Skip to content

Commit cee60e9

Browse files
AnuragAnalogAnuragAnalog
authored
Merge pull request Cheatsheet-lang#6 from 7JKaushal/patch-1
added users' privileges, reset root password
2 parents f5fbc56 + c935db7 commit cee60e9

File tree

1 file changed

+81
-0
lines changed

1 file changed

+81
-0
lines changed

README.md

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -368,13 +368,94 @@ create table emp_dup select * from employee;
368368

369369
## Access Controls
370370

371+
#### Creating New User
372+
```sql
373+
CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
374+
```
375+
the hostname part is set to `localhost`, so the user will be able to connect to the MySQL server only from the localhost.
376+
To grant access from another host, change the hostname part with the remote machine IP.
377+
```sql
378+
CREATE USER 'username'@'172.8.10.5' IDENTIFIED BY 'user_password';
379+
```
380+
To create a user that can connect from any host, '%' is used in the hostname part:
381+
```sql
382+
CREATE USER 'username'@'%' IDENTIFIED BY 'user_password';
383+
```
384+
385+
#### Grant All Permissions
386+
```sql
387+
GRANT ALL PRIVILEGES ON * . * TO 'username'@'localhost';
388+
```
389+
Asterisks(\*) refers to the database and table names respectively.
390+
By using asterisks we can give access of all the databases **or** tables to the user.
391+
392+
#### Flush Privileges
393+
```sql
394+
FLUSH PRIVILEGES
395+
```
396+
All the changes won't be in effect unless this query is fired.
397+
398+
#### Specific User Permissions
399+
```sql
400+
GRANT type_of_permission ON database_name.table_name TO 'username'@'localhost';
401+
```
402+
`type_of_permission` may have one of these value:
403+
* **ALL PRIVILEGES** - Allows user full access to a designated database (or if no database is selected, global access across the system).
404+
* **CREATE** - allows them to create new tables or databases.
405+
* **DROP** - allows them to them to delete tables or databases.
406+
* **DELETE** - allows them to delete rows from tables.
407+
* **INSERT** - allows them to insert rows into tables.
408+
* **SELECT** - allows them to use the `SELECT` command to read through databases.
409+
* **UPDATE** - allow them to update table rows.
410+
* **GRANT OPTION** - allows them to grant or remove other users’ privileges.
411+
Multiple permissions are given with commas.
412+
413+
#### Revoking permissions
414+
```sql
415+
REVOKE type_of_permission ON database_name.table_name FROM 'username'@'localhost';
416+
```
417+
418+
#### Show User's Current Permissions
419+
```sql
420+
SHOW GRANTS FOR 'username'@'localhost';
421+
```
422+
423+
#### Delete a User
424+
```sql
425+
DROP USER 'username'@'localhost';
426+
```
427+
371428
#### Set new password to a user
372429
```sql
373430
use mysql;
374431
update user set authentication_string=PASSWORD("<new2-password>") where User='<user>';
375432
flush privileges;
376433
```
377434

435+
## Reset Root Password
436+
Stop MySQL service
437+
```
438+
sudo systemctl stop mysql
439+
```
440+
Restart MySQL service without loading grant tables
441+
```bash
442+
sudo mysqld_safe --skip-grant-tables &
443+
```
444+
The apersand (&) will cause the program to run in the background and `--skip-grant-tables` enables everyone to to connect to the database server without a password and with all privileges granted.
445+
Login to shell
446+
```
447+
mysql -u root
448+
```
449+
Set new password for root
450+
```sql
451+
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MY_NEW_PASSWORD';
452+
FLUSH PRIVILEGES;
453+
```
454+
Stop and start the server once again
455+
```
456+
mysqladmin -u root -p shutdown
457+
sudo systemctl start mysql
458+
```
378459
## Programming
379460

380461
#### Declare variables

0 commit comments

Comments
 (0)