mysql.user
mysql.user 表提供关于用户账户及其权限的信息。
若要查看 mysql.user 的结构,可以使用以下 SQL 语句:
DESC mysql.user;
输出结果如下:
+------------------------+-------------------+------+------+-------------------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-------------------+------+------+-------------------+-------+
| Host | char(255) | NO | PRI | NULL | |
| User | char(32) | NO | PRI | NULL | |
| authentication_string | text | YES | | NULL | |
| plugin | char(64) | YES | | NULL | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_role_priv | enum('N','Y') | NO | | N | |
| Drop_role_priv | enum('N','Y') | NO | | N | |
| Account_locked | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| FILE_priv | enum('N','Y') | NO | | N | |
| Config_priv | enum('N','Y') | NO | | N | |
| Create_Tablespace_Priv | enum('N','Y') | NO | | N | |
| Password_reuse_history | smallint unsigned | YES | | NULL | |
| Password_reuse_time | smallint unsigned | YES | | NULL | |
| User_attributes | json | YES | | NULL | |
| Token_issuer | varchar(255) | YES | | NULL | |
| Password_expired | enum('N','Y') | NO | | N | |
| Password_last_changed | timestamp | YES | | CURRENT_TIMESTAMP | |
| Password_lifetime | smallint unsigned | YES | | NULL | |
+------------------------+-------------------+------+------+-------------------+-------+
44 行,耗时 0.00 秒
mysql.user 表包含多个字段,可以归为以下三类:
Scope:
Host: 指定 TiDB 账户的主机名。User: 指定 TiDB 账户的用户名。
Privilege:
以
_priv或_Priv结尾的字段定义了授予用户账户的权限。例如,Select_priv表示用户具有全局的Select权限。更多信息请参见 Privileges required for TiDB operations。Security:
authentication_string和plugin:authentication_string存储用户账户的凭据。凭据的解释依据plugin字段中指定的认证插件。Account_locked: 表示用户账户是否被锁定。Password_reuse_history和Password_reuse_time: 用于 Password reuse policy。User_attributes: 提供关于用户评论和用户属性的信息。Token_issuer: 用于tidb_auth_token认证插件。Password_expired、Password_last_changed和Password_lifetime: 用于 Password expiration policy。
虽然 TiDB mysql.user 表中的大部分字段也存在于 MySQL mysql.user 表中,但 Token_issuer 字段是 TiDB 特有的。