Everything about database,how to,example,guide,

MySQL has been become one of most databases are used in current network,Go up in Web application especially,The absolutely dominant position that it held medium or small applying.All these results from its cabinet use easily, license of safe and effective, open mode and much platform,Mainer is it and one of languages of three big Web -- the perfect union of PHP.

But unfortunate is,The MySQL of safety of a default,Because Root password is sky and program flaw to bring about,can be spilled over,Make the server that installs MySQL becomes the target that often is atttacked.More serious is,After be being atttacked, the database often is destroyed,The consequence that makes cause disaster difficult sex easily.In what undertake to protect data will be being entered to guard battle below.

Environmental requirement

1 .Systematic environment

The server that a Red Hat Linux 9.0 defines installation oneself,The system installed GCC and package of a few software,For instance Apache, PHP.The first thing after installing a system upgrades namely systematic software is wrapped.As Web server,The plea that the system accepts PHP script,PHP is used below the contact that the MySQL database that will install releases as trends.

The requirement of divisional circumstance and average system are similar,The point with different only depends on from the back build / Chroot and / Tmp asks to be in same on partition.

2 .Safe requirement

(1) MySQL moves in to become independent (Chroot) below the environment;
(2) the user that Mysqld process runs at to become independent / below user group,This user and user group do not have a catalog,Without Shell,Also cannot use at other program;
(3) the Root Zhang date of modification MySQL,Use a complex code;
(4) allow MySQL of this locality join only,Join of the network when the MySQL that start is prohibited;
(5) the Nobody Zhang date that assures join MySQL logins to be prohibited;
(6) delete Test database.

Install MySQL

1 .Install preparation

Before installing MySQL,The user that needs to found to be used at starting MySQL according to afore-mentioned safe requirements and group.


...

Join when you when server of a MySQL,You should use a password normally.Countersign is not transmitted on join with proclaimed in writing.

All other information is transmitted as the text that can be understood by anybody.If you worry about this,You can be used compress an agreement (MySQL3.22 and above version) it is more difficult to make the thing becomes.Even to make everything safer,You should install Ssh (seeHttp://www.cs.hut.fi/ssh) .With it,You can get between server of a MySQL and client of a MySQL one adds close TCP/IP to join.

...

? ? 1. Hardware environment:
? ?
? ? hard disk:Memory of 9.2 G; :Net of 128 M; gets stuck:EEpor100
? ?
? ? 2. Software
? ?
? ? operating system:RedHat 6.2
? ?
? ? 3. Optimize RedHat 6.2
? ?
When ? ? is installed, choose
? ? Ftp and Dns
? ?
? ? compiles a document / Etc/hosts
? ?
? ? instead:
? ? 202.104.131.100 Info.langoit.com.cn Info
? ?
? ? compiles a document / Etc/named.conf
? ?
? ? instead:
? ?
? ? / / Generated By Named-bootconf.pl
? ?
? ? Options {
? ? Directory "/var/named";
? ? Forwarders {202.104.131.98;};
? ? Forwards Only;
? ? / / Query-source Address * Port 53;
? ? };
? ?
? ? / /
? ? / / A Caching Only Nameserver Config
? ? / /
? ? Zone " . ? ? Zone " .. In {
? ? Type Hint;
? ? File "named.ca";
? ? };
? ?
? ? Zone "0.0.127.in-addr.arpa" In {
? ? Type Master;
? ? File "named.local";
? ? };
? ?
? ?
? ? compiles a document / Etc/resolv.conf
? ?
? ? instead:
? ? Search Langoit.com.cn
? ? Nameserver 202.104.131.98
? ? Nameserver 202.96.134.133
? ?
? ? optimizes Linux kernel:
? ?
? ? deletes the Rpm that do not have to wrap:
? ?
? ? should stop the course that running above all
? ?
? ? Cd /etc/rc.d/init.d
? ?
? ? . / Sendmail Stop
? ? . / Apmd Stop
? ? . / Kudzu Stop
? ?
? ? Rpm -e- - Nodeps Sendmail Kudzu Nfs-utils
? ?
? ? compiles a document / Usr/src/linux/include/linux/tasks.h
? ?
? ? edits four the tenth (Vi +14) :
? ?
? ? NR_TASKS 5120---%26gt;3072
? ? MIN_TASKS_LEFT_FOR_ROOT 16---%26gt;24
? ?
? ? compiles a document / Usr/src/linux/Makefile
? ?
? ? edits eight the tenth (Vi +18) :
? ?
? ? HOSTCC =gcc
? ?---%26gt;
? ? HOSTCC =egcs
? ?
? ? edits the second ten the five elements (Vi +25) :
? ?
? ? CC =$(CROSS_COMPILE)gcc -D__KERNEL__ -I$(HPATH)
? ?---%26gt;
? ? CC =$(CROSS_COMPILE)egcs -D__KERNEL__ -I$(HPATH)
? ?
? ? edits ten the nineth (Vi +90) :
? ?
? ? CFLAGS = -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer
? ?---%26gt;
? ? CFLAGS = -Wall -Wstrict-prototypes -O9 -funroll-loops -ffast-math -malign-double -mcpu=
? ? Pentiumpro -march=pentiumpro -fomit-frame-pointer -fno-exceptions
? ?
? ? edits nine the tenth (Vi +19) :
? ?
? ? HOSTCFLAGS =-Wall -Wstrict-prototypes -O2 -fomit-frame-pointer
? ?---%26gt;
? ? HOSTCFLAGS =-Wall -Wstrict-prototypes -O9 -funroll-loops -ffast-math -malign-double -mcpu=
? ? Pentiumpro -march=pentiumpro -fomit-frame-pointer -fno-exceptions
? ?
? ? installs a kernel:
? ?
? ? Make Xconfig
? ?
? ? is specific but oneself are installed according to the system
? ?
? ? is in / below Usr/src/linux/ catalog
? ?
? ? Make Dep
? ? Make Clean
? ? Make Bzlilo
? ? Make Modules
? ? Make Modules_install
? ?
? ? 4. Install and optimize Mm, mysql, apache, php, phpMyAdmin, perl, mode_perl
? ?
File of ? ? 1)
? ? Mm: Mm-1.1.3.tar.gz
? ? Mysql: Mysql-3.22.32.tar.gz
? ? Apache: Apache_1.3.12.tar.gz
? ? Php: Php-4.0.0.2.0.5.tar.gz
? ? PhpMyAdmin: PhpMyAdmin_2.0.5.tar.gz
? ? Mode_perl: Mod_perl-1.24.tar.gz
? ? Perl-DBI: DBI-1.14.tar.gz
? ? DBD-Oracle-1.06.tar.gz
? ? Msql-Mysql-modules-1.2214.tar.gz
? ? Data-Dumper-2.101.tar.gz
? ? Data-ShowTable-3.3.tar.gz
? ? Eperl: Eperl-2.2.14.tar.gz
? ? Perl: Perl-5.6.0.tar.gz
? ?
? ? solution controls a file:
? ?
Name of file of ? ? Tar -zxpf
? ?
? ? notices:The following all be compiled beforehand and below the software list that installation is wanting to install
? ?
? ? #) installs Mm
? ? . / Configure \
? ?- - Disable-shared \
? ?- - Prefix=/usr
? ? Make
? ? Make Test
? ? Make Install
? ? Make Clean
? ?
The installation of #) Mysql mixes ? ? configuration
? ?
? ? of #) Mysql compile beforehand
? ?
? ? CC="egcs" \
? ? OPTIM="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro \
? ? - March=pentiumpro -fomit-frame-pointer -fno-exceptions" \
? ? . / Configure \
? ?- - Prefix=/mysql \
? ?
? ? #) installs Mysql
? ?
? ? Make
? ? Make Install
? ? Make Clean
? ?
? ? #) configures Mysql
? ?
? ? / Mysql/bin/mysql_install_db
? ?
Database of ? ? initialization
? ? Cp /mysql/share/mysql/mysql.server /etc/rc.d/init.d/mysql
? ? Cd /etc/rc.d/rc3.d
? ? Ln -s. . / Init.d/mysql S70mysql
? ?
Mysql of the to load when ? ? system is started
? ?
Of ? ? #) Apache compile beforehand
? ?
? ? CC="egcs" \
? ? OPTIM="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro \
? ? - March=pentiumpro -fomit-frame-pointer -fno-exceptions" \
? ? CFLAGS="-DDYNAMIC_MODULE_LIMIT=0" \
? ? . / Configure \
? ?- - Prefix=/apache \
? ?
Of ? ? #) Php compile beforehand
? ?
? ? CC="egcs" \
? ? OPTIM="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro \
? ? - March=pentiumpro -fomit-frame-pointer -fno-exceptions" \
? ? . / Configure \
? ?- - Prefix=/usr \
? ?- - With-apache= . . / Apache_1.3.12 \
? ?- - Enable-safe-mode \
? ?- - With-mm \
? ?- - Enable-inline-optimization \
? ?- - Enable-memory-limit \
? ?- - Enable-track-vars \
? ?- - With-mysql=/mysql \
? ?
? ? #) installs Php
? ?
? ? Make
? ? Make Install
? ? Make Clean
? ?
Of ? ? #) Mode_perl compile beforehand
? ?
? ? Perl Makefile.PL \
? ? EVERYTHING=1 \
? ? APACHE_SRC= . . / Apache_1.3.12/src \
? ? USE_APACI=1 \
? ? DO_HTTPD=1
? ?
? ? #) installs Mod_perl
? ?
? ? Make
? ? Make Install
? ? Make Clean
? ?
? ? #) compiles Apache
? ?
? ? EAPI_MM=SYSTEM \
? ? CC="egcs" \
? ? OPTIM="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro \
? ? - March=pentiumpro -fomit-frame-pointer -fno-exceptions" \
? ? CFLAGS="-DDYNAMIC_MODULE_LIMIT=0" \
? ? . / Configure \
? ?- - Prefix=/apache \
? ?- - Activate-module=src/modules/php4/libphp4.a \
? ?- - Enable-module=php4 \
? ?- - Activate-module=src/modules/perl/libperl.a \
? ?- - Enable-module=perl
? ?
? ? #) installs Apache
? ?
? ? Make
? ? Make Install
? ? Make Clean
? ?
? ? Cp /apache/bin/apachectl /etc/rc.d/init.d/httpd
? ? Cd /etc/rc.d/rc3.d
? ? Ln -s. . / Init.d/httpd S80httpd
? ?
Apache of the to load when ? ? system is started
? ?
? ? #) installs Eperl
? ?
? ? Perl Makefile.PL
? ?
? ? Make
? ? Make Test
? ? Make Install
? ? Make Clean
? ? - Frame-pointer -fno-exceptions" \
? ? CFLAGS="-DDYNAMIC_MODULE_LIMIT=0" \
? ? . / Configure \
? ?- - Prefix=/apache \
? ?- - Activate-module=src/modules/php4/libphp4.a \
? ?- - Enable-module=php4 \
? ?- - Activate-module=src/modules/perl/libperl.a \
? ?- - Enable-module=perl
? ?
? ? #) installs Apache
? ?
? ? Make
? ? Make Install
? ? Make Clean
? ?
? ? Cp /apache/bin/apachectl /etc/rc.d/init.d/httpd
? ? Cd /etc/rc.d/rc3.d
? ? Ln -s. . / Init.d/httpd S80httpd
? ?
Apache of the to load when ? ? system is started
? ?
? ? #) installs Eperl
? ?
? ? Perl Makefile.PL
? ?
? ? Make
? ? Make Test
? ? Make Install
? ? Make Clean
? ?
? ?
? ? Make
? ? Make Test
? ? Make Install
? ? Make Clean
? ? Make Clean

...

Be aimed at what MySQL regards special database as the server to optimize a proposal namely below:

The program of MySQL server

To be safeguarded later,Upgrade the security of the convenience of backup and data,Had better install MySQL program document and data respectively in " different hardware " on.

         / /
        | / Usr %26lt;==Operating system
        | / Home/mysql %26lt;==Mysql advocate catalog,Upgrade to go to the lavatory,This
Hard disk 1==%26gt; | It is the link of catalog of a newest version
        | / Home/mysql-3.23.54/ %26lt;==The Mysql /home/mysql catenary of newest version receives here
         \ /home/mysql-old/ %26lt;==The Mysql of the old version that moves previously

         / / Data/app_1/ %26lt;==Applied data and the script that start
Hard disk 2==%26gt; | / Data/app_2/
         \ /data/app_3/

Of the installation that MySQL serves and service start

The version that MySQL uses current STABLE commonly:

Do not use as far as possible- - With-charset= option,I feel With-charset is in only ability is useful when pressing alphabetical sort,What meeting logarithm occupies these option is migratory bring a lot of troubles.

Do not use Innodb as far as possible,Innodb basically is used at needing external key,The company level such as general affairs supports,Cost is level of volume of know exactly about sth of speed comparing MYISAM drop.

. / Configure- - Prefix=/home/mysql- - Without-innodbMakeMake Install

Of the service start and stop

1 is duplicate default Mysql/var/mysql arrives / below Data/app_1/ catalog.

2The starting script of MySQLD:Start_mysql.sh


...

MySQL is server of database of SQL of Cheng of a true much user, multi-line,It is at present the most popular open source yardage occupies one of library servers.The data that comes from MySQL project shows,At present MySQL user has achieved 4 million.Everybody is hep, the Web site of use MySQL includes Yahoo, Finance, MP3.com, Motorola, NASA, Silicon Graphics and Texas Instruments to wait.

Generally speaking,The user uses MySQL with commanding the means of travel comes.A lot of users use graphical user interface all the time in Windows environment (GUI) will operate and manage a database,To commanding a means may be unaccustomed,And a lot of novices are to feel MySQL masters not easily more.Undertake administrative to MySQL database for convenient user,The project afoot that actually early already a few graphs turn user management,They are MySQL Control Center (MySQLCC) , MySQLGUI and PhpMyAdmin.In addition,The figure that use Red Hat also can finish pair of MySQL from the OpenOffice of the belt turns management.

Install MySQL

Before installation, setting and applied graph turn administrative tool,Should install good MySQL server above all.Use the following command to examined this machine to whether install MySQL:
# Rpm -qa | Grep MysqlMysql-server-3.23.54a-11Mysql-3.23.54a-11

The article is all example all comes true in Red Hat 9.0.In Red Hat 9.0,Can pass " software includes management " the program will install MySQL directly.Specific means is preexistence " add or delete software to wrap " interfacial pitch on " SQL database server " ,Choose in detail in " server of Mysql-server - MySQL and relevant file " ,Insert the second piece of CD next,The choice is updated can.Also can use Rpm command to undertake installing through going up from CD directly.Because MySQL server needs the support of Perl language,ability moves normally,When method of a kind of installation after be being used so,The need before installing MySQL installs Perl language and relevant software package first.

After installation is finished,Use the following command to start MySQL server:
#service Mysqld Start

MySQL after installation is finished,Defined Root of a super user beforehand,Countersign is empty.Any users all can use this user to join MySQL database undertakes operating from MySQL server this locality.Apparent this is very insecure,After so MySQL is started,Should install Root password instantly.Setting method is as follows:
#mysqladmin Password 'ylgui'

Installed a new code so:Ylgui.

Whether has MySQL server moved normally?Can undertake examining through enabling a client to carry program Mysql.Should use here above the password of the setting:
# Mysql -u Root -pylgui
Welcome To The MySQL Monitor. Commands End With; Or \g.
Your MySQL Connection Id Is 6 To Server Version: 3.23.54
Type 'help;' Or '\h' For Help. Type '\c' To Clear The Buffer.

Notice,There is blank space between parameter P and password.Screen can show have what database at present:


...

? ? as computer network gain ground,The opportunity that computer virus had fast transmission,And be opposite count those who seize a file to destroy increasingly serious,User need often is opposite important data does the individual different ground backs up.The consideration that is based on much user and data privacy,Offerred solution of system of individual data backup.Characteristic of the high capacity that it uses a network to store equipment is had, high reliability, high security,The space that provides certain capacity for the user will save individual data,The confidential sex that the attributive government that uses software at the same time realizes individual data well.

At present software of server of the FTP below Linux basically has ? ? Wu-FTP and ProFTPD two kinds.Wu-FTP is Red Hat Linux installs software beforehand,But safe flaw is very much.ProFTPD is aimed at the weak sports of Wu-FTP and develop,Divide outside improving security,Still have a lot of characteristics,If install simple, can move with Stand-alone mode etc.After ProFTPD has become afterwards Wu-FTP one of most popular FTP server software.

? ? ProFTPD uses date of Linux user Zhang to run an user before 1.2 version,Although use countersign document.This means is put in a lot of inadequacy,Than with database operation photograph,Of the modification of the addition of user Zhang date, countersign and Zhang date delete appear very complex,And the file cannot support erupt simultaneously read write;In the limits of authority that date of Zhang of the user in Linux has Telnet,Hidden trouble of the existence on safety;Only Root Zhang date can alter countersign document,If use browser means to alter this document,There is certain difficulty on the technology.

The function that ? ? increased database management user in ProFTPD 1.2.4 edition,Support MySQL database only at present,And date of be in debt applies to FTP server only,The hidden trouble on nonexistent safety.The development platform that the article uses is combination of Linux + ProFTPD + MySQL.

? ?Overall design

Tiring-room of ? ? system uses FTP server to provide administrative document function for the user,All sorts of software that can use function of supportive FTP will handle data document.Date of Zhang of solution implementation user applies for automatically to accept, the password is revised,Network administrator can use a browser to manage Zhang date to revise dimensional set limit to, modification countersign to reach delete the function such as Zhang date.

The core of ? ? system is how to use development language to configure ProFTPD dynamicly,The Zhang number that implements numerous to the amount user manages.

? ?The solution is detailed content

The installation of ? ? concerned ProFTPD and the data that configure file content are OK detailed sees systematic documentation,The part that article key introduction and database concern.

? ? 1. Install ProFTPD

? ? (1) installation MySQL database,The installs catalog sign that founds MySQL,Join arrives / Usr/local/mysql.

? ? (2) the configuration before compiling,In adding MySQL and module of dimensional set limit to the option that compile,Code is as follows:

? ? # . / Configure- - With-includes = /usr/local/mysql/include- - With-libraries=/usr/local/mysql/lib/mysql- - With- Modules=mod_sql:mOd_sql_mysql:mOd_quota

? ? 2. Increase an user

? ? founds FTPusers database and Users watch to be used in MySQL save information of FTP Zhang number,Code is as follows:


...

The binary system that the installation of SQUID and MYSQL used SUN to release installs a bag,It can be found in Software_companion_x86 CD;MYSQL_AUTH can be found with GOOGLE search.

One, installation configures SQUID+MYSQL

1. establishs user and group
# Groupadd Squid
# Useradd -g Squid -d /dev/null -s /bin/false Squid
# Groupadd Mysql
# Useradd -g Mysql -s /bin/false Mysql

2.Install MYSQL


...

? ? this problem basically hints is,Cannot connect a server through '/tmp/mysql.sock' ,And Php standard configuration has used '/tmp/mysql.sock' just about,But method of installation of a few Mysql puts Mysql.sock in / the where with other perhaps Var/lib/mysql.sock,You can be passed revise / Etc/my.cnf file will amend it,Open a file,Can see as follows east east:
? ? [Mysqld]
? ? Socket=/var/lib/mysql.sock
It is good that ? ? changes,But also can pose other issues,Did not go up repeatedly like Mysql program,Add a a little bit again:
? ? [Mysql]
? ? Socket=/tmp/mysql.sock
? ? still perhaps can pass the configuration in modification Php.ini to make Php is connected with other Mysql.sock,This him everybody goes searching
? ?
? ? perhaps uses such method:
? ? Ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock
? ?
? ? still has:
The manual of ? ? Phpmyadmin has say
? ? The Error Message "Warning: MySQL Connection Failed: Can't Connect To Local MySQL Server Through Socket '/tmp/mysql.sock' (111) . . . .. Is Displayed. What Can I Do?
? ?
? ? For RedHat Users, harald Legner Suggests This On The Mailing List:
? ?
? ? On My RedHat-Box The Socket Of Mysql Is /var/lib/mysql/mysql.sock. In Your Php.ini You Will Find A Line
? ? Mysql.default_socket = /tmp/mysql.sock
? ? Change It To
? ? Mysql.default_socket = /var/lib/mysql/mysql.sock
? ? Then Restart Apache And It Will Work.
? ?
? ? Here Is A Fix Suggested By Brad Ummer In The Phpwizard Forum:
? ?
? ? First, you Need To Determine What Socket Is Being Used By MySQL.
? ? To Do This, telnet To Your Server And Go To The MySQL Bin Directory. In This Directory There Should Be A File Named Mysqladmin. Type. / Mysqladmin Variables, and This Should Give You A Bunch Of Info About Your MySQL Server, including The Socket (/tmp/mysql.sock, for Example) .
? ? Then, you Need To Tell PHP To Use This Socket.
? ? Assuming You Are Using PHP 3.0.10 Or Better, you Can Specify The Socket To Use When You Open The Connection. To Do This In PhpMyAdmin, you Need To Complete The Socket Information In The Config.inc.php3.
? ? For Example: $cfg['Servers'][$i]['socket'] = '/tmp/mysql.sock';

...

2.1.3 database and watch attributive
The operation that following authority restricted transport uses on database and watch.

ALTER
Allow sentence of your use ALTER TABLE,This is an attributive of simple the first class actually,You must by other attributive,This sees you want what to carry out to operate to the database.
CREATE
Allow you to found database and watch,But do not allow to found index.
DELETE
Allow you to delete existing record from inside the watch.
DROP
Allow you to delete (abandon) database and watch,But do not allow to delete reference.
INDEX
Allow you to found and delete reference.
REFERENCES
At present need not.
SELECT
Allow statement of your use SELECT to retrieve data from inside the watch.Needless to involving the SELECT statement of the watch,Be like SELECT NOW() or SELECT 4/2.
UPDATE
In allowing your modification watch already some records.
2.1.4 manages attributive
Following authority restricted transport is used at controlling a server or the administrative sex of the operation of user accredit ability is operated.

FILE
The document that allows you to tell to the server is read or write server lead plane to go up.This attributive should not award casually,It is very dangerous,See " evasive accredit expresses a risk " .Server really more careful ground maintains this limits of authority is used inside certain limits.The document that you can read anybody only.The file that you are keeping must not be existent file,This prevents you to force service regard highly to keep important file,Be like / Etc/passwd or the data catalog that belong to the database of others.
If attributive of your accredit FILE,Ensure you do not run a server with the Root user of UNIX,Because Root can be in of file system found new document anyplace.If you are not prerogative user with,run a server,The server can be in only the user can found a file in the catalog of the visit.

GRANT
Allow you to grant others yourself's limits of authority,Include GRANT.
PROCESS
Allow you to examine the line Cheng that moving inside the server through using SHOW PROCESS statement or Mysqladmin Process order (process) information.This attributive also allows you to kill line Cheng with KILL statement or Mysqladmin Kill command.
The line Cheng that you always can see or kills yourself.PROCESS attributive gifts the ability that you do these businesses to any line Cheng.

RELOAD
Allow you to carry out many server management to operate.You can issue FLUSH statement,The command such as the Reload that you also can point to sexual Mysqladmin, Refresh, Flush-hosts, Flush-logs, Flush-privileges and Flush-tables.
SHUTDOWN
Allow you to shut a server with Mysqladmin Shutdown.
In User, Db and Host watch,Each attributive is appointed with an alone row.These list full statement to be an ENUM("N" , "Y") type,So the default value of every authority is " N " .The attributive in Tables_priv and Columns_priv expresses with a SET,It allows attributive to be appointed with any combination with a single line.These two watch comparing are other three watches are updated,This is why they use the more effective account that shows pattern.(likely in future,User, Db and Host watch also use type of a SET to express.)

The Table_priv row in Tables_priv watch is become by the definition:

SET('Select' , 'Insert' , 'Update' , 'Delete' , 'Create' , 'Drop' , 'Grant' , 'References' , 'Index' , 'Alter' )
The Column_priv row in Coloums_priv watch is become by the definition:?

SET('Select' , 'Insert' , 'Update' , 'References' )
Row limits of authority is less than expressing attributive,Because list step less limits of authority is significant.For example you can found a watch,But you cannot establish an isolated line.
User watch is included certain the kind that expresses nonexistent attributive in other accredit:File_priv, Process_priv, Reload_priv and Shutdown_priv.These authority restricted transport use at you to let a server carry out with any specific databases or watch irrelvant is operated.What is if allow an user basis,current database will shut a database is fine long hair is insignificant.

How does 2.2 server dominate client visit
When your use MySQL,Client visit control has two level.The first phase happens in you to try to join when the server.The name that the server searchs User watch to see it whether can find an entry to match you, you are in wherefrom the word of command that connective lead plane and you offer.If did not match,You cannot join.If one matchs,Establish link and continue the second phase.In this phase,To the inquiry that each you give out,Watch of server examination accredit sees you whether enough limits of authority carries out inquiry,The second phase lasts to you and the end that the server speaks

...

2.4 need not GRANT installs an user
If you have to antedate the MySQL version of 3.22.11,You cannot use GRANT (or REVOKE) statement setting user and its visit attributive,But the content that you can modify accredit to express directly.If you understand GRANT statement how to revise accredit,express,This is very easy.So you yourself can do same business through issueing INSERT statement by hand.

When you issue statement of a GRANT,You designate an user name and leader name,The likelihood still has countersign.Generate an User souvenir to record to this user,And these value records are in User, Host and Password row.If you are in GRANT statement,appoint global attributive,These attributive records are in the attributive row of the record.Want among them careful is GRANT statement adds close countersign for you,And INSERT is not,You need to use PASSWORD() function to add close countersign in INSERT.

If you appoint database class attributive,The User that user name and leader name are expressed in Db by the record and Host are listed.You are recorded for the database of its accredit in Db row,The attributive record that you award is in attributive row.

To expressing class and row class attributive,The effect is similar.The record is established in Tables_priv and Columns_priv watch in order to record user name, leader name and database,Still have relevant watch and kind.The attributive record that award is in attributive row.

If you still remember the introduction in front,You should can although need not the business that GRANT statement also can do GRANT.When remembering revising accredit to express directly in you,You express accredit of announcement server burden,Otherwise the change that he does not know you.You can carry out a Mysqladmin Flush-privileges or Mysqladmin Reload command forces a burden.If you forget,do this,You will be interrogative why the business that the server does not do you to want to do.

The super user that following GRANT statement founds to own property.The faculty that includes accredit to give others:

GRANT ALL ON * . * TO Anyname@localhost IDENTIFIED BY "passwd "
WITH GRANT OPTION
This statement will be Anyname@localhost to establish a record in User watch,Open all attributive,Because here is super user (overall situation) the place that attributive stores,Should do same business with INSERT statement,The statement is:

INSERT INTO User VALUES(%26quot;localhost%26quot; , "Anyname" , PASSWORD("passwd") ,
"Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" )
You may discover it does not work,The MySQL version that this wants to see you.The structure that accredit expresses has been changed and your User watch in you may do not have 14 attributive to list.Every limits of authority that the accredit watch that finds out you with SHOW COLUMNS contains is listed,The INSERT statement that adjusts you accordingly.The user that following GRANT statement also founds to have super user capacity,But have a single limits of authority only:

GRANT RELOAD ON * . * TO Flush@localhost IDENTIFIED BY "flushpass "
The INSERT statement of this exemple is simpler than before one,It lists name of break the ranks very easily and appoint an attributive to list only.All other row is the setting default "N" :

INSERT INTO User (Host, password, reload) VALUES("localhost" , "Flush" , PASSWORD("flushpass") , "Y" )
Database class attributive uses an ON Db_name. * is clausal and not be ON * . * has authorization:

GRANT ALL ON Sample. * TO Boris@localhost IDENTIFIED BY "ruby "
These attributive are not overall situation,So they do not store in User watch,We still need to establish a record in User watch (make the user can join) ,But we also need to found collection of souvenir of a Db to record database market attributive:
INSERT INTO User (Host, user, password) VALUES("localhost" , "Boris" , PASSWORD("ruby") )

INSERT INTO Db VALUES("localhost" , "Sample_db" , "Boris" , "Y" , "Y" , "Y" , "Y" , "Y" , "Y" , "N" , "Y" , "Y" , "Y" )

"N" row is to be GRANT attributive;The GRANT sentence that has WITH GRANT OPTION to a last database step,You should install this to label "Y" .

...