如何授予新用户在 MySQL 中创建新数据库的权限
[英]how do I grant a new user the privilege to create a new database in MySQL
问题描述
how do I grant a new user the privilege to create a new database in MySQL
如何授予新用户在 MySQL 中创建新数据库的权限
Specifically:具体来说:
- the database does not exist yet数据库还不存在
- I have successfuly created a new DB user account (that is not admin)我已经成功创建了一个新的数据库用户帐户(不是管理员)
- I want that non-admin user to create a new database我希望非管理员用户创建一个新数据库
- I do NOT want the 'admin' user to create the database and then grant privs to the database to the new user我不希望“管理员”用户创建数据库,然后将数据库权限授予新用户
- as 'admin', I want to grant the new user the privilege to create a new database作为“管理员”,我想授予新用户创建新数据库的权限
- I do not want to grant the new user any additional privileges on existing databases我不想授予新用户对现有数据库的任何额外权限
This is not covered anywhere in the documentation that I can find.我能找到的文档中的任何地方都没有涵盖这一点。
Monday 2022-04-04 Update:周一 2022-04-04更新:
I created user 'scott' and then logged in as MySQL user 'admin' When I run this command我创建了用户“scott”,然后以 MySQL 用户“admin”身份登录 当我运行此命令时
Note: The 'test' database does not yet exist注意:“测试”数据库尚不存在
mysql>GRANT CREATE ON test.* to 'scott'@'localhost'; mysql>GRANT CREATE ON test.* to 'scott'@'localhost';
I get an error ==> ERROR 1410 (42000): You are not allowed to create a user with GRANT我得到一个错误==> ERROR 1410 (42000): You are not allowed to create a user with GRANT
Why do I get this error?为什么会出现此错误? I am not attempting to create a user, but rather grant a user access to a non-existent database (as is the approach with MySQL to grant a user privileges to create a database).我不是在尝试创建用户,而是授予用户访问不存在的数据库的权限(就像 MySQL 授予用户创建数据库权限的方法一样)。
If up update the SQL statement to: mysql>GRANT CREATE ON test.* to scott;如果 up 更新 SQL 语句为: mysql>GRANT CREATE ON test.* to scott;
It runs OK Query OK, 0 rows affected (0.07 sec)它运行正常查询正常,0 行受影响(0.07 秒)
And so now I login as user 'scott and run this statement:所以现在我以用户 'scott 身份登录并运行此语句:
mysql>create database rum; mysql>创建数据库朗姆酒;
==> ERROR 1049 (42000): Unknown database 'test' ==> 错误 1049 (42000): 未知数据库 'test'
Why do I get this error?为什么会出现此错误?
At this point, I am still not able to create a database as a non-admin user.此时,我仍然无法以非管理员用户身份创建数据库。
1 个解决方案
解决方案1
1 2022-04-01 21:25:58
Example: grant "scott" the privilege to create the test3 database, which does not exist yet:示例:授予“scott”创建test3数据库的权限,该数据库尚不存在:
mysql> select user();
+----------------+
| user() |
+----------------+
| root@localhost |
+----------------+
mysql> grant create on test3.* to 'scott'@'localhost';
Query OK, 0 rows affected (0.01 sec)
Now try as scott to create the database:现在尝试以 scott 的身份创建数据库:
mysql> select user();
+-----------------+
| user() |
+-----------------+
| scott@localhost |
+-----------------+
mysql> show grants;
+---------------------------------------------------------+
| Grants for scott@localhost |
+---------------------------------------------------------+
| GRANT USAGE ON *.* TO `scott`@`localhost` |
| GRANT ALL PRIVILEGES ON `test`.* TO `scott`@`localhost` |
| GRANT CREATE ON `test3`.* TO `scott`@`localhost` |
+---------------------------------------------------------+
mysql> create database test3;
Query OK, 1 row affected (0.00 sec)
mysql> use test3;
Database changed
MySQL has one privilege called CREATE which is for creating both databases and tables. MySQL 有一个名为CREATE的权限,用于创建数据库和表。 See https://dev.mysql.com/doc/refman/8.0/en/privileges-provided.html#priv_create参见https://dev.mysql.com/doc/refman/8.0/en/privileges-provided.html#priv_create
You can either grant the user privilege to create a database of a specific name, or else grant them the privilege to create a database of any name, but that means they can also create other tables, either in the new database or in other existing databases.您可以授予用户创建特定名称数据库的权限,或者授予他们创建任何名称数据库的权限,但这意味着他们还可以在新数据库或其他现有数据库中创建其他表. Sorry, there may not be a solution for you to allow them to create any new database without specifying the name when you grant the privilege, but then only have privilege in that database.抱歉,可能没有解决方案让您在授予权限时允许他们在不指定名称的情况下创建任何新数据库,但随后只能在该数据库中拥有权限。
You are not allowed to create a user with GRANT
You did not create the user scott.您没有创建用户 scott。 Older versions of MySQL allows GRANT to implicitly create a user if one does not exist, but that has been disabled on more recent versions because folks realized it is a security weakness. MySQL 的旧版本允许 GRANT 在不存在的情况下隐式创建用户,但在较新的版本中已被禁用,因为人们意识到这是一个安全漏洞。
To be clear, the user "scott" is just an example I used.需要说明的是,用户“scott”只是我使用的一个示例。 Don't literally use the name "scott" if that's not the user to whom you want to grant privileges.如果这不是您要授予权限的用户,请不要按字面意思使用名称“scott”。
The other errors you got seem to be that you granted the user privileges on a database named test.* but then you tried to create a database with a different name.您得到的其他错误似乎是您授予用户对名为test.*的数据库的权限,但随后您尝试创建一个具有不同名称的数据库。 The example I showed only grants the privilege to create the specific named database, not a database named rum or any other database.我展示的示例仅授予创建特定命名数据库的权限,而不是名为rum的数据库或任何其他数据库。
I understand you want to grant privilege to create a database of any name.我知道您想授予创建任意名称数据库的权限。 The syntax for that would be GRANT CREATE ON *.* TO... but that would grant the user privileges on all the other existing databases too.其语法为GRANT CREATE ON *.* TO...但这也会授予用户对所有其他现有数据库的权限。
There is no combination of syntax to grant privileges on any database name wildcard that means any database, provided that it is not yet created.没有语法组合来授予对任何数据库名称通配符的特权,这意味着任何数据库,前提是它尚未创建。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.