Copyright (C) 2000-2012 |
GNU Info (mysql.info)Default privilegesSetting Up the Initial MySQL Privileges --------------------------------------- After installing MySQL, you set up the initial access privileges by running `scripts/mysql_install_db'. Note: Quick install. The `mysql_install_db' script starts up the `mysqld' server, then initializes the grant tables to contain the following set of privileges: * The MySQL `root' user is created as a superuser who can do anything. Connections must be made from the local host. *NOTE:* The initial `root' password is empty, so anyone can connect as `root' _without a password_ and be granted all privileges. * An anonymous user is created that can do anything with databases that have a name of `'test'' or starting with `'test_''. Connections must be made from the local host. This means any local user can connect without a password and be treated as the anonymous user. * Other privileges are denied. For example, normal users can't use `mysqladmin shutdown' or `mysqladmin processlist'. *NOTE:* The default privileges are different for Windows. Note: Windows running. Because your installation is initially wide open, one of the first things you should do is specify a password for the MySQL `root' user. You can do this as follows (note that you specify the password using the `PASSWORD()' function): shell> mysql -u root mysql mysql> UPDATE user SET Password=PASSWORD('new_password') WHERE user='root'; mysql> FLUSH PRIVILEGES; You can, in MySQL Version 3.22 and above, use the `SET PASSWORD' statement: shell> mysql -u root mysql mysql> SET PASSWORD FOR root=PASSWORD('new_password'); Another way to set the password is by using the `mysqladmin' command: shell> mysqladmin -u root password new_password Only users with write/update access to the `mysql' database can change the password for others users. All normal users (not anonymous ones) can only change their own password with either of the above commands or with `SET PASSWORD=PASSWORD('new password')'. Note that if you update the password in the `user' table directly using the first method, you must tell the server to re-read the grant tables (with `FLUSH PRIVILEGES'), because the change will go unnoticed otherwise. Once the `root' password has been set, thereafter you must supply that password when you connect to the server as `root'. You may wish to leave the `root' password blank so that you don't need to specify it while you perform additional setup or testing. However, be sure to set it before using your installation for any real production work. See the `scripts/mysql_install_db' script to see how it sets up the default privileges. You can use this as a basis to see how to add other users. If you want the initial privileges to be different than those just described above, you can modify `mysql_install_db' before you run it. To re-create the grant tables completely, remove all the `.frm', `.MYI', and `.MYD' files in the directory containing the `mysql' database. (This is the directory named `mysql' under the database directory, which is listed when you run `mysqld --help'.) Then run the `mysql_install_db' script, possibly after editing it first to have the privileges you want. *NOTE:* For MySQL versions older than Version 3.22.10, you should NOT delete the `.frm' files. If you accidentally do this, you should copy them back from your MySQL distribution before running `mysql_install_db'. automatically generated by info2www version 1.2.2.9 |