查看 MySQL 用戶權限是數據庫管理和安全審計的核心操作。下面為您提供一份從基礎到高級的完整指南。
SHOW GRANTS FOR CURRENT_USER();
SHOW GRANTS FOR 'username'@'host';
SHOW GRANTS FOR 'root'@'localhost';
SHOW GRANTS FOR 'app_user'@'%';
+---------------------------------------------------+
| Grants for root@localhost |
+---------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' |
+---------------------------------------------------+
WHERE User='username' AND Host='host';
SELECT * FROM mysql.tables_priv
WHERE User='username' AND Host='host';
SELECT * FROM mysql.columns_priv
WHERE User='username' AND Host='host';
WHEN u.Select_priv = 'Y' THEN '全局權限'
WHEN EXISTS (SELECT 1 FROM mysql.db WHERE db.User = u.User AND db.Host = u.Host) THEN '數據庫權限'
WHEN u.Select_priv = 'Y' THEN 'SELECT'
WHEN u.Insert_priv = 'Y' THEN ',INSERT'
SELECT User, Host FROM mysql.user WHERE Super_priv = 'Y';
SELECT User, Host FROM mysql.user WHERE Create_user_priv = 'Y';
SELECT User, Host FROM mysql.user WHERE File_priv = 'Y';
LEFT JOIN mysql.db db ON u.User = db.User AND u.Host = db.Host
WHERE u.User = 'username'
Process_priv as 'PROCESS',
CONCAT('\'', user, '\'@\'', host, '\'') as user_host,
IF(Select_priv = 'Y', 'SELECT', '') as select_priv,
IF(Insert_priv = 'Y', 'INSERT', '') as insert_priv,
IF(Update_priv = 'Y', 'UPDATE', '') as update_priv,
IF(Delete_priv = 'Y', 'DELETE', '') as delete_priv,
IF(Create_priv = 'Y', 'CREATE', '') as create_priv,
IF(Drop_priv = 'Y', 'DROP', '') as drop_priv,
IF(Grant_priv = 'Y', 'GRANT', '') as grant_priv,
IF(Super_priv = 'Y', 'SUPER', '') as super_priv
IF(Super_priv = 'Y', 'SUPER', NULL),
IF(File_priv = 'Y', 'FILE', NULL),
IF(Process_priv = 'Y', 'PROCESS', NULL),
IF(Shutdown_priv = 'Y', 'SHUTDOWN', NULL)
) as dangerous_privileges
CONCAT('SHOW GRANTS FOR \'', user, '\'@\'', host, '\';') as grant_command
SELECT * FROM information_schema.SCHEMA_PRIVILEGES
WHERE GRANTEE = "'username'@'host'";
SELECT * FROM information_schema.TABLE_PRIVILEGES
WHERE GRANTEE = "'username'@'host'";
SELECT * FROM information_schema.USER_PRIVILEGES
WHERE GRANTEE = "'username'@'host'";
SELECT 'SELECT' as privilege_type FROM mysql.user WHERE Select_priv = 'Y'
UNION ALL SELECT 'INSERT' FROM mysql.user WHERE Insert_priv = 'Y'
UNION ALL SELECT 'UPDATE' FROM mysql.user WHERE Update_priv = 'Y'
UNION ALL SELECT 'DELETE' FROM mysql.user WHERE Delete_priv = 'Y'
UNION ALL SELECT 'CREATE' FROM mysql.user WHERE Create_priv = 'Y'
ORDER BY user_count DESC;
(Select_priv = 'Y') + (Insert_priv = 'Y') + (Update_priv = 'Y') +
(Delete_priv = 'Y') + (Create_priv = 'Y') + (Drop_priv = 'Y') +
(Reload_priv = 'Y') + (Shutdown_priv = 'Y') + (Process_priv = 'Y') +
(File_priv = 'Y') + (Grant_priv = 'Y') + (References_priv = 'Y') +
(Index_priv = 'Y') + (Alter_priv = 'Y') + (Super_priv = 'Y') +
(Create_tmp_table_priv = 'Y') + (Lock_tables_priv = 'Y') +
(Execute_priv = 'Y') + (Repl_slave_priv = 'Y') + (Repl_client_priv = 'Y') +
(Create_view_priv = 'Y') + (Show_view_priv = 'Y') + (Create_routine_priv = 'Y') +
(Alter_routine_priv = 'Y') + (Create_user_priv = 'Y') + (Event_priv = 'Y') +
(Trigger_priv = 'Y') + (Create_tablespace_priv = 'Y') as total_privileges
ORDER BY total_privileges DESC;
CREATE VIEW user_privileges_audit AS
IF(u.Select_priv = 'Y', 'GLOBAL',
IF(EXISTS(SELECT 1 FROM mysql.db WHERE User = u.User AND Host = u.Host), 'DATABASE', 'RESTRICTED')
DATE(u.password_last_changed) as password_last_changed
SELECT User, Host FROM mysql.user
WHERE authentication_string = '' OR authentication_string IS NULL;
SELECT User, Host FROM mysql.user WHERE Host = '%';
SELECT User, Host FROM mysql.user
WHERE User NOT IN ('root', 'mysql.sys', 'mysql.session')
-- 檢查最近權限變更(需要啟用general log)
SELECT * FROM mysql.general_log
WHERE argument_text LIKE '%GRANT%' OR argument_text LIKE '%REVOKE%'
ORDER BY event_time DESC;
| **快速查看用戶權限** | `SHOW GRANTS FOR 'user'@'host';` |
| **查看所有用戶列表** | `SELECT User, Host FROM mysql.user;` |
| **安全檢查** | `SELECT User, Host FROM mysql.user WHERE Host = '%';` |
| **權限詳情分析** | 查詢 `mysql.user`, `mysql.db`, `mysql.tables_priv` 表 |
| **生成權限報告** | 使用權限匯總查詢腳本 |
1. `SHOW GRANTS;` - 查看當前用戶權限
2. `SHOW GRANTS FOR 'user'@'host';` - 查看指定用戶權限
3. `SELECT User, Host FROM mysql.user;` - 查看所有用戶
4. `SELECT * FROM mysql.db WHERE User='user';` - 查看數據庫權限
5. `SELECT * FROM mysql.user WHERE Super_priv='Y';` - 查找超級用戶
掌握這些權限查看方法�,您就能全面掌控 MySQL 的權限體系,有效進行安全審計和權限管理���。
另外搭配便捷的80kmMYSQL備份工具,可定時備份��、異地備份,MYSQL導出導入��������?杀镜剡B接LINUX里的MYSQL�,簡單便捷�?梢源蟠蟮靥岣吖ぷ餍枢�����。
