MySQL 出现 DROP USER;但用户仍然存在于 mysql.users 表中
我刚刚在 Mac OS X 10.6.6 上安装了 MySQL 社区服务器 (5.5.8)。
我一直遵循安全安装的规则(为 root 分配密码、删除匿名帐户等),但是,有一个用户帐户我无法删除:
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql> drop user ''@'My-Computer-Hostname.local';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql>
如您所见,MySQL 在执行以下命令时没有报告错误 : DROP USER 命令,但实际上并没有删除用户!
我也尝试从 phpMyAdmin (3.3.9) 中删除用户,并产生相同的结果(即报告成功,没有错误消息,用户未删除)。
我对此进行了研究,有些人建议 GRANT 可能会阻止 DROP USER 命令,但是,该用户没有 GRANT 权限:
mysql> SHOW GRANTS FOR ''@'My-Computer-Hostname.local';
+-----------------------------------------------------------+
| Grants for @my-computer-hostname.local |
+-----------------------------------------------------------+
| GRANT USAGE ON *.* TO ''@'my-computer-hostname.local' |
+-----------------------------------------------------------+
1 row in set (0.00 sec)
mysql> REVOKE GRANT OPTION ON *.* FROM ''@'My-Computer-Hostname.local';
ERROR 1141 (42000): There is no such grant defined for user '' on host 'my-computer-hostname.local'
之后我尝试再次删除该用户,但它也没有删除/删除该用户。
我检查了 MySQl 错误日志,里面没有任何异常。
MySQL手册提示可以删除所有匿名账户,那为什么我不能删除这个呢?
I've just installed MySQL Community server (5.5.8) on Mac OS X 10.6.6.
I've been following the rules for a secure install (assign password to root, delete anonymous accounts, etc), however, there is one user account which I can't DROP:
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql> drop user ''@'My-Computer-Hostname.local';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> select host, user from mysql.user;
+--------------------------------+------+
| host | user |
+--------------------------------+------+
| 127.0.0.1 | root |
| ::1 | root |
| My-Computer-Hostname.local | |
| My-Computer-Hostname.local | root |
| localhost | root |
| localhost | web |
+--------------------------------+------+
6 rows in set (0.00 sec)
mysql>
As you can see, MySQL reports no errors when executing the DROP USER command, but doesn't actually delete the user!
I've tried also deleting the user from within phpMyAdmin (3.3.9) and that produced the same results (i.e. reported success, no error messages, user not deleted).
I've researched this and some people suggest that GRANT may be blocking the DROP USER command, however, the user has no GRANT privileges:
mysql> SHOW GRANTS FOR ''@'My-Computer-Hostname.local';
+-----------------------------------------------------------+
| Grants for @my-computer-hostname.local |
+-----------------------------------------------------------+
| GRANT USAGE ON *.* TO ''@'my-computer-hostname.local' |
+-----------------------------------------------------------+
1 row in set (0.00 sec)
mysql> REVOKE GRANT OPTION ON *.* FROM ''@'My-Computer-Hostname.local';
ERROR 1141 (42000): There is no such grant defined for user '' on host 'my-computer-hostname.local'
I tried dropping the user again after that but it didn't drop/delete the user either.
I've checked my MySQl error logs and there's nothing unusual in there.
The MySQL manual suggests that it is possible to delete all anonymous accounts, so why can't I delete this one?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
或者,只删除匿名数据库而不删除根目录:
mysql>从 mysql.user 删除,其中 User='' AND Host='my-computer-hostname.local';
57 年 1 月 5 日为我工作。
Or, to delete just the anonymous one and not the root as well:
mysql> DELETE FROM mysql.user WHERE User='' AND Host='my-computer-hostname.local';
Worked for me on 5.1.57.
由于您的大写字符,这是一个已知的错误: http://bugs.mysql.com/ bug.php?id=62255
使用用户 douger 的建议作为解决方法
This is a known bug due to your uppercase characters: http://bugs.mysql.com/bug.php?id=62255
Use the suggestion from user douger as a workaround
您仍然可以从用户表中删除记录:
mysql> DELETE FROM user WHERE host='my-computer-hostname.local';查询正常,2行受影响(0.00秒)此方法在 MySQL 4.1 之前使用...
You can still delete the records from the user table:
mysql> DELETE FROM user WHERE host='my-computer-hostname.local';Query OK, 2 rows affected (0.00 sec)This method was used prior to MySQL 4.1...
MySQL 包含一个匿名用户帐户,允许任何人在没有用户帐户的情况下连接到 MySQL 服务器。这仅用于测试,应在数据库服务器投入生产环境之前删除。
对 MySQL 服务器运行以下 SQL 脚本以删除匿名用户帐户:
对权限/用户帐户进行更改后,请确保使用以下命令刷新权限表:
MySQL includes an anonymous user account that allows anyone to connect into the MySQL server without having a user account. This is meant only for testing, and should be removed before the database server is put into a production environment.
Run the following SQL script against the MySQL server to remove the anonymous user account:
After making changes to permissions/user accounts, make sure you flush the provilege tables using the following command: