Skip to content

Commit 7c808f3

Browse files
AnuragAnalogAnuragAnalog
committed
2 parents e4966a2 + cee60e9 commit 7c808f3

File tree

1 file changed

+91
-1
lines changed

1 file changed

+91
-1
lines changed

README.md

Lines changed: 91 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -368,6 +368,96 @@ create table emp_dup like employee;
368368
create table emp_dup select * from employee;
369369
```
370370

371+
## Access Controls
372+
373+
#### Creating New User
374+
```sql
375+
CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
376+
```
377+
the hostname part is set to `localhost`, so the user will be able to connect to the MySQL server only from the localhost.
378+
To grant access from another host, change the hostname part with the remote machine IP.
379+
```sql
380+
CREATE USER 'username'@'172.8.10.5' IDENTIFIED BY 'user_password';
381+
```
382+
To create a user that can connect from any host, '%' is used in the hostname part:
383+
```sql
384+
CREATE USER 'username'@'%' IDENTIFIED BY 'user_password';
385+
```
386+
387+
#### Grant All Permissions
388+
```sql
389+
GRANT ALL PRIVILEGES ON * . * TO 'username'@'localhost';
390+
```
391+
Asterisks(\*) refers to the database and table names respectively.
392+
By using asterisks we can give access of all the databases **or** tables to the user.
393+
394+
#### Flush Privileges
395+
```sql
396+
FLUSH PRIVILEGES
397+
```
398+
All the changes won't be in effect unless this query is fired.
399+
400+
#### Specific User Permissions
401+
```sql
402+
GRANT type_of_permission ON database_name.table_name TO 'username'@'localhost';
403+
```
404+
`type_of_permission` may have one of these value:
405+
* **ALL PRIVILEGES** - Allows user full access to a designated database (or if no database is selected, global access across the system).
406+
* **CREATE** - allows them to create new tables or databases.
407+
* **DROP** - allows them to them to delete tables or databases.
408+
* **DELETE** - allows them to delete rows from tables.
409+
* **INSERT** - allows them to insert rows into tables.
410+
* **SELECT** - allows them to use the `SELECT` command to read through databases.
411+
* **UPDATE** - allow them to update table rows.
412+
* **GRANT OPTION** - allows them to grant or remove other users’ privileges.
413+
Multiple permissions are given with commas.
414+
415+
#### Revoking permissions
416+
```sql
417+
REVOKE type_of_permission ON database_name.table_name FROM 'username'@'localhost';
418+
```
419+
420+
#### Show User's Current Permissions
421+
```sql
422+
SHOW GRANTS FOR 'username'@'localhost';
423+
```
424+
425+
#### Delete a User
426+
```sql
427+
DROP USER 'username'@'localhost';
428+
```
429+
430+
#### Set new password to a user
431+
```sql
432+
use mysql;
433+
update user set authentication_string=PASSWORD("<new2-password>") where User='<user>';
434+
flush privileges;
435+
```
436+
437+
## Reset Root Password
438+
Stop MySQL service
439+
```
440+
sudo systemctl stop mysql
441+
```
442+
Restart MySQL service without loading grant tables
443+
```bash
444+
sudo mysqld_safe --skip-grant-tables &
445+
```
446+
The apersand (&) will cause the program to run in the background and `--skip-grant-tables` enables everyone to to connect to the database server without a password and with all privileges granted.
447+
Login to shell
448+
```
449+
mysql -u root
450+
```
451+
Set new password for root
452+
```sql
453+
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MY_NEW_PASSWORD';
454+
FLUSH PRIVILEGES;
455+
```
456+
Stop and start the server once again
457+
```
458+
mysqladmin -u root -p shutdown
459+
sudo systemctl start mysql
460+
```
371461
## Programming
372462

373463
#### Declare variables
@@ -422,4 +512,4 @@ select month("1998-12-30");
422512
#### Extract Year
423513
```sql
424514
select year("1998-12-30");
425-
```
515+
```

0 commit comments

Comments
 (0)