Percona Toolkit · 用户权限显示工具 pt-show-grants

发表于 | 更新于 | 分类于 | 阅读次数:

功能

显示 mysql.user 所有用户及权限

原理

  • 先查找所有 userhost
  • 然后逐个执行 show grants

使用

1
2
3
4
5
6
7
8
9
10
11
12
13
$ pt-show-grants -u 'xx' -p 'xx' -S /tmp/mysql.sock

-- Grants dumped by pt-show-grants
-- Dumped from server Localhost via UNIX socket, MySQL 5.7.23-log at 2019-10-18 15:56:29
-- Grants for 'hdm'@'%'
CREATE USER IF NOT EXISTS 'hdm'@'%';
ALTER USER 'hdm'@'%' IDENTIFIED WITH 'mysql_native_password' AS '*14533888C6CA3952B3957903FF7E69469C7E3A2B' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK;
GRANT PROCESS, REPLICATION CLIENT, REPLICATION SLAVE, SELECT, SHOW DATABASES ON *.* TO 'hdm'@'%';

-- Grants for 'monitor'@'10.138.228.%'
CREATE USER IF NOT EXISTS 'monitor'@'10.138.228.%';
ALTER USER 'monitor'@'10.138.228.%' IDENTIFIED WITH 'mysql_native_password' AS '*67C7E9852A88EE023433F77C5C63AF9DD730667B' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK;
GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'monitor'@'10.138.228.%';