MySQL在MySQL-5.7中有一個新的變量,它保持mysql用戶密碼過期的詳細信息 - 特定用戶密碼過期多少天后。我們是否需要在MySQL中更改變量default_password_lifetime後運行flush特權?
這個變量的詳細信息:Doc
當我們改變了這個變量,是否需要運行沖洗權限或更改將立即生效的所有用戶有默認的到期政策?
MySQL在MySQL-5.7中有一個新的變量,它保持mysql用戶密碼過期的詳細信息 - 特定用戶密碼過期多少天后。我們是否需要在MySQL中更改變量default_password_lifetime後運行flush特權?
這個變量的詳細信息:Doc
當我們改變了這個變量,是否需要運行沖洗權限或更改將立即生效的所有用戶有默認的到期政策?
我認爲答案是否定的。
因爲default_password_lifetime是一個全局變量,其中的信息存儲在information_schema.GLOBAL_VARAIBLES中,它是一個內存引擎表!
在mysql中,flush操作會導致緩衝區中的數據寫回到磁盤中,它僅在MyISAM引擎中是必需的;但是,flush privileges子句將數據從磁盤MyISAM文件重新加載到內存約&權限相關表。
根據該文件,它不應該是必要的:
6.3.6 Password Expiration Policy
...
當客戶端連接成功,服務器確定 帳號密碼是否過期:
服務器檢查密碼是否已手動過期,如果是,則限制會話。
否則,服務器根據自動密碼過期策略檢查密碼是否超過其使用期限。如果是這樣, 服務器認爲密碼已過期並限制會話。
...
重要提示:更改生效只爲後續連接。
下面的例子:
$ mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.7.18
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SELECT @@GLOBAL.default_password_lifetime;
+------------------------------------+
| @@GLOBAL.default_password_lifetime |
+------------------------------------+
| 0 |
+------------------------------------+
1 row in set (0.00 sec)
mysql> CREATE USER 'johndoe'@'localhost'
-> IDENTIFIED WITH mysql_native_password AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'
-> PASSWORD EXPIRE DEFAULT;
Query OK, 0 rows affected (0.00 sec)
mysql> exit
Bye
$ mysql -u johndoe -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 5.7.18
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SELECT CURRENT_USER();
+-------------------+
| CURRENT_USER() |
+-------------------+
| [email protected] |
+-------------------+
1 row in set (0.00 sec)
mysql> exit
Bye
$ mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 5.7.18
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SET @@GLOBAL.default_password_lifetime := 1;
Query OK, 0 rows affected (0.00 sec)
mysql> SELECT @@GLOBAL.default_password_lifetime;
+------------------------------------+
| @@GLOBAL.default_password_lifetime |
+------------------------------------+
| 1 |
+------------------------------------+
1 row in set (0.00 sec)
mysql> SELECT NOW();
+---------------------+
| NOW() |
+---------------------+
| 2010-01-01 00:00:01 |
+---------------------+
1 row in set (0.00 sec)
mysql> \! date -s "2010-01-02 $(date +%H:%M:%S)"
Sat Jan 02 00:00:05 UTC 2010
mysql> SELECT NOW();
+---------------------+
| NOW() |
+---------------------+
| 2010-01-02 00:00:06 |
+---------------------+
1 row in set (0.01 sec)
mysql> exit
Bye
$ mysql -u johndoe -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 16
Server version: 5.7.18
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SELECT CURRENT_USER();
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
的其他信息: