• 欢迎访问搞代码网站,推荐使用最新版火狐浏览器和Chrome浏览器访问本网站!
  • 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏搞代码吧
> 数据库 > mysql > MySQL修改账号的IP限制条件实例分享

MySQL修改账号的IP限制条件实例分享

mysql 搞代码 4年前 (2022-01-09) 16次浏览 已收录 0个评论

本文主要给大家介绍了关于MySQL如何修改账号的IP限制条件的相关资料,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,希望能帮助到大家。

前言

最近在工作中遇到一个需求:修改MySQL用户的权限,需要限制特定IP地址才能访问,第一次遇到这类需求,结果在测试过程,使用更新系统权限报发现出现了一些问题, 具体演示如下.

注意:下面测试环境为MySQL 5.6.20. 如有其它版本与下面测试结果有出入,请以实际环境为准。

我们先创建一个测试用户LimitIP,只允许192.168段的IP地址访问,具体权限如下所示:

mysql> GRANT SELECT ON MyDB.* TO LimitIP@'192.168.%' IDENTIFIED BY 'LimitIP';Query OK, 0 rows affected (0.01 sec) mysql> GRANT INSERT ,UPDATE,DELETE ON MyDB.kkk TO LimitIP@'192.168.%';Query OK, 0 rows affected (0.00 sec) mysql> mysql> flush privileges;Query OK, 0 rows affected (0.00 sec) mysql>  mysql> show grants for LimitIP@'192.168.%';+----------------------------------------------------------------------------------------------------------------+| Grants for [email protected].%                     |+----------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.%' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' || GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.%'                || GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.%'           |+----------------------------------------------------------------------------------------------------------------+3 rows in set (0.00 sec) mysql>

假设现在收到需求:这个用户只允许这个IP地址192.168.103.17访问,于是我打算更新mysql.user表,如下所示:

mysql> select user, host from mysql.user where user='LimitIP';+---------+-----------+| user | host  |+---------+-----------+| LimitIP | 192.168.% |+---------+-----------+1 row in set (0.00 sec) mysql> update mysql.user set host='192.168.103.17' where user='LimitIP';Query OK, 1 row affected (0.02 sec)Rows matched: 1 Changed: 1 Warnings: 0 mysql> flush privileges;Query OK, 0 rows affected (0.01 sec) mysql> select user, host from user where user='LimitIP';ERROR 1046 (3D000): No database selectedmysql> use mysql;Reading table information for completion of table and column namesYou can turn off this feature to get a quicker startup with -A Database changedmysql> select user, host from user where user='LimitIP';+---------+----------------+| user | host   |+---------+----------------+| LimitIP | 192.168.103.17 |+---------+----------------+1 row in set (0.00 sec) mysql> show grants for LimitIP@'192.168.103.17';+---------------------------------------------------------------------------------------------------------------------+| Grants for [email protected]                     |+---------------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' |+---------------------------------------------------------------------------------------------------------------------+1 row in set (0.00 sec) mysql>

上面测试发现,如果这样只修改mysql.user表, 那么之前的权限没有了,如下所示,如果你查询mysql.db、 mysql.tables_priv 发现Host的字段值依然为192.168.%

mysql> select * from mysql.db where user='LimitIP'\G;*************************** 1. row ***************************     Host: 192.168.%     Db: MyDB     User: LimitIP   Select_priv: Y   Insert_priv: N   Update_priv: N   Delete_priv: N   Create_priv: N   Drop_priv: N   Grant_priv: N  References_priv: N   Index_priv: N   Alter_priv: NCreate_tmp_table_priv: N  Lock_tables_priv: N  Create_view_priv: N  Show_view_priv: N Create_routine_priv: N Alter_routine_priv: N   Execute_priv: N   Event_priv: N   Trigger_priv: N1 row in set (0.00 sec) ERROR: No query specified mysql> select * from mysql.tables_priv where user='LimitIP'\G;*************************** 1. row ***************************  Host: 192.168.%   Db: MyDB  User: LimitIP Table_name: kkk Grantor: root@localhost Timestamp: 0000-00-00 00:00:00 Table_priv: Insert,Update,DeleteColumn_priv: 1 row in set (0.00 sec) ERROR: No query specified

所以我继续修改 mysql.db、 mysql.tables_priv 表,然后测试验证终于OK了(请见下面测试步骤),当然如果账户的权限不止这几个层面,你可能还必须修改例如mysql.columns_priv、mysql.procs_priv等表

mysql> show grants for LimitIP@'192.168.%';ERROR 1141 (42000): There is no such grant defined for user 'LimitIP' on host '192.168.%'mysql> mysql> mysql> update mysql.db set host='192.168.103.17' where user='Lim<p style="color:transparent">本文来源gao!daima.com搞$代!码网</p>itIP';Query OK, 1 row affected (0.00 sec)Rows matched: 1 Changed: 1 Warnings: 0 mysql> update mysql.tables_priv set host='192.168.103.17' where user='LimitIP';Query OK, 1 row affected (0.00 sec)Rows matched: 1 Changed: 1 Warnings: 0 mysql> flush privileges;Query OK, 0 rows affected (0.00 sec) mysql> show grants for LimitIP@'192.168.103.17';+---------------------------------------------------------------------------------------------------------------------+| Grants for [email protected]                     |+---------------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.17' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' || GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.17'                || GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.17'           |+---------------------------------------------------------------------------------------------------------------------+3 rows in set (0.00 sec) mysql>

如果需要修改用户的IP限制,其实更新mysql相关权限表不是上上策,其实有更好的方法,那就是RENAME USER Syntax

mysql> RENAME USER 'LimitIP'@'192.168.103.17' TO 'LimitIP'@'192.168.103.18';Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES;Query OK, 0 rows affected (0.00 sec) mysql> show grants for 'LimitIP'@'192.168.103.18';+---------------------------------------------------------------------------------------------------------------------+| Grants for [email protected]                     |+---------------------------------------------------------------------------------------------------------------------+| GRANT USAGE ON *.* TO 'LimitIP'@'192.168.103.18' IDENTIFIED BY PASSWORD '*72DDE03E02CC55A9478A82F3F4EBE7F639249DEC' || GRANT SELECT ON `MyDB`.* TO 'LimitIP'@'192.168.103.18'                || GRANT INSERT, UPDATE, DELETE ON `MyDB`.`kkk` TO 'LimitIP'@'192.168.103.18'           |+---------------------------------------------------------------------------------------------------------------------+3 rows in set (0.00 sec) mysql>

相关推荐:

实例讲解mysql修改开启允许远程连接

mysql修改数据库表的用法实例总结

MySQL修改密码和访问限制的实例详解

以上就是MySQL修改账号的IP限制条件实例分享的详细内容,更多请关注搞代码gaodaima其它相关文章!

搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:MySQL修改账号的IP限制条件实例分享

喜欢 (0)
[搞代码]
分享 (0)
发表我的评论
取消评论

表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址