mysqld的–skip-grant-tables选项
这个选项会导致不使用权限系统来启动服务器,它将让任何用户可以访问服务器并且不受限制的访问所有数据库。在不使用授权表启动服务器后可以通过shell来执行mysqladmin flush-privileges或mysqladmin reload命令或者在连接到服务器后执行flush privileges语句来让正在运行的服务器再次使用授权表。
使用–skip-grant-tables选项启动服务器
[root@localhost mysql]# service mysqld stop Shutting down MySQL. SUCCESS! [root@localhost mysql]# service mysqld start --skip-grant-tables Starting MySQL.. SUCCESS!
现在就可以不使用用户和密码就可以登录服务器
[mysql@localhost ~]$ mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
现在可以执行mysqladin flush-privileges命令让正在运行的服务器再次使用授权表
[mysql@localhost ~]$ mysqladmin flush-privileges
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了
[mysql@localhost ~]$ mysql ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [mysql@localhost ~]$ mysql -uroot -pabcd mysql mysql: [Warning] Using a password on the command line interface can be insecure. Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 5 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
再次使用–skip-grant-tables选项启动服务器
[root@localhost mysql]# service mysqld stop Shutting down MySQL.. SUCCESS! [root@localhost mysql]# service mysqld start --skip-grant-tables Starting MySQL.. SUCCESS!
现在就可以不使用用户和密码就可以登录服务器
[mysql@localhost ~]$ mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
现在可以执行mysqladin reload命令让正在运行的服务器再次使用授权表
mysql@localhost ~]$ mysqladmin reload
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了
[mysql@localhost ~]$ mysql ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [mysql@localhost ~]$ mysql -uroot -pabcd mysql mysql: [Warning] Using a password on the command line interface can be insecure. Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 5 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
再次使用–skip-grant-tables选项启动服务器
[root@localhost mysql]# service mysqld stop Shutting down MySQL. SUCCESS! [root@localhost mysql]# service mysqld start --skip-grant-tables Starting MySQL.. SUCCESS!
现在就可以不使用用户和密码就可以登录服务器
[mysql@localhost ~]$ mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
现在可以执行flush privileges语句让正在运行的服务器再次使用授权表
mysql> flush privileges; Query OK, 0 rows affected (0.12 sec)
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了
[mysql@localhost ~]$ mysql ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [mysql@localhost ~]$ mysql -uroot -pabcd mysql mysql: [Warning] Using a password on the command line interface can be insecure. Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 5 Server version: 5.7.26-log Source distribution Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
–skip-grant-tables选项也可以在选项文件my.cnf中进行设置。这个选项还会导致服务器在启动过程中禁止加载用户定义函数(udf),调度事件和安装插件语句中安装的插件。为了以任何方式来加载插件,使用–plugin-load选项。–skip-grant-tables选项也会导致disabled_storage_engines系统变量失效。
flush privileges语句可以在服务器启动后通过执行其它操作来隐式执行。例如在升级过程中mysql_upgrade程序就会刷新权限。