我已经创建了一个用户,并赋予了user1特权。
`grant all privileges on db1.* to user1@'%' with grant option;我正在使用mysql工作台将转储导入到我的数据库中。将转储导入数据库db1时,发生错误,指出
ERROR 1227 (42000) at line 49: Access denied; you need (at least one of) the SUPER privilege(s) for this operation在该转储中,所有表均已成功导入,但是在将例程导入数据库时发生错误。我赋予用户1的特权有什么问题。请指教。
Answers:
在政治上正确的意义上,您所要求的是不可能的。为什么呢
该SUPER权限是一个全球性的特权,而不是数据库级别的特权。
当您使用创建用户时
grant all privileges on db1.* to user1@'%' with grant option;您mysql.user使用user = user1和host ='%' 填充了表。所有其他列(全局特权)均默认为“ N”。这些列之一是Super_priv。表格如下:
mysql> desc mysql.user;
+------------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_tablespace_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) unsigned | NO | | 0 | |
| plugin | char(64) | YES | | | |
| authentication_string | text | YES | | NULL | |
| password_expired | enum('N','Y') | NO | | N | |
+------------------------+-----------------------------------+------+-----+---------+-------+
43 rows in set (0.00 sec)
mysql>Super_priv紧接着出现Show_db_priv。
数据库级别的特权已填充到中mysql.db。就这个:
mysql> desc mysql.db;
+-----------------------+---------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------------+---------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| Db | char(64) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
+-----------------------+---------------+------+-----+---------+-------+
22 rows in set (0.00 sec)
mysql>请注意,Super_priv中不存在mysql.db。
为了以纯SQL的方式可视化,以user1身份登录并运行SHOW GRANTS;输出将有两行:
GRANT USAGE ON *.* TO user1@'%' ...GRANT ALL PRIVILEGES ON db1.* TO user1@'%' ...有可以尝试的技巧,但我通常不建议这样做。
步骤01)以root @ localhost身份登录mysql(应该具有所有privs)
步骤02)运行此查询
UPDATE mysql.user SET Super_Priv='Y' WHERE user='user1' AND host='%';步骤03)运行此查询
FLUSH PRIVILEGES;理论上应该可行。然后,user1可能会工作(我不做任何保证)。
Metafaniel刚刚问
很好的解释,谢谢。但是,如果您不建议采用这种方法来解决问题,那么最好的其他方法是让用户拥有此Super_priv?谢谢!– Metafaniel
由于只有数据库访问权限的用户不能拥有SUPER,因此唯一可以做的就是在转储中手动更改DEFINER。基本的想法是将mysql仅将例程转储到文本文件中。然后,将定义器编辑为user1@'%'。然后,您应该可以重新加载。
Oct 02, 2011:mysqldump可以转储触发器和程序吗?Jul 25, 2011:如果mysqldump中不存在,则存在DROP PROCEDUREJul 25, 2011:仅转储MySQL中的存储过程同样的观点
Mar 23, 2012:MySQL视图授权Jul 26, 2011:在许多视图上修改DEFINER