mysql> prompt \u@\h [\d] \r:\m:\s->
PROMPT set to '\u@\h [\d] \r:\m:\s->'
root@localhost [(none)] 09:18:10->\q
在my.cnf配置文件中,[mysql]模块下添加如下内容(注意,不是[mysqld])保存后,无需重启MySQL,退出当前session,重新登陆即可;如果在my.cnf中添加,可以用\,避免转义带来的问题
[root@192168066012_MySQL_5_7_27 ~]# vim /etc/my.cnf
[mysql]
prompt=\\u@\\h [\d] \\r:\\m:\\s->
默认情况下,MySQL中的命令是不区分大小写的;
help#可以查看具体命令的使用方法
root@localhost [(none)] 09:27:28->help show;
Name: 'SHOW'
Description:
SHOW has many forms that provide information about databases, tables,
columns, or status information about the server. This section describes
those following:
SHOW {BINARY | MASTER} LOGS
SHOW BINLOG EVENTS [IN 'log_name'] [FROM pos] [LIMIT [offset,] row_count]
SHOW CHARACTER SET [like_or_where]
SHOW COLLATION [like_or_where]
SHOW [FULL] COLUMNS FROM tbl_name [FROM db_name] [like_or_where]
SHOW CREATE DATABASE db_name
SHOW CREATE EVENT event_name
SHOW CREATE FUNCTION func_name
SHOW CREATE PROCEDURE proc_name
SHOW CREATE TABLE tbl_name
SHOW CREATE TRIGGER trigger_name
SHOW CREATE VIEW view_name
SHOW DATABASES [like_or_where]
SHOW ENGINE engine_name {STATUS | MUTEX}
SHOW [STORAGE] ENGINES
...省略
#MySQL单实例设置密码
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot password "boyu123"
#MySQL多实例设置密码
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot password 'boyu123' -S /application/mysql/data/3306/mysql.sock
#MySQL单实例修改密码
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 password 'boyu1234'
#MySQL多实例修改密码
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 password 'boyu1234' -S /application/mysql/data/3306/mysql.sock
#修改root密码为boyu123
root@localhost [(none)] 09:43:22->update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 0 Warnings: 1
#重新加载使配置立即生效
root@localhost [(none)] 09:44:33->flush privileges;
Query OK, 0 rows affected (0.00 sec)
提示:
a.必须指定where条件,否则密码全部被更改,危险!!!
b.必须使用password()函数来加密更改
单实例停止MySQL数据库
[root@192168066012_MySQL_5_7_27 ~]# /etc/init.d/mysqld stop
Shutting down MySQL. SUCCESS!
命令行输入如下命令
mysqld_safe --skip-grant-tables --user=mysql &
输入mysql可以直接跳过验证进入数据库
mysql
update 更新root密码
mysqladmin 优雅关闭数据库
mysql -uroot -pboyu123 就可以登录数据库了
提示:在启动时,加--skip-grant-tables参数,表示忽略授权表验证
#跳过授权表验证
[root@192168066012_MySQL_5_7_27 ~]# mysqld_safe --skip-grant-tables --user=mysql &
[1] 130775
[root@192168066012_MySQL_5_7_27 ~]# 2019-07-31T13:57:05.294289Z mysqld_safe Logging to '/application/mysql/logs/mysql_5_7_27.err'.
2019-07-31T13:57:05.327331Z mysqld_safe Starting mysqld daemon with databases from /application/mysql/data
#检查一下数据库进程
[root@192168066012_MySQL_5_7_27 ~]# ps -ef|grep 3306
root 359 99061 0 21:57 pts/1 00:00:00 grep --color=auto 3306
mysql 131036 130775 2 21:57 pts/1 00:00:00 /application/mysql/bin/mysqld --basedir=/application/mysql --datadir=/application/mysql/data --plugin-dir=/application/mysql/lib/plugin --user=mysql --skip-grant-tables --log-error=/application/mysql/logs/mysql_5_7_27.err --pid-file=/application/mysql/mysqld.pid --socket=/application/mysql/tmp/mysql.sock --port=3306
#无需密码,即可登入数据库
[root@192168066012_MySQL_5_7_27 ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
#更新root密码
root@localhost [(none)] 10:03:30->update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.01 sec)
Rows matched: 1 Changed: 0 Warnings: 1
#刷新授权表
root@localhost [(none)] 10:04:28->flush privileges;
Query OK, 0 rows affected (0.00 sec)
root@localhost [(none)] 10:04:32->\q
Bye
#优雅停止数据库
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -pboyu123 shutdown
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
2019-07-31T14:05:16.946425Z mysqld_safe mysqld from pid file /application/mysql/mysqld.pid ended
[1]+ Done mysqld_safe --skip-grant-tables --user=mysql
#启动数据库
[root@192168066012_MySQL_5_7_27 ~]# /etc/init.d/mysqld start
Starting MySQL. SUCCESS!
#此时,就可以使用新密码登录数据库了
[root@192168066012_MySQL_5_7_27 ~]# mysql -uroot -pboyu123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
root@localhost [(none)] 10:05:42->
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -p"boyu123" -S /application/mysql/data/3306/mysql.sock shutdown
[root@192168066012_MySQL_5_7_27 ~]# /application/mysql/bin/mysqld_safe --skip-grant-tables --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err &
[root@192168066012_MySQL_5_7_27 ~]# mysql -S /application/mysql/data/3306/mysql.sock
Welcome to the MySQL monitor. Commands end with ; or \g.
...省略
mysql> update mysql.user set authentication_string=password('boyu123') where user='root';
Query OK, 0 rows affected, 1 warning (0.01 sec)
Rows matched: 1 Changed: 0 Warnings: 1
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye
[root@192168066012_MySQL_5_7_27 ~]# mysqladmin -uroot -p"boyu123" -S /application/mysql/data/3306/mysql.sock shutdown
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
2019-08-08T03:37:09.248027Z mysqld_safe mysqld from pid file /application/mysql/data/3306/mysql.pid ended
[1]+ Done /application/mysql/bin/mysqld_safe --skip-grant-tables --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err
#启动3306数据库
[root@192168066012_MySQL_5_7_27 ~]# /application/mysql/bin/mysqld --port=3306 --user=mysql --character_set_server=utf8 --socket=/application/mysql/data/3306/mysql.sock --datadir=/application/mysql/data/3306/data --pid-file=/application/mysql/data/3306/mysql.pid --log-bin=/application/mysql/data/3306/mysql-bin --server-id=1 --log-error=/application/mysql/data/3306/mysql_boyu3306.err &
#新密码登录数据库
[root@192168066012_MySQL_5_7_27 ~]# mysql -uroot -pboyu123 -S /application/mysql/data/3306/mysql.sock
...省略
mysql>
SQL(Structured Query Language)是结构化查询语言(数据库查询和程序设计语言),它是一种对关系型数据库中的数据进行定义和操作的语言方法
a. DDL --- 数据定义语言(CREATE,ALTER,DROP)
全称(Data Definition Language),数据库中,创建新表或删除表,为表加入索引等,也是动作查询的一部分
b. DML --- 数据操作语言(SELECT,INSERT,DELETE,UPDATE)
全称(Data Manipulation Language),数据库中,修改和删除表中的行(数据),也称动作查询语言
c. DCL --- 数据控制语言(GRANT,REVOKE,COMMIT,ROLLBACK)
全称(Data Control Language),数据库中,获得许可,确定单个用户和用户组对数据库对象的访问
注意库名不能以数字开头
命令语法:create database <数据库名>
root@localhost [(none)] 10:20:09-> create database boyu;
root@localhost [(none)] 10:20:09-> create database boyu_gbk DEFAULT CHARACTER SET gbk COLLATE gbk_chinese_ci;
root@localhost [(none)] 10:20:09-> create database boyu_utf8 DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
root@localhost [(none)] 10:20:09-> show create database boyu_utf8\G
+-----------+--------------------------------------------------------------------+
| Database | Create Database |
+-----------+--------------------------------------------------------------------+
| boyu_utf8 | CREATE DATABASE "boyu_utf8" /*!40100 DEFAULT CHARACTER SET utf8 */ |
+-----------+--------------------------------------------------------------------+
1 row in set (0.00 sec)
提示:
a. 字符集的不一致是数据库中文内容乱码的罪魁祸首
b. 如果编译安装的时候,指定了特定的字符集,则以后创建对应字符集的数据库时,就不需要指定字符集了。
c. 企业里怎么创建数据库呢?
根据开发的程序确定字符集(一般是UTF8)
编译的时候指定字符集,然后再创建的时候,默认创建即可;例如:
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
create database boyu;
编译的时候没有指定字符集,或者指定了和程序不同的字符集,如何解决?
创建数据库的时候,指定字符集即可;
命令语法:show databases;
root@localhost [(none)] 10:31:00->show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| boyu |
| boyu_gbk |
| boyu_utf8 |
| mysql |
| performance_schema |
| sys |
+--------------------+
7 rows in set (0.00 sec)
root@localhost [(none)] 10:31:05->show databases like 'boyu';
+-----------------+
| Database (boyu) |
+-----------------+
| boyu |
+-----------------+
1 row in set (0.00 sec)
root@localhost [(none)] 10:31:36->show databases like 'boyu%';
+------------------+
| Database (boyu%) |
+------------------+
| boyu |
| boyu_gbk |
| boyu_utf8 |
+------------------+
3 rows in set (0.00 sec)
命令语法:drop database <数据库名称>
root@localhost [(none)] 10:31:43->drop database boyu_utf8;
Query OK, 0 rows affected (0.00 sec)
root@localhost [(none)] 10:39:10->help drop database;
Name: 'DROP DATABASE'
Description:
Syntax:
DROP {DATABASE | SCHEMA} [IF EXISTS] db_name
DROP DATABASE drops all tables in the database and deletes the
database. Be very careful with this statement! To use DROP DATABASE,
you need the DROP privilege on the database. DROP SCHEMA is a synonym
for DROP DATABASE.
命令语法:use <数据库名称>
root@localhost [(none)] 10:45:04->use boyu;
Database changed
root@localhost [boyu] 10:45:07->select database();
+------------+
| database() |
+------------+
| boyu |
+------------+
1 row in set (0.00 sec)
root@localhost [boyu] 10:45:24->select version();
+------------+
| version() |
+------------+
| 5.7.27-log |
+------------+
1 row in set (0.00 sec)
root@localhost [boyu] 10:45:33->select now();
+---------------------+
| now() |
+---------------------+
| 2019-07-31 22:45:53 |
+---------------------+
1 row in set (0.00 sec)
通过查看grant命令的帮助,可以很容易的找到创建用户并授权的例子
root@localhost [boyu] 10:45:53->help grant;
...省略
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost';
ALTER USER 'jeffrey'@'localhost' WITH MAX_QUERIES_PER_HOUR 90;
GRANT ALL ON db1.* TO 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
以上两条命令相当于下面一条命令:
GRANT ALL ON db1.* TO 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
grant语法:grant all privileges on dbname.* to ‘username’@‘localhost’ identified by 'mypass';
grant | all privileges | on dbname.* | to username@localhost | identified by 'mypass' |
---|---|---|---|---|
授权命令 | 对应权限 | 目标:库和表 | 用户名和客户端主机 | 用户密码 |
说明:授权localhost主机上通过用户username管理dbname数据库的所有权限,密码为passwd。其中username,dbname,passwd可根据业务的情况进行修改
root@localhost [boyu] 11:02:41->grant all privileges on boyu.* to 'boyu'@'localhost' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
root@localhost [boyu] 11:03:13->flush privileges;
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 11:06:03->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)
root@localhost [boyu] 11:10:18->show grants for 'boyu'@'localhost';
+--------------------------------------------------------+
| Grants for boyu@localhost |
+--------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu'@'localhost' |
| GRANT ALL PRIVILEGES ON "boyu".* TO 'boyu'@'localhost' |
+--------------------------------------------------------+
2 rows in set (0.00 sec)
根据grant命令语法,我们知道oldboy@localhost位置为授权访问数据库的主机,localhost可以用域名,IP段或IP地址来替代
a.百分号匹配法
root@localhost [boyu] 11:10:41->grant all on boyu.* to boyu@'192.168.66.%' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.01 sec)
root@localhost [boyu] 11:18:50->flush privileges;
Query OK, 0 rows affected (0.00 sec)
b.子网掩码配置法
root@localhost [boyu] 11:18:55->grant all on boyu.* to boyu1@'192.168.66.0/255.255.255.0' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
root@localhost [boyu] 11:19:34->flush privileges;
Query OK, 0 rows affected (0.00 sec)
c.授权单IP远程连接
root@localhost [boyu] 11:19:37->grant all on boyu.* to boyu2@'192.168.66.11' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
root@localhost [boyu] 11:19:44->flush privileges;
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 11:19:46->select user,host from mysql.user;
+-------+----------------------------+
| user | host |
+-------+----------------------------+
| boyu | 192.168.66.% |
| boyu1 | 192.168.66.0/255.255.255.0 |
| boyu2 | 192.168.66.11 |
| boyu | localhost |
| root | localhost |
+-------+----------------------------+
5 rows in set (0.00 sec)
root@localhost [boyu] 11:20:02->drop user 'boyu1'@'192.168.66.0/255.255.255.0';
Query OK, 0 rows affected (0.01 sec)
root@localhost [boyu] 12:47:53->delete from mysql.user where user='boyu2' and host='192.168.66.11';
Query OK, 1 row affected (0.00 sec)
root@localhost [boyu] 01:09:50->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)
root@localhost [boyu] 01:27:43->select user,host from mysql.user;
+------------+-----------+
| user | host |
+------------+-----------+
| BO#Y&U0@07 | boyu |
| boyu | localhost |
| root | localhost |
+------------+-----------+
3 rows in set (0.00 sec)
root@localhost [boyu] 01:30:05->delete from mysql.user where user='BO#Y&U0@07' and host='boyu';
Query OK, 1 row affected (0.00 sec)
root@localhost [boyu] 01:30:55->select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| boyu | localhost |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)
root@localhost [boyu] 01:31:01->flush privileges;
Query OK, 0 rows affected (0.00 sec)
SELECT | INSERT | UPDATE | DELETE | CREATE | DROP | INDEX | ALTER | CREATE TEMPORARY TABLES |
---|---|---|---|---|---|---|---|---|
查询 | 插入 | 更新 | 删除 | 创建库和表 | 删除库和表 | 索引 | 修改 | 创建临时表 |
LOCK TABLES | EXECUTE | CREATE VIEW | SHOW VIEW | CREATE ROUTINE | ALTER ROUTINE | EVENT | TRIGGER | REFERENCES |
---|---|---|---|---|---|---|---|---|
锁表 | 执行 | 创建视图 | 显示视图 | 创建存储过程 | 修改存储过程 | 事件 | 触发器 | 外键 |
提示:即在授权时,可以授权用户最小的满足业务需求的权限,而不是一味的授权"ALL PRIVILEGES"
root@localhost [boyu] 01:59:22->CREATE USER 'boyu1'@'localhost' IDENTIFIED BY 'boyu123';
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 02:00:20->grant select,insert,update,delete,create,drop ON `boyu`.* TO 'boyu1'@'localhost';
Query OK, 0 rows affected (0.00 sec)
root@localhost [boyu] 02:00:28->show grants for boyu1@localhost;
+---------------------------------------------------------------------------------------+
| Grants for boyu1@localhost |
+---------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu1'@'localhost' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON "boyu".* TO 'boyu1'@'localhost' |
+---------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
root@localhost [boyu] 01:58:31->grant select,insert,update,delete,create,drop on boyu.* to 'boyu2'@'localhost' identified by 'boyu123';
Query OK, 0 rows affected, 1 warning (0.01 sec)
root@localhost [boyu] 01:59:07->show grants for boyu2@localhost;
+---------------------------------------------------------------------------------------+
| Grants for boyu2@localhost |
+---------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'boyu2'@'localhost' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON "boyu".* TO 'boyu2'@'localhost' |
+---------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
对于web连接用户授权尽量采用最小化原则,很多开源软件都是web界面安装,因此,常规情况下授予select,insert,update,delete权限即可,例如discuz,bbs等开源软件,还需要授予create,drop比较危险的权限
root@localhost [boyu] 02:00:39-> grant select,insert,update,delete,create,drop ON blog.* to 'blog'@'192.168.66.%' identified by 'boyu123';
root@localhost [boyu] 02:00:39-> REVOKE create ON blog.* FROM 'blog'@'192.168.66.%';
root@localhost [boyu] 02:00:39-> REVOKE drop ON blog.* FROM 'blog'@'192.168.66.%';