你好，我用这段代码在mysql有超级用户

GRANT EXECUTE, PROCESS, SELECT, SHOW DATABASES, SHOW VIEW, ALTER, ALTER ROUTINE,
    CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP,
    EVENT, INDEX, INSERT, REFERENCES, TRIGGER, UPDATE, CREATE USER, FILE,
    LOCK TABLES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHUTDOWN,
    SUPER
        ON *.* TO mysql@'%'
    WITH GRANT OPTION;

然后

FLUSH PRIVILEGES;

你好，我用这段代码在mysql有超级用户

GRANT EXECUTE, PROCESS, SELECT, SHOW DATABASES, SHOW VIEW, ALTER, ALTER ROUTINE,
    CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP,
    EVENT, INDEX, INSERT, REFERENCES, TRIGGER, UPDATE, CREATE USER, FILE,
    LOCK TABLES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHUTDOWN,
    SUPER
        ON *.* TO mysql@'%'
    WITH GRANT OPTION;

然后

FLUSH PRIVILEGES;

这是一个老问题，但我不认为公认的答案是安全的。它适合创建超级用户，但不适合在单个数据库上授予特权。

grant all privileges on mydb.* to myuser@'%' identified by 'mypasswd';
grant all privileges on mydb.* to myuser@localhost identified by 'mypasswd';

%似乎不包括套接字通信，这是本地主机的目的。WITH GRANT OPTION仅适用于超级用户，否则通常存在安全风险。

MySQL 5.7+的更新提示如下:

使用GRANT语句修改现有用户的属性 Privileges已弃用，将在未来的版本中删除。使用 ALTER USER语句用于此操作。

所以设置密码应该用单独的命令。感谢来自@ scare -wombat的评论。

ALTER USER 'myuser'@'%' IDENTIFIED BY 'mypassword';
ALTER USER 'myuser'@'localhost' IDENTIFIED BY 'mypassword';

这个SQL只授予所有数据库的基本权限。它们对于Drupal或Wordpress来说已经足够了，而且还允许一个开发人员帐户用于本地项目。

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, 
    INDEX, ALTER, CREATE TEMPORARY TABLES 
ON *.* TO 'username'@'localhost' IDENTIFIED BY 'password';

仅从远程服务器访问mydb数据库

GRANT ALL PRIVILEGES ON mydb.* TO 'root'@'192.168.2.21';

从远程服务器访问所有数据库。

GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.2.21';

我可以使它只通过添加GRANT OPTION工作，没有总是接收许可拒绝错误

GRANT ALL PRIVILEGES ON mydb.* TO 'myuser'@'localhost' WITH GRANT OPTION;