/
security_views.html
133 lines (127 loc) · 6.75 KB
/
security_views.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>security_views: common_schema documentation</title>
<meta name="description" content="security_views: common_schema" />
<meta name="keywords" content="security_views: common_schema" />
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<div id="main">
<div id="header">
<h1>common_schema</h1> <strong>2.2</strong> documentation
<div class="subtitle">DBA's framework for MySQL</div>
</div>
<div id="contentwrapper">
<div id="content">
<h2><a href="security_views.html">security_views</a></h2>
<h3>SYNOPSIS</h3>
<p>
Security views: views providing information on grants and privileges.
<ul>
<li><a title="routine_privileges" href="routine_privileges.html">routine_privileges</a>: INFORMATION_SCHEMA-like view on routines privileges</li>
<li><a title="similar_grants" href="similar_grants.html">similar_grants</a>: similar_grants: Listing GRANTEEs sharing the same set of privileges (i.e. share same role)</li>
<li><a title="sql_accounts" href="sql_accounts.html">sql_accounts</a>: Generate SQL statements to block/release accounts. Provide info on accounts</li>
<li><a title="sql_grants" href="sql_grants.html">sql_grants</a>: Generate SQL GRANT/REVOKE statements for existing accounts; provide with GRANT metadata</li>
<li><a title="sql_show_grants" href="sql_show_grants.html">sql_show_grants</a>: Generate complete accounts SHOW GRANTS FOR -like output</li>
</ul>
</p>
<h3>DESCRIPTION</h3>
<p>
There are several inconsistencies and missing pieces with regard to security related information in MySQL.
These views compensate for: missing INFORMATION_SCHEMA routines privileges; missing SHOW GRANTS for all accounts; SQL generation for GRANT and REVOKE statements.
</p>
<p>
Closely related are <a title="Security routines" href="security_routines.html">Security routines</a> and <a title="processlist_grantees" href="processlist_grantees.html">processlist_grantees</a>.
</p>
<h3>EXAMPLES</h3>
<p>Show grants for users called 'world_user':</p>
<blockquote><pre>mysql> SELECT sql_grants FROM common_schema.sql_show_grants WHERE user='world_user' \G
*************************** 1. row ***************************
sql_grants: GRANT USAGE ON *.* TO 'world_user'@'localhost' IDENTIFIED BY PASSWORD '';
GRANT ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP, EVENT, EXECUTE, INDEX, INSERT, LOCK TABLES, REFERENCES, SELECT, SHOW VIEW, TRIGGER, UPDATE ON `world`.* TO 'world_user'@'localhost';
</pre></blockquote>
<p>Block all accounts for user <strong>'gromit'</strong>:</p>
<blockquote><pre>mysql> CALL eval("SELECT sql_block_account FROM sql_accounts WHERE USER = 'gromit'");
</pre></blockquote>
<br/>
</div>
<div id="sidebarwrapper">
<div id="search">
Search online documentation
<form id="search_form" name="search_form" method="GET"
action="http://www.google.com/search"
onsubmit="document.forms['search_form']['q'].value = 'site:http://common-schema.googlecode.com/svn/trunk/common_schema/doc/html/ '+document.forms['search_form']['search_term'].value;">
<input type="text" name="search_term" value=""/>
<input type="hidden" name="q" value=""/>
<input type="submit" value="go"/>
</form>
</div>
<div id="menu">
<ul>
<li><a title="Introduction" href="introduction.html">Introduction</a></li>
<li><a title="Documentation" href="documentation.html">Documentation</a></li>
<li><a title="Download" href="download.html">Download</a></li>
<li><a title="Install" href="install.html">Install</a></li>
<li><a title="Risks" href="risks.html">Risks</a></li>
</ul>
<h3>QUERY SCRIPT</h3>
<ul>
<li><a title="QueryScript" href="query_script.html">QueryScript</a></li>
<li><a title="Execution" href="query_script_execution.html">Execution</a></li>
<li><a title="Flow control" href="query_script_flow_control.html">Flow control</a></li>
<li><a title="Statements" href="query_script_statements.html">Statements</a></li>
<li><a title="Expressions" href="query_script_expressions.html">Expressions</a></li>
<li><a title="Variables" href="query_script_variables.html">Variables</a></li>
</ul>
<h3>DEBUG</h3>
<ul>
<li><a title="rdebug" href="rdebug.html">rdebug</a></li>
<li><a title="rdebug API" href="rdebug_api.html">rdebug API</a></li>
<li><a title="rdebug workflow" href="rdebug_workflow.html">Workflow</a></li>
</ul>
<h3>ROUTINES</h3>
<ul>
<li><a title="Execution & flow control" href="execution_routines.html">Execution & flow control</a></li>
<li><a title="General" href="general_routines.html">General</a></li>
<li><a title="Process" href="process_routines.html">Process</a></li>
<li><a title="Query analysis" href="query_analysis_routines.html">Query analysis</a></li>
<li><a title="Schema analysis" href="schema_analysis_routines.html">Schema analysis</a></li>
<li><a title="Security" href="security_routines.html">Security</a></li>
<li><a title="Text" href="text_routines.html">Text</a></li>
<li><a title="Time & date" href="temporal_routines.html">Time & date</a></li>
<li><a title="Charting" href="charting_routines.html">Charting</a></li>
</ul>
<h3>VIEWS</h3>
<ul>
<li><a title="Schema analysis" href="schema_analysis_views.html">Schema analysis</a></li>
<li><a title="Data dimension" href="data_dimension_views.html">Data dimension</a></li>
<li><a title="Process" href="process_views.html">Process</a></li>
<li><a title="Security" href="security_views.html">Security</a></li>
<li><a title="Monitoring" href="monitoring_views.html">Monitoring</a></li>
<li><a title="InnoDB Plugin" href="innodb_plugin_views.html">InnoDB Plugin</a></li>
<li><a title="Percona server" href="percona_server_views.html">Percona Server</a></li>
<li><a title="TokuDB" href="tokudb_views.html">TokuDB</a></li>
</ul>
<h3>DATA</h3>
<ul>
<li><a title="tables" href="tables.html">Tables</a></li>
<li><a title="variables" href="variables.html">Variables</a></li>
</ul>
<h3>META</h3>
<ul>
<li><a title="Help" href="help.html">help</a></li>
<li><a title="Metadata" href="metadata.html">metadata</a></li>
<li><a title="status" href="status.html">status</a></li>
</ul>
</div>
</div>
<div class="clear"> </div>
<div id="footnote" align="center">
<a href="">common_schema</a> documentation
</div>
</div>
</div>
</body>
</html>