openGauss创建用户、修改用户属性、更改用户权限和删除用户练习
1.创建用户
–以下两种设置密码方法等效
omm=# CREATE USER jim PASSWORD 'abcd@123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# CREATE USER kim IDENTIFIED BY 'abcd@456';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
–用户dim具有创建数据库权限
omm=# CREATE USER dim CREATEDB PASSWORD 'abcd@789';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
–查看用户
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
dim | Create DB
| {}
gaussdb | Sysadmin
| {}
jim |
| {}
kim |
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
2.修改用户属性
–修改密码
omm=# ALTER USER jim IDENTIFIED BY 'Abcd@123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
ALTER ROLE
–为用户jim增加CREATEROLE权限
omm=# ALTER USER jim CREATEROLE;ALTER ROLE
–查看用户
omm=# \duList of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
dim | Create DB
| {}
gaussdb | Sysadmin
| {}
jim | Create role
| {}
kim |
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
3.授权
–将用户jim的权限授权给用户kim
omm=# GRANT jim to kim;
GRANT ROLE
–将sysadmin权限授权给用户dim
omm=# GRANT ALL PRIVILEGES TO dim;
ALTER ROLE
–重命名用户dim
omm=# alter user dim rename to tim;NOTICE: MD5 password cleared because of role rename
ALTER ROLE
–查看用户
omm=# \duList of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
jim | Create role
| {}
kim |
| {jim}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
tim | Create DB, Sysadmin
| {}
4.回收权限
–撤消kim的权限
omm=# REVOKE jim FROM kim;
REVOKE ROLE
–撤消用户dim的sysadmin权限
omm=# revoke all privilege from tim;ALTER ROLE
–查看用户
omm=# \duList of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
jim | Create role
| {}
kim |
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
tim | Create DB
| {}
5.删除用户
omm=# drop user tim;
DROP ROLE
omm=# drop user jim;
DROP ROLE
omm=# drop user kim;
DROP ROLE
操作截图:
课程作业
1.创建用户user1、user2和user3,user1具有CREATEROLE权限,user2具有CREATEDB权限,要求使用两种不同的方法设置密码
omm=# CREATE user user1 PASSWORD 'user@123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# ALTER USER user1 CREATEROLE;
ALTER ROLE
omm=# CREATE USER user2 CREATEDB IDENTIFIED BY 'user@123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
omm=# CREATE USER user3 IDENTIFIED BY 'user@123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
CREATE ROLE
2.修改用户user1的密码
omm=# ALTER USER user1 IDENTIFIED BY 'user.123';
NOTICE: The encrypted password contains MD5 ciphertext, which is not secure.
ALTER ROLE
3.重命名用户user2
omm=# alter user user2 rename to user2new;
NOTICE: MD5 password cleared because of role rename
ALTER ROLE
4.将用户user1的权限授权给用户user3,再回收用户user3的权限
omm=# GRANT user1 to user3;
GRANT ROLE
omm=# GRANT ALL PRIVILEGES TO user3;
ALTER ROLE
5.删除所有创建用户
过程中使用\du或\du+查看用户信息
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
user1 | Create role
| {}
user2new | Create DB
| {}
user3 | Sysadmin
| {user1}
omm=# \du+ user1;
List of roles
Role name | Attributes | Member of | Description
-----------+-------------+-----------+-------------
user1 | Create role | {} |
omm=# \du+ user2;
List of roles
Role name | Attributes | Member of | Description
-----------+------------+-----------+-------------
omm=# \du+ user3;
List of roles
Role name | Attributes | Member of | Description
-----------+------------+-----------+-------------
user3 | Sysadmin | {user1} |
omm=# drop user user1;
DROP ROLE
omm=# drop user user2new;
DROP ROLE
omm=# drop user user3;
DROP ROLE
omm=# \du
List of roles
Role name | Attributes
| Member of
-----------+------------------------------------------------------------------------------------------------------------------
+-----------
gaussdb | Sysadmin
| {}
omm | Sysadmin, Create role, Create DB, Replication, Administer audit, Monitoradmin, Operatoradmin, Policyadmin, UseFT
| {}
操作截图:
