Write by lyc at 2020-5-14

1.关于mysql云实例用户权限

云数据库出于安全考虑,root账户权限并非ALL PRIVILEGES

创建用户仅能把自己已有的权限赋给新用户,所以本身不是 ALL PRIVILEGES 权限的root无法再创建 ALL PRIVILEGES 权限的其他用户。

我们可以通过修改 mysql.user 权限表,把若干列等于'N'的字段改成'Y'即可。

2.mysql云实例root授权ALL PRIVILEGES

查看当前云数据库root有哪些权限不是Y,找出值为N的列,对其修改为Y

1
2
3
4
5
6
7
8
9
10
11
12
# 查看权限表
mysql > select * from mysql.user where user='root' and HOST='%'\G

# 找到值为N的列,改其为Y
mysql > update mysql.user set Shutdown_priv='Y' where User='root' and HOST='%';
## root用户获得Super权限
mysql > update mysql.user set Super_priv='Y' where User='root' and Host='%';

## .... 这里可能还有其他权限是N的,需要一一改成Y才能是root变成all privileges

# 生效
mysql > flush privileges;

3.ERROR 1290 (HY000): The MySQL server is running with the –user-secure-priv option so it cannot execute this statement

修改报错

1
2
MySQL [(none)]> update mysql.user set Super_priv='Y' where User='admin' and Host='%';    
ERROR 1290 (HY000): The MySQL server is running with the --user-secure-priv option so it cannot execute this statement

金山云的RDS无法通过修改 mysql.user 表授权admin用户的Super权限

原因

参考博文:https://blog.csdn.net/man_to_home/article/details/54947518

原因是金山云的RDS,mysql.user表的Super_priv字段被限制了。

1
2
3
4
5
6
7
8
9
10
MySQL [(none)]> show global variables like '%secure%';
+--------------------------+-----------------------------------------------------------+
| Variable_name            | Value                                                     |
+--------------------------+-----------------------------------------------------------+
| require_secure_transport | OFF                                                       |
| secure_auth              | ON                                                        |
| secure_file_priv         | NULL                                                      |
| user_secure_priv         | Super_priv,Create_tablespace_priv,File_priv,Shutdown_priv |
+--------------------------+-----------------------------------------------------------+
4 rows in set (0.01 sec)