主頁 > 知識庫 > MySQL如何修改賬號的IP限制條件詳解

MySQL如何修改賬號的IP限制條件詳解

熱門標(biāo)簽:400電話申請什么好 電銷機(jī)器人價格多少錢一臺 好搜地圖標(biāo)注 電話機(jī)器人免費(fèi)嗎 百度地圖標(biāo)注地方備注 怎么申請400電話申請 龍圖酒吧地圖標(biāo)注 怎么辦理400電話呢 地圖標(biāo)注圖標(biāo)素材入駐

前言

最近在工作中遇到一個需求:修改MySQL用戶的權(quán)限,需要限制特定IP地址才能訪問,第一次遇到這類需求,結(jié)果在測試過程,使用更新系統(tǒng)權(quán)限報(bào)發(fā)現(xiàn)出現(xiàn)了一些問題, 具體演示如下.

注意:下面測試環(huán)境為MySQL 5.6.20. 如有其它版本與下面測試結(jié)果有出入,請以實(shí)際環(huán)境為準(zhǔn)。

我們先創(chuàng)建一個測試用戶LimitIP,只允許192.168段的IP地址訪問,具體權(quán)限如下所示:

mysql> GRANT SELECT ON MyDB.* TO LimitIP@'192.168.%' IDENTIFIED BY 'LimitIP';
Query OK, 0 rows affected (0.01 sec)
 
mysql> GRANT INSERT ,UPDATE,DELETE ON MyDB.kkk TO LimitIP@'192.168.%';
Query OK, 0 rows affected (0.00 sec)
 
mysql> 
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
 
mysql> 
 
mysql> show grants for LimitIP@'192.168.%';
+----------------------------------------------------------------------------------------------------------------+
| Grants for LimitIP@192.168.%                     |
+----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.%' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' |
| GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.%'                |
| GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.%'           |
+----------------------------------------------------------------------------------------------------------------+
3 rows in set (0.00 sec)
 
mysql>

假設(shè)現(xiàn)在收到需求:這個用戶只允許這個IP地址192.168.103.17訪問,于是我打算更新mysql.user表,如下所示:

mysql> select user, host from mysql.user where user='LimitIP';
+---------+-----------+
| user | host  |
+---------+-----------+
| LimitIP | 192.168.% |
+---------+-----------+
1 row in set (0.00 sec)
 
mysql> update mysql.user set host='192.168.103.17' where user='LimitIP';
Query OK, 1 row affected (0.02 sec)
Rows matched: 1 Changed: 1 Warnings: 0
 
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)
 
mysql> select user, host from user where user='LimitIP';
ERROR 1046 (3D000): No database selected
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Database changed
mysql> select user, host from user where user='LimitIP';
+---------+----------------+
| user | host   |
+---------+----------------+
| LimitIP | 192.168.103.17 |
+---------+----------------+
1 row in set (0.00 sec)
 
mysql> show grants for LimitIP@'192.168.103.17';
+---------------------------------------------------------------------------------------------------------------------+
| Grants for LimitIP@192.168.103.17                     |
+---------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' |
+---------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
 
mysql> 

上面測試發(fā)現(xiàn),如果這樣只修改mysql.user表, 那么之前的權(quán)限沒有了,如下所示,如果你查詢mysql.db、 mysql.tables_priv 發(fā)現(xiàn)Host的字段值依然為192.168.%

mysql> select * from mysql.db where user='LimitIP'\G;
*************************** 1. row ***************************
     Host: 192.168.%
     Db: MyDB
     User: LimitIP
   Select_priv: Y
   Insert_priv: N
   Update_priv: N
   Delete_priv: N
   Create_priv: N
   Drop_priv: N
   Grant_priv: N
  References_priv: N
   Index_priv: N
   Alter_priv: N
Create_tmp_table_priv: N
  Lock_tables_priv: N
  Create_view_priv: N
  Show_view_priv: N
 Create_routine_priv: N
 Alter_routine_priv: N
   Execute_priv: N
   Event_priv: N
   Trigger_priv: N
1 row in set (0.00 sec)
 
ERROR: 
No query specified
 
mysql> select * from mysql.tables_priv where user='LimitIP'\G;
*************************** 1. row ***************************
  Host: 192.168.%
   Db: MyDB
  User: LimitIP
 Table_name: kkk
 Grantor: root@localhost
 Timestamp: 0000-00-00 00:00:00
 Table_priv: Insert,Update,Delete
Column_priv: 
1 row in set (0.00 sec)
 
ERROR: 
No query specified

所以我繼續(xù)修改 mysql.db、 mysql.tables_priv 表,然后測試驗(yàn)證終于OK了(請見下面測試步驟),當(dāng)然如果賬戶的權(quán)限不止這幾個層面,你可能還必須修改例如mysql.columns_priv、mysql.procs_priv等表

mysql> show grants for LimitIP@'192.168.%';
ERROR 1141 (42000): There is no such grant defined for user 'LimitIP' on host '192.168.%'
mysql> 
mysql> 
mysql> update mysql.db set host='192.168.103.17' where user='LimitIP';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
 
mysql> update mysql.tables_priv set host='192.168.103.17' where user='LimitIP';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
 
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
 
mysql> show grants for LimitIP@'192.168.103.17';
+---------------------------------------------------------------------------------------------------------------------+
| Grants for LimitIP@192.168.103.17                     |
+---------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' |
| GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.17'                |
| GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.17'           |
+---------------------------------------------------------------------------------------------------------------------+
3 rows in set (0.00 sec)
 
mysql> 

如果需要修改用戶的IP限制,其實(shí)更新mysql相關(guān)權(quán)限表不是上上策,其實(shí)有更好的方法,那就是RENAME USER Syntax

mysql> RENAME USER 'LimitIP'@'192.168.103.17' TO 'LimitIP'@'192.168.103.18';
Query OK, 0 rows affected (0.00 sec)
 
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
 
mysql> show grants for 'LimitIP'@'192.168.103.18';
+---------------------------------------------------------------------------------------------------------------------+
| Grants for LimitIP@192.168.103.18                     |
+---------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.18' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' |
| GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.18'                |
| GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.18'           |
+---------------------------------------------------------------------------------------------------------------------+
3 rows in set (0.00 sec)
 
mysql> 

總結(jié)

以上就是這篇文章的全部內(nèi)容了,希望本文的內(nèi)容對大家的學(xué)習(xí)或者工作能帶來一定的幫助,如果有疑問大家可以留言交流,謝謝大家對腳本之家的支持。

您可能感興趣的文章:
  • mysql索引使用率監(jiān)控技巧(值得收藏?。?/li>
  • 當(dāng)Mysql行鎖遇到復(fù)合主鍵與多列索引詳解
  • MySQL索引不會被用到的情況匯總
  • MySQL查詢條件中in會用到索引嗎
  • mysql索引對排序的影響實(shí)例分析
  • MySQL分區(qū)表的局限和限制詳解
  • mysql查詢語句通過limit來限制查詢的行數(shù)
  • MySQL連接數(shù)超過限制的解決方法
  • MySQL索引長度限制原理解析

標(biāo)簽:浙江 廣西 固原 溫州 撫順 內(nèi)江 汕尾 防疫工作

巨人網(wǎng)絡(luò)通訊聲明:本文標(biāo)題《MySQL如何修改賬號的IP限制條件詳解》,本文關(guān)鍵詞  MySQL,如何,修改,賬,號的,;如發(fā)現(xiàn)本文內(nèi)容存在版權(quán)問題,煩請?zhí)峁┫嚓P(guān)信息告之我們,我們將及時溝通與處理。本站內(nèi)容系統(tǒng)采集于網(wǎng)絡(luò),涉及言論、版權(quán)與本站無關(guān)。
  • 相關(guān)文章
  • 下面列出與本文章《MySQL如何修改賬號的IP限制條件詳解》相關(guān)的同類信息!
  • 本頁收集關(guān)于MySQL如何修改賬號的IP限制條件詳解的相關(guān)信息資訊供網(wǎng)民參考!
  • 推薦文章