在某一个库上(个人测试库为MyDB),所以,把授权语句更改为如下即可:
mysql>grantprocesson*.*totest;
QueryOK,0rowsaffected(0.01sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.01sec)
如果不给拥有授予PROESS权限,showprocesslist命令只能看到当前用户的线程,而授予了PROCESS权限后,使用showprocesslist就能看到所有用户的线程。官方文档的介绍如下:
SHOWPROCESSLISTshowsyouwhichthreadsarerunning.YoucanalsogetthisinformationfromtheINFORMATION_SCHEMAPROCESSLISTtableorthemysqladminprocesslistcommand.IfyouhavethePROCESSprivilege,youcanseeallthreads.Otherwise,youcanseeonlyyourownthreads(thatis,threadsassociatedwiththeMySQLaccountthatyouareusing).IfyoudonotusetheFULLkeyword,onlythefirst100charactersofeachstatementareshownintheInfofield.
我们先创建下面账号test2,然后测试如下:
Type'help;'or'\h'forhelp.Type'\c'toclearthecurrentinputstatement.
mysql>grantselect,insert,update,deleteonMyDB.*totest2@'%'identifiedby'test2';
QueryOK,0rowsaffected(0.00sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.01sec)
mysql>selectuser();
+-----------------+
|user()|
+-----------------+
|test2@localhost|
+-----------------+
1rowinset(0.00sec)
mysql>showprocesslist;
+----+-------+-----------+------+---------+------+-------+------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+------------------+
|25|test2|localhost|NULL|Query|0|init|showprocesslist|
+----+-------+-----------+------+---------+------+-------+------------------+
1rowinset(0.00sec)
mysql>showfullprocesslist;
+----+-------+-----------+------+---------+------+-------+-----------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+-----------------------+
|25|test2|localhost|NULL|Query|0|init|showfullprocesslist|
+----+-------+-----------+------+---------+------+-------+-----------------------+
1rowinset(0.01sec)
mysql>
然后我们给用户test2授予process权限,如下所示,再测试showprocesslist就能看到所有用户的线程/连接信息(如果是之前已经建立连接的会话,必须退出重新登录,否则依然只能看到当前用户的线程。)
mysql>grantprocesson*.*totest2;
QueryOK,0rowsaffected(0.00sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.00sec)
mysql>showprocesslist;
+----+-------+-----------+------+---------+------+-------+------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+------------------+
|19|root|localhost|NULL|Sleep|16||NULL|
|22|test|localhost|MyDB|Sleep|738||NULL|
|24|test|localhost|NULL|Sleep|692||NULL|
|25|test2|localhost|NULL|Sleep|531||NULL|
|27|test2|localhost|NULL|Query|0|init|showprocesslist|
+----+-------+-----------+------+---------+------+-------+------------------+
5rowsinset(0.00sec)
mysql>
ThePROCESSprivilegepertainstodisplayofinformationaboutthethreadsexecutingwithintheserver(thatis,informationaboutthestatementsbeingexecutedbysessions).TheprivilegeenablesuseofSHOWPROCESSLISTormysqladminprocesslisttoseethreadsbelongingtootheraccounts;youcanalwaysseeyourownthreads.ThePROCESSprivilegealsoenablesuseofSHOWENGINE.
如上官方文档所说,如果给用户授予了PROCESS权限,那么用户就拥有了使用SHOWENGINES命令的权限,如下所示:
mysql>selectuser();
+----------------+
|user()|
+----------------+
|test@localhost|
+----------------+
1rowinset(0.00sec)
mysql>showengines;
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
|Engine|Support|Comment|Transactions|XA|Savepoints|
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
|MRG_MYISAM|YES|CollectionofidenticalMyISAMtables|NO|NO|NO|
|CSV|YES|CSVstorageengine|NO|NO|NO|
|MyISAM|YES|MyISAMstorageengine|NO|NO|NO|
|BLACKHOLE|YES|/dev/nullstorageengine(anythingyouwritetoitdisappears)|NO|NO|NO|
|MEMORY|YES|Hashbased,storedinmemory,usefulfortemporarytables|NO|NO|NO|
|InnoDB|DEFAULT|Supportstransactions,row-levellocking,andforeignkeys|YES|YES|YES|
|ARCHIVE|YES|Archivestorageengine|NO|NO|NO|
|PERFORMANCE_SCHEMA|YES|PerformanceSchema|NO|NO|NO|
|FEDERATED|NO|FederatedMySQLstorageengine|NULL|NULL|NULL|
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
9rowsinset(0.00sec)
mysql>
相关文章推荐
- mysql 给普通用户public授予创建存储函数、存储过程的权限
- Windows下降权MYSQL和apche的运行级别(普通用户权限运行)
- 把视图查询权限授予普通用户
- Windows下降权MYSQL和apche的运行级别(普通用户权限运行)
- mysql下普通用户备份数据库时无lock tables权限的解决方法
- mysql 创建用户 授予权限
- MySQL创建普通用户、分配权限、删除用户、修改用户密码
- 【MySQL】创建普通用户,分配权限,取消权限
- mysql 创建用户 授予权限
- 在Mysql下查看给某个用户授予什么样的权限
- 【MySQL】创建普通用户,分配权限,取消权限
- 普通用户权限下安装mysql
- mysql授予用户权限
- 在Mysql下查看给某个用户授予什么样的权限
- Oracle数据库案例整理-登录Oracle数据库失败-Oracle初始化参数设置错误导致普通用户授予sysdba权限登录失败
- 把视图查询权限授予普通用户
- 详解mysql8.0创建用户授予权限报错解决方法
- CentOS 系统给mysql创建用户并授予远程访问权限
- mysql创建用户和授予权限
- 普通用户授予select any table 权限