本次课学习的内容是openGauss创建用户、修改用户属性、更改用户权限和删除用户。
用户是用来登录数据库的,通过对用户赋予不同的权限,可以方便地管理用户对数据库的访问及操作。
先进入实训环境,输入su - omm命令和密码连接openGauss。
root@modb:~#
root@modb:~# su - omm
omm@modb:~$ gsql -r
gsql ((openGauss 2.0.0 build 78689da9) compiled at 2021-03-31 21:03:52 commit 0 last mr )
Non-SSL connection (SSL connection is recommended when requiring high-security)
Type "help" for help.
1、创建用户user1、user2和user3,user1具有CREATEROLE权限,user2具有CREATEDB权限,要求使用两种不同的方法设置密码
可以使用\du命令查看当前数据库情况
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
开始创建用户
omm=# CREATE USER user1 CREATEROLE password 'user_123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# CREATE USER user2 CREATEDB password 'user_456';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# CREATE USER user3 IDENTIFIED BY 'user_789';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
使用\du命令查看当前角色
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
user1 | Create role
| {}
user2 | Create DB
| {}
user3 |
| {}
可见任务1已经完成
2、修改用户user1的密码为:usera_123
omm=# ALTER USER user1 IDENTIFIED BY 'usera_123' REPLACE 'user_123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
ALTER ROLE
3、重命名用户user2为:user20
omm=# ALTER USER user2 rename to user20;
NOTICE: MD5 password cleared because of role rename
omm=# ALTER ROLE
4、将用户user1的权限授权给用户user3,再回收用户user3的权限
授权:
omm=# GRANT user1 to user3;
GRANT ROLE
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
user1 | Create role
| {}
user20 | Create DB
| {}
user3 |
| {user1}
回收:
omm=# revoke user1 from user3;
REVOKE ROLE
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
user1 | Create role
| {}
user3 |
| {}
user20 | Create DB
| {}
5、删除所有创建角色,过程中使用\du或\du+查看角色信息
omm=# drop user user1;
DROP ROLE
omm=# drop user user2;
ERROR: role "user2" does not exist
omm=# drop user user20;
DROP ROLE
omm=# drop user user3;
DROP ROLE
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
最后修改时间:2021-12-05 19:21:33
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
