暂无图片
暂无图片
暂无图片
暂无图片
暂无图片
首页 / openGauss每日一练第5课(用户user) | (【七七】学习内容/心得体会)

openGauss每日一练第5课(用户user) | (【七七】学习内容/心得体会)

原创 qyq2021 2021-12-12
431

学习目标

学习openGauss创建用户、修改用户属性、更改用户权限和删除用户

课程学习

用户是用来登录数据库的,通过对用户赋予不同的权限,可以方便地管理用户对数据
库的访问及操作

连接openGauss

#第一次进入等待15秒
#数据库启动中...
su - omm
gsql -r

1.创建用户

–以下两种设置密码方法等效

CREATE USER jim PASSWORD 'abcd@123';
CREATE USER kim IDENTIFIED BY 'abcd@456';

–用户dim具有创建数据库权限

CREATE USER dim CREATEDB PASSWORD 'abcd@789';

–查看用户

\du


omm=# create user jim password 'abcd@123';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# 
omm=# create user kim identified by 'abcd@456';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# create user dim createdb password 'abcd@789';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# \du
                                                              List of roles
 Role name |                                                    Attributes                                                    | Member of 
-----------+------------------------------------------------------------------------------------------------------------------+-----------
 dim       | Create DB                                                                                                        | {}
 gaussdb   | Sysadmin                                                                                                         | {}
 jim       |                                                                                                                  | {}
 kim       |                                                                                                                  | {}
 omm       | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT | {}

omm=#


2.修改用户属性

–修改密码

ALTER USER jim IDENTIFIED BY 'Abcd@123';

–为用户jim增加CREATEROLE权限

ALTER USER jim CREATEROLE;

–查看用户

\du


omm=# alter user jim identified by 'Abcd@123';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
ALTER ROLE
omm=# alter user jim createrole;
ALTER ROLE
omm=# \du jim
            List of roles
 Role name | Attributes  | Member of 
-----------+-------------+-----------
 jim       | Create role | {}

omm=#


3.授权

–将用户jim的权限授权给用户kim

GRANT jim to kim;

–将sysadmin权限授权给用户dim

GRANT ALL PRIVILEGES TO dim;

–重命名用户dim

alter user dim rename to tim;

–查看用户

\du
omm=# grant jim to kim;
GRANT ROLE
omm=# grant all privileges to dim;
ALTER ROLE
omm=# alter user dim rename to tim;
NOTICE:  MD5 password cleared because of role rename
ALTER ROLE
omm=# \du 
                                                              List of roles
 Role name |                                                    Attributes                                                    | Member of 
-----------+------------------------------------------------------------------------------------------------------------------+-----------
 gaussdb   | Sysadmin                                                                                                         | {}
 jim       | Create role                                                                                                      | {}
 kim       |                                                                                                                  | {jim}
 omm       | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT | {}
 tim       | Create DB, Sysadmin                                                                                              | {}

omm=#

4.回收权限

–撤消kim的权限

REVOKE jim FROM kim;

–撤消用户dim的sysadmin权限

revoke all privilege from tim;

–查看用户

\du

omm=# revoke jim from kim;
REVOKE ROLE
omm=# \du+ tim;                     
                       List of roles
 Role name |     Attributes      | Member of | Description 
-----------+---------------------+-----------+-------------
 tim       | Create DB, Sysadmin | {}        | 

omm=# revoke all privileges from tim;
ALTER ROLE
omm=# \du+ tim;
                  List of roles
 Role name | Attributes | Member of | Description 
-----------+------------+-----------+-------------
 tim       | Create DB  | {}        | 

omm=# \du+ kim
                  List of roles
 Role name | Attributes | Member of | Description 
-----------+------------+-----------+-------------
 kim       |            | {}        | 

omm=#

5.删除用户

drop user tim;
drop user jim;
drop user kim;

课程作业

1.创建用户user1、user2和user3,user1具有CREATEROLE权限,user2具有CREATEDB权限,要求使用两种不同的方法设置密码

omm=# create user user1 createrole identified by 'user1#123';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLEomm=# \du user1;
            List of roles
 Role name | Attributes  | Member of 
-----------+-------------+-----------
 user1     | Create role | {}

omm=#
omm=# create user user2 createdb password 'user2#123';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# \du user2;omm=#            List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user2     | Create DB  | {}

omm=#

2.修改用户user1的密码

omm=# alter user user1 identified by 'User#456';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
ALTER ROLE
omm=#

3.重命名用户user2

omm=# alter user user2 rename to user20;
NOTICE:  MD5 password cleared because of role rename
ALTER ROLE
omm=# \du user20;
omm=#            List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user20    | Create DB  | {}

omm=#


4.将用户user1的权限授权给用户user3,再回收用户user3的权限

omm=# create user user3 identified by 'User3#789';
NOTICE:  The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# \du user3;
           List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user3     |            | {}

omm=# grant user1 to user3;
GRANT ROLE
omm=# \du user3;
           List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user3     |            | {user1}

omm=# revoke all privileges from user3;
ALTER ROLE
omm=# \du user3;
           List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user3     |            | {user1}

omm=# omm=# revoke user1 from user3;
REVOKE ROLE
omm=# \du user3;
           List of roles
 Role name | Attributes | Member of 
-----------+------------+-----------
 user3     |            | {}

omm=#


5.删除所有创建用户
过程中使用\du或\du+查看用户信息

omm=# drop user user1;
DROP ROLE
omm=# drop user user20;
DROP ROLE
omm=# drop user user3;
DROP ROLE
omm=#
opengauss
最后修改时间:2021-12-13 10:22:17
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。

评论