您的位置:首页 > 数据库 > MySQL

MySQL 授予普通用户PROCESS权限

2017-08-24 10:37 387 查看
在MySQL中如何给普通用户授予查看所有用户线程/连接的权限,当然,默认情况下showprocesslist是可以查看当前用户的线程/连接的。

mysql>grantprocessonMyDB.*totest;

ERROR1221(HY000):IncorrectusageofDBGRANTandGLOBALPRIVILEGES

第一次授予这样的权限,错误原因是process权限是一个全局权限,不可以指定在某一个库上(个人测试库为MyDB),所以,把授权语句更改为如下即可:

mysql>grantprocesson*.*totest;

QueryOK,0rowsaffected(0.01sec)

mysql>flushprivileges;

QueryOK,0rowsaffected(0.01sec)

如果不给拥有授予PROESS权限,showprocesslist命令只能看到当前用户的线程,而授予了PROCESS权限后,使用showprocesslist就能看到所有用户的线程。官方文档的介绍如下:

SHOWPROCESSLISTshowsyouwhichthreadsarerunning.YoucanalsogetthisinformationfromtheINFORMATION_SCHEMAPROCESSLISTtableorthemysqladminprocesslistcommand.IfyouhavethePROCESSprivilege,youcanseeallthreads.Otherwise,youcanseeonlyyourownthreads(thatis,threadsassociatedwiththeMySQLaccountthatyouareusing).IfyoudonotusetheFULLkeyword,onlythefirst100charactersofeachstatementareshownintheInfofield.

我们先创建下面账号test2,然后测试如下:

Type'help;'or'\h'forhelp.Type'\c'toclearthecurrentinputstatement.
mysql>grantselect,insert,update,deleteonMyDB.*totest2@'%'identifiedby'test2';
QueryOK,0rowsaffected(0.00sec)
mysql>flushprivileges;
QueryOK,0rowsaffected(0.01sec)


mysql>selectuser();
+-----------------+
|user()|
+-----------------+
|test2@localhost|
+-----------------+
1rowinset(0.00sec)
mysql>showprocesslist;
+----+-------+-----------+------+---------+------+-------+------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+------------------+
|25|test2|localhost|NULL|Query|0|init|showprocesslist|
+----+-------+-----------+------+---------+------+-------+------------------+
1rowinset(0.00sec)
mysql>showfullprocesslist;
+----+-------+-----------+------+---------+------+-------+-----------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+-----------------------+
|25|test2|localhost|NULL|Query|0|init|showfullprocesslist|
+----+-------+-----------+------+---------+------+-------+-----------------------+
1rowinset(0.01sec)
mysql>






然后我们给用户test2授予process权限,如下所示,再测试showprocesslist就能看到所有用户的线程/连接信息(如果是之前已经建立连接的会话,必须退出重新登录,否则依然只能看到当前用户的线程。)

mysql>grantprocesson*.*totest2;

QueryOK,0rowsaffected(0.00sec)

mysql>flushprivileges;

QueryOK,0rowsaffected(0.00sec)

mysql>showprocesslist;
+----+-------+-----------+------+---------+------+-------+------------------+
|Id|User|Host|db|Command|Time|State|Info|
+----+-------+-----------+------+---------+------+-------+------------------+
|19|root|localhost|NULL|Sleep|16||NULL|
|22|test|localhost|MyDB|Sleep|738||NULL|
|24|test|localhost|NULL|Sleep|692||NULL|
|25|test2|localhost|NULL|Sleep|531||NULL|
|27|test2|localhost|NULL|Query|0|init|showprocesslist|
+----+-------+-----------+------+---------+------+-------+------------------+
5rowsinset(0.00sec)
mysql>


ThePROCESSprivilegepertainstodisplayofinformationaboutthethreadsexecutingwithintheserver(thatis,informationaboutthestatementsbeingexecutedbysessions).TheprivilegeenablesuseofSHOWPROCESSLISTormysqladminprocesslisttoseethreadsbelongingtootheraccounts;youcanalwaysseeyourownthreads.ThePROCESSprivilegealsoenablesuseofSHOWENGINE.

如上官方文档所说,如果给用户授予了PROCESS权限,那么用户就拥有了使用SHOWENGINES命令的权限,如下所示:

mysql>selectuser();
+----------------+
|user()|
+----------------+
|test@localhost|
+----------------+
1rowinset(0.00sec)
mysql>showengines;
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
|Engine|Support|Comment|Transactions|XA|Savepoints|
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
|MRG_MYISAM|YES|CollectionofidenticalMyISAMtables|NO|NO|NO|
|CSV|YES|CSVstorageengine|NO|NO|NO|
|MyISAM|YES|MyISAMstorageengine|NO|NO|NO|
|BLACKHOLE|YES|/dev/nullstorageengine(anythingyouwritetoitdisappears)|NO|NO|NO|
|MEMORY|YES|Hashbased,storedinmemory,usefulfortemporarytables|NO|NO|NO|
|InnoDB|DEFAULT|Supportstransactions,row-levellocking,andforeignkeys|YES|YES|YES|
|ARCHIVE|YES|Archivestorageengine|NO|NO|NO|
|PERFORMANCE_SCHEMA|YES|PerformanceSchema|NO|NO|NO|
|FEDERATED|NO|FederatedMySQLstorageengine|NULL|NULL|NULL|
+--------------------+---------+----------------------------------------------------------------+--------------+------+------------+
9rowsinset(0.00sec)
mysql>

                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航