MySQL is a popular open-source relational database management system that is widely used for web development and data-driven applications. When working with MySQL, it’s essential to understand how to create and manage user accounts and grant them specific permissions. This beginner’s tutorial will guide you through the process of adding users and managing permissions in MySQL.
Prerequisites
Before you start, ensure that you have MySQL installed on your system and have administrative privileges (such as the root user). You’ll also need access to a command-line interface to interact with the MySQL server.
Step 1: Accessing the MySQL Server
To begin managing users and permissions in MySQL, you need to access the MySQL server. Open your terminal or command prompt and enter the following command:
mysql -u root -p
You’ll be prompted to enter the root user’s password. Once authenticated, you’ll have access to the MySQL command-line interface.
Step 2: Creating a New MySQL User
Now, let’s create a new MySQL user. You can do this using the CREATE USER command. Replace new_user and password with your desired username and password:
CREATE USER 'new_user'@'localhost' IDENTIFIED BY 'password';
This command creates a new user named ‘new_user’ with the specified password. The ‘@’localhost’ part specifies that this user can only connect from the local machine. If you want to allow connections from any host, use ‘%’ instead of ‘localhost’.
Step 3: Granting Permissions
After creating a user, you’ll want to grant them specific permissions to interact with your databases. The GRANT statement is used for this purpose. Here’s an example of granting all privileges on a specific database to the user:
GRANT ALL PRIVILEGES ON your_database.* TO 'new_user'@'localhost';
This command grants all privileges (including SELECT, INSERT, UPDATE, DELETE, and more) on the ‘your_database’ database to the ‘new_user’ from the localhost.
Step 4: Applying the Changes
Once you’ve created the user and granted permissions, you need to apply the changes by running:
FLUSH PRIVILEGES;
This command ensures that the changes take effect immediately.
Step 5: Verifying User Permissions
You can check the user’s privileges by using the SHOW GRANTS command. Replace ‘new_user’@’localhost’ with the user and host you’re interested in:
SHOW GRANTS FOR 'new_user'@'localhost';
This command will display a list of the permissions granted to the user.
Step 6: Deleting a User and Revoking Permissions (Optional)
In certain scenarios, you might need to remove a user’s account and revoke the permissions previously granted. This step is optional but should be executed with care, as it can affect your MySQL database’s functionality.
To remove a user and revoke their permissions, you can use the following commands as examples:
- To revoke all privileges granted to a user on a specific database:
REVOKE ALL PRIVILEGES ON your_database.* FROM 'user_to_remove'@'localhost';
Replace ‘your_database’ with the database name and ‘user_to_remove’@’localhost’ with the user and host you wish to remove privileges from.
- To completely delete a user:
DROP USER 'user_to_remove'@'localhost';
This command removes the user account entirely from the MySQL server, including all associated privileges.
Always exercise caution when deleting users and revoking permissions, as unintended consequences can disrupt your database operations.
Conclusion
Managing users and permissions in MySQL is a fundamental skill for database administrators and developers. This beginner’s tutorial has walked you through the process of creating a new MySQL user, granting them permissions, and verifying their access. As you continue to work with MySQL, you’ll gain more experience in fine-tuning user privileges to meet your application’s needs.
4 Comments
Thanks this was very helpful for me.
I am trying this section, but when i put in the first GRANT ALL ON command, it goes to a subsection, which i believe is an input request. i have no idea what it wants, ive tried password and username but nope. It looks like
MariaDB [(None)] > GRANT ALL ON owncloud.* to ‘owncloud’@’localhost’ IDENTIFIED BY ‘Secret_Password’
-> //this is blank, but if i type here, it just keeps it an makes a new line, like this
->
Im guessing this is a simple case of not knowing Ubuntu very well, or something similar. Sorry, for the time 🙂
Nevermind haha. I had previously done it and it had somewhat worked, i had just gone to test it and thought it hadnt. I used the correct internal IP to access the server and it works perfect. Thanks if you read my comment anyway, have fun 🙂
Hi Peter,
Command looks fine. Just make sure you are using correct single quotes (‘) and semi colon (;) at end of query.