mysql不同版本mysql权限管理有区别吗_mysql版本差异解析

MySQL 5.7 和 8.0 的权限表结构完全不同

MySQL 8.0 彻底重构了权限系统，

mysql.user

password

authentication_string

plugin

mysql_native_password

caching_sha2_password

mysql.user

CREATE USER 'u'@'%' IDENTIFIED BY 'p'; GRANT SELECT ON db.* TO 'u'@'%';

caching_sha2_password

Authentication plugin 'caching_sha2_password' cannot be loaded

IDENTIFIED WITH mysql_native_password BY 'p'

default_authentication_plugin=mysql_native_password

CREATE USER 和 GRANT 在 8.0 中行为更严格

MySQL 8.0 默认启用

sql_mode=STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION

GRANT SELECT ON *.* TO 'u'@'%';

ERROR 1410 (42000): You are not allowed to create a user with GRANT

CREATE USER

GRANT

GRANT

GRANT SELECT ON db.t TO 'u'@'%' IDENTIFIED BY 'p';

CREATE USER 'u'@'%' IDENTIFIED BY 'p';

GRANT SELECT ON db.t TO 'u'@'%';

SELECT user,host,plugin FROM mysql.user;

角色（ROLE）功能只在 8.0+ 原生支持

MySQL 5.7 没有角色概念，权限只能绑给具体用户；8.0 引入

CREATE ROLE

GRANT ... TO role_name

SET DEFAULT ROLE

SHOW GRANTS FOR 'role_name'@'%'

SHOW GRANTS FOR 'role_name';

GRANT role_name TO 'u'@'%';

SET ROLE role_name;

REVOKE

mysqldump --all-databases

SELECT * FROM mysql.role_edges;

mysql.default_roles;

performance_schema 和 sys schema 的权限访问逻辑变了

在 5.7 中，只要用户有

SELECT

performance_schema

performance_schema

SELECT

GRANT SELECT ON performance_schema.* TO 'u'@'%';

sys

performance_schema

information_schema

sys.schema_table_statistics

performance_schema

information_schema

INNODB_TRX

PROCESS

SELECT

PROCESS

REPLICATION CLIENT

GRANT ALL

实际升级前务必在测试环境用

mysql_upgrade

mysqld --upgrade=FORCE

plugin

authentication_string

role_edges