(1) 查看當(dāng)前已存在賬戶
mysql> select user,host,password  from  mysql.user; 或下面的命令
#mysql> sELECT DISTINCT CONCAT('User: ''',user,'''@''',host,''';') AS query FROM mysql.user; 
+---------------------------------------+
| query                                 |
+---------------------------------------+
| User: 'root'@'127.0.0.1';             |   #不要刪
| User: 'wenqiang'@'172.16.1.%';        |
| User: 'root'@'localhost';             |   #不要刪
| User: 'root'@'localhost.localdomain'; |
+---------------------------------------+
4 rows in set (0.00 sec)

mysql> drop user wenqiang@'172.16.1.%';     #刪除不需要的用戶



(2) 授權(quán)用戶時盡量不要使用%(該符號表示用戶可以從任何地方都可以登陸)
授權(quán)格式：grant 權(quán)限 on 數(shù)據(jù)庫.* to 用戶名@用戶所在網(wǎng)段 identified by "密碼";
#只允許root用戶從10.0.0.10登陸mysql并授予全庫訪問權(quán)限，同時為root用戶設(shè)置密碼123456
mysql> grant all on *.* to root@'10.0.0.10' identified by '123456'; 

#這種情況是只授權(quán)，root用戶可以使用空密碼從本地登錄
mysql> grant all on *.* to root@'localhost';

#這種情況是root用戶可以從本地登錄，同時設(shè)置密碼abc123（root用戶可以設(shè)置多套登錄密碼）
mysql> grant all on *.* to root@'localhost' identified by 'abc123';

(1)這樣登陸上去，并增加一條localhost的權(quán)限
[root@localhost ~]# mysql -uroot -p -h 127.0.0.1  #通過127.0.0.1登錄上去
mysql> grant all on *.* to root@'localhost' identified by 'abc123';  #在增加一條localhost的授權(quán)
mysql> flush privileges;

新增加的root用戶可能沒有最高權(quán)限，見第3.1

(1)登錄mysql
[root@localhost ~]# mysql -uroot -p -h localhost
mysql> grant all on *.* to root@'localhost' identified by '123456';        
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) #報錯

(2)查看當(dāng)前有哪些用戶
mysql> SELECT DISTINCT CONCAT('User: ''',user,'''@''',host,''';') AS query FROM mysql.user;
+---------------------------------------+
| query                                 |
+---------------------------------------+
| User: 'root'@'127.0.0.1';             |  #使用 mysql -uroot -p -h127.0.0.1登錄mysql授權(quán)沒問題
| User: 'wenqiang'@'172.16.1.%';        |
| User: 'root'@'localhost';             |  #我發(fā)現(xiàn)從localhost登錄的root用戶無法給普通用戶授權(quán)
| User: 'root'@'localhost.localdomain'; |
+---------------------------------------+
4 rows in set (0.00 sec)

(3)查看該root用戶的Grant_priv選項是Y還是N(N表示無權(quán)給普通用戶授權(quán))
mysql> select * from mysql.user where User='root' and Host='localhost'\G;
*************************** 1. row ***************************
                  Host: localhost
                  User: root
              Password: *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9
           Select_priv: Y
           Insert_priv: Y
           Update_priv: Y
           Delete_priv: Y
           Create_priv: Y
             Drop_priv: Y
           Reload_priv: Y
         Shutdown_priv: Y
          Process_priv: Y
             File_priv: Y
            Grant_priv: N     #無授權(quán)權(quán)限
       References_priv: Y
            Index_priv: Y
            Alter_priv: Y
          Show_db_priv: Y
            Super_priv: Y
 Create_tmp_table_priv: Y
      Lock_tables_priv: Y
          Execute_priv: Y
       Repl_slave_priv: Y
      Repl_client_priv: Y
      Create_view_priv: Y
        Show_view_priv: Y
   Create_routine_priv: Y
    Alter_routine_priv: Y
          Create_user_priv: Y
            Event_priv: Y
          Trigger_priv: Y
Create_tablespace_priv: Y
              ssl_type: 
            ssl_cipher: 
           x509_issuer: 
          x509_subject: 
         max_questions: 0
           max_updates: 0
       max_connections: 0
  max_user_connections: 0
                plugin: mysql_native_password
 authentication_string: 
      password_expired: N
1 row in set (0.00 sec)

ERROR: 
No query specified

(3)把Grant_priv選項的N改為Y就可以了
mysql> update mysql.user set Grant_priv='Y' where User='root' and Host='localhost';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

(4)退出重新登錄mysql，再次給普通用戶授權(quán)(一定要先退出mysql)
mysql> grant all on *.* to root@'localhost' identified by '123456';    
Query OK, 0 rows affected (0.00 sec)