MySQL创建数据库与用户以及授权

创建数据库

create database [数据库名称] default character set utf8 collate utf8_general_ci;

mysql> CREATE DATABASE test DEFAULT CHARACTER SET utf8 collate utf8_general_ci

创建用户

create user ‘[用户名称]’@’%’ identified by ‘[用户密码]’;

创建用户。’localhost’，代表只能本地访问，例如root账户默认为‘localhost‘。

mysql> CREATE USER 'finley'@'localhost' IDENTIFIED BY 'some_pass';

创建用户。’%’：所有远程主机访问。

mysql> CREATE USER 'finley'@'%' IDENTIFIED BY 'some_pass';

授权

用户授权数据库。*代表整个数据库
GRANT privileges ON databasename.tablename TO ‘username’@’host’ [with grant option ]
with grant option：允许被授予权限的人把这个权限授予其他的人。
一般用不到。实际中，数据库权限最好由 DBA 来统一管理。

mysql> GRANT SELECT,UPDATE ON test to testuser2

授权用户只能本地访问

mysql> GRANT ALL PRIVILEGES ON *.* TO 'finley'@'localhost'
    ->     WITH GRANT OPTION;

授权用户可以远程访问

mysql> GRANT ALL PRIVILEGES ON *.* TO 'finley'@'%'
    ->     WITH GRANT OPTION;

-- finley对test有所有权限。
mysql> GRANT ALL PRIVILEGES ON test.* TO 'finley'@'%' IDENTIFIED BY 'some_pass';

-- finley对test有select,delete,update,create,drop权限。
mysql> GRANT SELECT,DELETE,UPDATE,CREATE,DROP ON test.* TO finley@'%' IDENTIFIED BY 'some_pass';

重新载入赋权表

mysql> FLUSH PRIVILEGES;

要远程连接，还需要设置/etc/mysql/mysql.conf.d/mysqld.cnf

#只允许localhost访问
#bind-address = 127.0.0.1
bind-address = 0.0.0.0

解除授权

revoke 跟 grant 的语法差不多，只需要把关键字 “to” 换成 “from”：

--解除用户所有数据库（表）的所有权限(不包含赋权权限) 
mysql> REVOKE ALL PRIVILEGES ON *.* FROM finley;
--解除赋权权限  
mysql> REVOKE GRANT OPTION ON *.* FROM finley;  

删除用户

mysql> DELETE FROM mysql.user WHERE user='finley';

设置与更改用户密码

SET PASSWORD FOR ‘username’@’host’ = PASSWORD(‘newpassword’);
如果是当前登陆用户用:
SET PASSWORD = PASSWORD(“newpassword”);

mysql> SET PASSWORD FOR 'finley'@'%' = PASSWORD("123456");

参考：https://dev.mysql.com/doc/refman/5.7/en/adding-users.html