네트워킹

오늘:
1,035
어제:
2,474
전체:
2,778,935

고객센타 : 070-7752-2000
팩스 : 070-7752-2001
휴대폰 : 010-9513-0019
email : voipkorea@yahoo.co.kr

국민은행
(주)제이에스솔루션
047101-04-155519

Flag Counter
■ 무료 : 유선 집전화 휴대폰 ( 한국 미국 중국 카나다) ↔ (국내 해외 여행자 상사 주재원 유학생) / 가입무 무제한무료■

https://mariadb.com/kb/en/the-mariadb-library/create-user/


CREATE [OR REPLACE] USER [IF NOT EXISTS] 
 user_specification [,user_specification] ...
  [REQUIRE {NONE | tls_option [[AND] tls_option] ...}]
  [WITH resource_option [resource_option] ...]

user_specification:
  username [authentication_option]

authentication_option:
  IDENTIFIED BY 'authentication_string' 
  | IDENTIFIED BY PASSWORD 'hash_string'
  | IDENTIFIED {VIA|WITH} authentication_plugin
  | IDENTIFIED {VIA|WITH} authentication_plugin BY 'authentication_string'
  | IDENTIFIED {VIA|WITH} authentication_plugin {USING|AS} 'hash_string'

tls_option:
  SSL 
  | X509
  | CIPHER 'cipher'
  | ISSUER 'issuer'
  | SUBJECT 'subject'

resource_option:
  MAX_QUERIES_PER_HOUR count
  | MAX_UPDATE_PER_HOUR count
  | MAX_CONNECTIONS_PER_HOUR count
  | MAX_USER_CONNECTIONS count

Description

The CREATE USER statement creates new MariaDB accounts. To use it, you must have the global CREATE USER privilege or the INSERT privilege for the mysql database. For each account, CREATE USER creates a new row in the mysql.user table that has no privileges.

See Account Names below for details on how account names are specified.

If any of the specified user accounts already exist, ERROR 1396 (HY000)results. If an error occurs, CREATE USER will still create the accounts that do not result in an error. Only one error is produced for all users which have not been created:

ERROR 1396 (HY000): 
  Operation CREATE USER failed for 'u1'@'%','u2'@'%'

Failed CREATE or DROP operations, for both users and roles, produce the same error code.

The account can be given a password with the optional IDENTIFIED BY clause. To specify the password in plain text, omit the PASSWORD keyword. To specify the password as the hashed value as returned by the PASSWORD function, include the PASSWORD keyword.

If you do not specify a password with the IDENTIFIED BY clause, the user will be able to connect without a password. A blank password is not a wildcard to match any password. The user must connect without providing a password if no password is set.

If you specify a plugin using the VIA clause, the plugin name must be an active authentication plugin as per show plugins. If it doesn't show up you will need to install it with INSTALL PLUGIN or install-soname). Some plugins require a plugin_option (like mysql_native_password).

OR REPLACE

MariaDB starting with 10.1.3

If the optional OR REPLACE clause is used, it acts as a shortcut for:

DROP USER IF EXISTS name;
CREATE USER name ...;

IF NOT EXISTS

MariaDB starting with 10.1.3

When the IF NOT EXISTS clause is used, MariaDB will return a warning instead of an error if the specified user already exists.

MAX_*_PER_HOUR

MariaDB starting with 10.2.0

Limit to the number of queries, updates or connections the user can place or make per hour. The query count excludes results returned from the query cache. If set to zero, the default, no limit is imposed.

MAX_USER_CONNECTIONS

MariaDB starting with 10.2.0

Limit to the number of simultaneous connections that the user can hold. If set to zero, the default, no limit is imposed.

tls_options

MariaDB starting with 10.2.0

MariaDB 10.2.0 introduced a number of tls options.

SSL

Specifies that the server will only permit encrypted TLS connections for the user.

X509

Requires the client to have a valid certificate whose signature can be verified with one of the CA certificates, although the issuer, subject and exact certificate are not checked. Implies encryption, so there's no need for the SSL option.

ISSUER

Requires the client to have a valid certificate issued by the specified issuer. Implies encryption, so there's no need for the SSL option. The client must specify the --ssl-key and --ssl-cert options to connect, and it is also recommended that the --ssl-ca option be specified in order to verify the server's public certificate.

SUBJECT

Requires the client to have a valid certificate with the specified subject. Implies encryption, so there's no need for the SSL option. The client must specify the --ssl-key and --ssl-cert options to connect, and it is also recommended that the --ssl-ca option be specified in order to verify the server's public certificate.

CIPHER

Specifies that a specific cipher method is used for encrypting connections.

Account Names

Account names have both a user name and a host name, and are specified as 'user_name'@'host_name'.

When you connect to a MariaDB server, your user name and host must match a single account.

The user name and host name may be unquoted, quoted as strings using double quotes (") or single quotes ('), or quoted as identifiers using backticks (`). You must use quotes when using special characters (such as a hyphen) or wildcard characters. If you quote, you must quote the user name and host name separately (for example 'user_name'@'host_name').

Host Names

If the host name is not provided, it is assumed to be '%'.

Host names may contain the wildcard characters % and _. They are matched as if by the LIKE clause. If you need to use a wildcard character literally (for example, to match a domain name with an underscore), prefix the character with a backslash. See LIKE for more information on escaping wildcard characters.

Host name matches are case-insensitive. Host names can match either domain names or IP addresses. Use 'localhost' as the host name to allow only local client connections.

You can use a netmask to match a range of IP addresses using 'base_ip/netmask' as the host name. A user with an IP address ip_addr will be allowed to connect if the following condition is true:

ip_addr & netmask = base_ip

You can only use netmasks that specify a multiple of 8 bits of the address to match. That is, only the following netmasks are allowed:

255.0.0.0
255.255.0.0
255.255.255.0
255.255.255.255

Using 255.255.255.255 is equivalent to not using a netmask at all.

User Names

User names must match exactly, including case. You can use the empty string to allow a user with any user name.

It is possible for more than one account to match when a user connects. MariaDB selects the first matching account after sorting according to the following criteria:

  • Accounts with an exact host name are sorted before accounts using a wildcard in the host name. Host names using a netmask are considered to be exact for sorting.
  • Accounts with a wildcard in the host name are sorted according to the position of the first wildcard character. Those with a wildcard character later in the host name sort before those with a wildcard character earlier in the host name.
  • Accounts with a non-empty user name sort before accounts with an empty user name.

The following table shows a list of example account as sorted by these criteria:

+---------+-------------+
| User    | Host        |
+---------+-------------+
| joffrey | 192.168.0.3 |
|         | 192.168.0.% |
| joffrey | 192.168.%   |
|         | 192.168.%   |
+---------+-------------+

Once connected, you only have the privileges granted to the account that matched, not all accounts that could have matched. For example, consider the following commands:

CREATE USER 'joffrey'@'192.168.0.3';
CREATE USER 'joffrey'@'%';
GRANT SELECT ON test.t1 to 'joffrey'@'192.168.0.3';
GRANT SELECT ON test.t2 to 'joffrey'@'%';

If you connect as joffrey from 192.168.0.3, you will have the SELECT privilege on the table test.t1, but not on the table test.t2. If you connect as joffrey from any other IP address, you will have the SELECT privilege on the table test.t2, but not on the table test.t1.

MariaDB starting with 5.5.31

Beginning with MariaDB 5.5.31, usernames can be up to 80 characters long. However, in order to enable this feature, the following schema changes must be made:

alter table mysql.user         modify User         char(80)  binary not null default '';
alter table mysql.db           modify User         char(80)  binary not null default '';
alter table mysql.tables_priv  modify User         char(80)  binary not null default '';
alter table mysql.columns_priv modify User         char(80)  binary not null default '';
alter table mysql.procs_priv   modify User         char(80)  binary not null default '';
alter table mysql.proc         modify definer      char(141) collate utf8_bin not null default '';
alter table mysql.event        modify definer      char(141) collate utf8_bin not null default '';
alter table mysql.proxies_priv modify User         char(80)  COLLATE utf8_bin not null default '';
alter table mysql.proxies_priv modify Proxied_user char(80)  COLLATE utf8_bin not null default '';
alter table mysql.proxies_priv modify Grantor      char(141) COLLATE utf8_bin not null default '';
alter table mysql.servers      modify Username     char(80)                   not null default '';
alter table mysql.procs_priv   modify Grantor      char(141) COLLATE utf8_bin not null default '';
alter table mysql.tables_priv  modify Grantor      char(141) COLLATE utf8_bin not null default '';

flush privileges;

Examples

CREATE USER foo2@test IDENTIFIED BY 'password';

tls options, from MariaDB 10.2.0:

CREATE USER 'foo4'@'test' 
  REQUIRE ISSUER 'foo_issuer' 
  SUBJECT 'foo_subject' 
  CIPHER 'text'

Resource limits, from MariaDB 10.2.0

CREATE USER foo 
  WITH MAX_QUERIES_PER_HOUR 10
  MAX_UPDATES_PER_HOUR 20
  MAX_CONNECTIONS_PER_HOUR 30
  MAX_USER_CONNECTIONS 40;

OR REPLACE and IF NOT EXISTS:

CREATE USER foo2@test IDENTIFIED BY 'password';
ERROR 1396 (HY000): Operation CREATE USER failed for 'foo2'@'test'

CREATE OR REPLACE USER foo2@test IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

CREATE USER IF NOT EXISTS foo2@test IDENTIFIED BY 'password';
Query OK, 0 rows affected, 1 warning (0.00 sec)

SHOW WARNINGS;
+-------+------+----------------------------------------------------+
| Level | Code | Message                                            |
+-------+------+----------------------------------------------------+
| Note  | 1973 | Can't create user 'foo2'@'test'; it already exists |
+-------+------+----------------------------------------------------+
1 row in set (0.00 sec

See also

조회 수 :
407
등록일 :
2017.09.01
08:41:14 (*.160.88.18)
엮인글 :
http://webs.co.kr/index.php?document_srl=3311499&act=trackback&key=8bc
게시글 주소 :
http://webs.co.kr/index.php?document_srl=3311499
List of Articles
번호 제목 글쓴이 날짜 조회 수
55 Sqlite very detail easy tutorial I recommand this admin 2017-09-09 403
54 mysql 로컬접속 풀고 특정 아이피 접속 허가 허락 가능 하게 설정 하는 방법 admin 2017-09-05 402
53 linux command chmod 리눅스 명령어 가장 쉽게 이해하기 설명 사용자 구룹 타인 권한 admin 2017-09-05 412
» mariadb CREATE USER CREATE USER statement creates new MariaDB accounts. admin 2017-09-01 407
51 MySQL 데이터 베이스 백업 및 복구 방법 admin 2017-09-01 424
50 Allowing MySQL Root Login from All IP Addresses : admin 2017-08-17 358
49 Installation of MySQL Database Server admin 2017-08-17 380
48 mysql 쿼리 로그 남기기 (실시간) admin 2015-04-15 3357
47 SQL Delete records using subqueries admin 2015-04-03 3352
46 Mysql privilege table GRANT SELECT,INSERT,UPDATE,DELETE ON db.table admin 2015-04-02 3528
45 안드로이드 SQLite 속도 향상! insert Transaction admin 2014-04-07 13743
44 MySQL에 원격 접속 허용 여러가지 아이피 아이피대역으로 admin 2014-04-02 10809
43 10gR2_sles10_install file admin 2014-03-18 8828
42 this is final answer assets sqlite Databases trouble copy External DB, check eclips admin 2014-02-18 9270
41 Browse SQLite data on the Android emulator admin 2014-02-15 10808
40 SQLite Database Browser file admin 2014-02-14 9656
39 SQLite Databases using External DB admin 2014-02-14 13791
38 sqlite DB copy admin 2014-02-14 9598
37 Android SQLite Database with Multiple Tables admin 2014-02-13 9106
36 Android Simple Clean Good SQLite Database Tutorial 잘된 설명 admin 2014-02-13 9811
35 android sqlite 사용하기 admin 2014-02-10 13846
34 SQLite 개발가이드 데이터베이스의 성능 admin 2014-02-10 15510
33 android - 다수의 Insert 수행시 속도 향상을 위한 팁 sQlite admin 2014-02-10 10346
32 Oracle Linux 에 Oracle DB 설치하기 admin 2013-12-03 13294
31 PreparedStatement mysql java 깔끔한설명 admin 2013-10-26 16330
30 Connect Excel VBA to a MySQL database file admin 2013-09-05 12361
29 Configuring Oracle ASM disks in Oracle Enterprise Linux admin 2013-04-20 10724
28 OS에따른 Oracle 설치버전 admin 2013-04-08 11828
27 RHEL4 + 10g 설치 _silent mode admin 2013-04-08 11710
26 OLE5 + 11G 설치 _silent mode admin 2013-04-08 14874
25 WHERE 조건절 검색시 서브쿼리는 어떻게? admin 2013-04-01 11402
24 CDR 추출 저장 Inner Join 사용 Sql 문 admin 2013-02-05 11720
23 SUPER OCM 1.8club admin 2012-12-18 11108
22 MySQL Java tutorial admin 2012-09-30 16170
21 Oracle 10g Articles admin 2012-06-24 12868
20 기본 10g 설치의 리눅스 세팅에서 추가 해줘야하는 사항(윈도우) admin 2012-06-24 13959
19 SUSE Linux Enterprise Server 10 (Oracle 10g R2 (10.2.0.1)) file admin 2012-03-09 12874
18 Upgrade Oracle from 10.2.0.1 To 10.2.0.4 (Windows) admin 2012-03-06 17942
17 Upgrade Oracle 10g Release 2 from 10201 to 10204 admin 2012-03-05 25442
16 centos 6.2 oracle 10g 설치 admin 2012-03-05 28470
15 Oracle RHEL4+10G 10.2.0.1 설치 10.2.0.5 패치 admin 2012-03-03 17835
14 Oracle Backup & restore with RMAN 기본 admin 2012-02-12 13136
13 오라클 ACE가 해설하는 Oracle Backup & Recovery admin 2012-02-07 13010
12 Oracle Backup & Restore admin 2012-02-07 17416
11 http://www.hoons.kr/ admin 2011-12-19 13068
10 Java && Excel 연동 JAVA 자바로 엑셀을 핸들링 할 수 있는 방법 admin 2011-12-19 32815
9 (C#) ASP.NET MySQL Check Already Exists Add/Insert Record 프로그래밍 코드 admin 2011-12-19 13355
8 xhost and display admin 2011-12-16 12237
7 Oracle 설치 Centos ,openSUSE,엔터프라이즈등 퍼온글 admin 2011-12-16 14162
6 Oracle 의 ASM 구조 알아보기.. admin 2011-12-16 17632