We going to discuss about creating MySQL database and users with different permissions to manage our database. Assume that, your going to create database named linuxdb and user named linuxuser.
local@host # mysql
> CREATE DATABASE linuxdb;
Query OK, 0 rows affected (0.01 sec)
> CREATE USER linuxuser;
Query OK, 0 rows affected (0.0 sec)
> CREATE DATABASE linuxdb;
Query OK, 0 rows affected (0.01 sec)
> CREATE USER linuxuser;
Query OK, 0 rows affected (0.0 sec)
This will create a database "linuxdb" and user "linuxuser", as of now
this mysql user doesn't have any password. If you want to create mysql
user with password then use this query.
> CREATE USER 'linuxuser'@'localhost' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.02 sec)
Query OK, 0 rows affected (0.02 sec)
Permission Settings:
We need to map this user to our database with appropriate permissions.> GRANT ALL PRIVILEGES ON *.* TO 'linuxuser@'localhost' WITH GRANT OPTION;
Give permission with password,
> GRANT ALL PRIVILEGES ON *.* TO 'linuxuser'@'localhost' IDENTIFIED BY 'password';
Above query will give access to all the database, if want to make it more specific then add database name in place of *.* like this,
> GRANT ALL PRIVILEGES ON linuxdb.* TO 'linuxuser'@'localhost' WITH GRANT OPTION;
(or)
> GRANT ALL PRIVILEGES ON linuxdb.* TO 'linuxuser'@'localhost' IDENTIFIED BY 'password';
(or)
> GRANT ALL PRIVILEGES ON linuxdb.* TO 'linuxuser'@'localhost' IDENTIFIED BY 'password';
Note: Another asterisk (*) after database name refers all tables in that database, you may provide table name there incase you don't want give permisson to the whole database.
All GRANT queries we have seen now will give 'linuxuser' total control on databases, this means 'linuxuser' can select,alter,delete,drop,insert,update etc..
To create restricted access, you need to specify allowable permissions in place of "ALL" in grant query and these are permissions:
SELECT ,INSERT , UPDATE , DELETE , CREATE , DROP , FILE , REFERENCES, INDEX , ALTER , CREATE TEMPORARY TABLES, CREATE VIEW , SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE
Query given below is an example of setting permissions with few options to "linuxuser".
> GRANT SELECT, INSERT, CREATE VIEW, ALTER ON *.* TO 'inuxuser'@'localhost';
to be more specific,
> GRANT SELECT, INSERT, UPDATE, CREATE VIEW ON linuxdb.* TO 'linuxuser'@'localhost';
Revoking Permissions:
You've given permissions to the wrong user or in need of removing certain permissions to a user, then use 'revoke' query.> REVOKE ALL PRIVILEGES ON `linuxdb` . * FROM 'linuxuser'@'%';
(or)
> REVOKE ALL PRIVILEGES ON `linuxdb` . * FROM 'linuxuser'@'localhost';
(or)
> REVOKE ALL PRIVILEGES ON `linuxdb` . * FROM 'linuxuser'@'localhost';
Replace "ALL" in the above query with permission key we discussed above to remove only certain permissions.
Deleting Database and Users:
I think you'll have fair amount of understanding about MySQL DDL & DCL queries by reading my article this much, so following queries will become self explanatory for you.> DROP USER 'linuxuser'@'%';
Query OK, 0 rows affected (0.00 sec)
l> DROP DATABASE 'linuxdb';
Query OK, 0 rows affected, 2 warnings (0.07 sec)
Query OK, 0 rows affected (0.00 sec)
l> DROP DATABASE 'linuxdb';
Query OK, 0 rows affected, 2 warnings (0.07 sec)
Note : The '%' character is a wildcard that will match any host
Comments (0)