mysqld –skip-grant-tables

mysqld的--skip-grant-tables选项
这个选项会导致不使用权限系统来启动服务器,它将让任何用户可以访问服务器并且不受限制的访问所有数据库。在不使用授权表启动服务器后可以通过shell来执行mysqladmin flush-privileges或mysqladmin reload命令或者在连接到服务器后执行flush privileges语句来让正在运行的服务器再次使用授权表。

使用--skip-grant-tables选项启动服务器

[root@localhost mysql]# service mysqld stop
Shutting down MySQL. SUCCESS!

[root@localhost mysql]# service mysqld start --skip-grant-tables
Starting MySQL.. SUCCESS!

现在就可以不使用用户和密码就可以登录服务器

[mysql@localhost ~]$ mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 2
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>
现在可以执行mysqladin flush-privileges命令让正在运行的服务器再次使用授权表

[mysql@localhost ~]$ mysqladmin flush-privileges
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了

[mysql@localhost ~]$ mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

[mysql@localhost ~]$ mysql -uroot -pabcd mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
再次使用--skip-grant-tables选项启动服务器

[root@localhost mysql]# service mysqld stop
Shutting down MySQL.. SUCCESS!

[root@localhost mysql]# service mysqld start --skip-grant-tables
Starting MySQL.. SUCCESS!
现在就可以不使用用户和密码就可以登录服务器

[mysql@localhost ~]$ mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 2
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>

现在可以执行mysqladin reload命令让正在运行的服务器再次使用授权表

mysql@localhost ~]$ mysqladmin reload
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了

[mysql@localhost ~]$ mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
[mysql@localhost ~]$ mysql -uroot -pabcd mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
再次使用--skip-grant-tables选项启动服务器

[root@localhost mysql]# service mysqld stop
Shutting down MySQL. SUCCESS!

[root@localhost mysql]# service mysqld start --skip-grant-tables
Starting MySQL.. SUCCESS!
现在就可以不使用用户和密码就可以登录服务器

[mysql@localhost ~]$ mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 2
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>
现在可以执行flush privileges语句让正在运行的服务器再次使用授权表

mysql> flush privileges;
Query OK, 0 rows affected (0.12 sec)
现在不使用用户和密码就不能登录服务器了,必须使用用户和密码才能登录了

[mysql@localhost ~]$ mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
[mysql@localhost ~]$ mysql -uroot -pabcd mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.7.26-log Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its

  1. Other names may be trademarks of their respective
    owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
--skip-grant-tables选项也可以在选项文件my.cnf中进行设置。这个选项还会导致服务器在启动过程中禁止加载用户定义函数(udf),调度事件和安装插件语句中安装的插件。为了以任何方式来加载插件,使用--plugin-load选项。--skip-grant-tables选项也会导致disabled_storage_engines系统变量失效。

flush privileges语句可以在服务器启动后通过执行其它操作来隐式执行。例如在升级过程中mysql_upgrade程序就会刷新权限。