No cache version.
Caching disabled. Default setting for this page:enabled (code DEF204)
If the display is too slow, you can disable the user mode to view the cached version.
Rechercher dans le manuel MySQL
5.1.9.1 System Variable Privileges
A system variable can have a global value that affects server operation as a whole, a session value that affects only the current session, or both:
For dynamic system variables, the
SETstatement can be used to change their global or session runtime value (or both), to affect operation of the current server instance. (For information about dynamic variables, see Section 5.1.9.2, “Dynamic System Variables”.)For certain global system variables,
SETcan be used to persist their value to themysqld-auto.cnffile in the data directory, to affect server operation for subsequent startups. (For information about persisting system variables and themysqld-auto.cnffile, see Section 5.1.9.3, “Persisted System Variables”.)For persisted global system variables,
RESET PERSISTcan be used to remove their value frommysqld-auto.cnf, to affect server operation for subsequent startups.
This section describes the privileges required for operations that assign values to system variables at runtime. This includes operations that affect runtime values, and operations that persist values.
To set a global system variable, use a
SET
statement with the appropriate keyword. These privileges apply:
To set a global system variable runtime value, use the
SET GLOBALstatement, which requires theSYSTEM_VARIABLES_ADMINorSUPERprivilege.To persist a global system variable to the
mysqld-auto.cnffile (and set the runtime value), use theSET PERSISTstatement, which requires theSYSTEM_VARIABLES_ADMINorSUPERprivilege.To persist a global system variable to the
mysqld-auto.cnffile (without setting the runtime value), use theSET PERSIST_ONLYstatement, which requires theSYSTEM_VARIABLES_ADMINandPERSIST_RO_VARIABLES_ADMINprivileges.SET PERSIST_ONLYcan be used for both dynamic and read-only system variables, but is particularly useful for persisting read-only variables, for whichSET PERSISTcannot be used.Some global system variables are persist-restricted (see Section 5.1.9.4, “Nonpersistible and Persist-Restricted System Variables”). To persist these variables, use the
SET PERSIST_ONLYstatement, which requires the privileges described previously. In addition, you must connect to the server using an encrypted connection and supply an SSL certificate with the Subject value specified by thepersist_only_admin_x509_subjectsystem variable.
To remove a persisted global system variable from the
mysqld-auto.cnf file, use the
RESET PERSIST statement. These
privileges apply:
For dynamic system variables,
RESET PERSISTrequires theSYSTEM_VARIABLES_ADMINorSUPERprivilege.For read-only system variables,
RESET PERSISTrequires theSYSTEM_VARIABLES_ADMINandPERSIST_RO_VARIABLES_ADMINprivileges.For persist-restricted variables,
RESET PERSISTdoes not require an encrypted connection to the server made using a particular SSL certificate.
If a global system variable has any exceptions to the preceding
privilege requirements, the variable description indicates those
exceptions. Examples include
default_table_encryption and
mandatory_roles, which require
additional privileges. These additional privileges apply to
operations that set the global runtime value, but not operations
that persist the value.
To set a session system variable runtime value, use the
SET
SESSION statement. In contrast to setting global
runtime values, setting session runtime values normally requires
no special privileges and can be done by any user to affect the
current session. For some system variables, setting the session
value may have effects outside the current session and thus is a
restricted operation that can be done only by users who have a
special privilege:
As of MySQL 8.0.14, the privilege required is
SESSION_VARIABLES_ADMIN.NoteAny user who has
SYSTEM_VARIABLES_ADMINorSUPEReffectively hasSESSION_VARIABLES_ADMINby implication and need not be grantedSESSION_VARIABLES_ADMINexplicitly.Prior to MySQL 8.0.14, the privilege required is
SYSTEM_VARIABLES_ADMINorSUPER.
If a session system variable is restricted, the variable
description indicates that restriction. Examples include
binlog_format and
sql_log_bin. Setting the
session value of these variables affects binary logging for the
current session, but may also have wider implications for the
integrity of server replication and backups.
SESSION_VARIABLES_ADMIN enables
administrators to minimize the privilege footprint of users who
may previously have been granted
SYSTEM_VARIABLES_ADMIN or
SUPER for the purpose of enabling
them to modify restricted session system variables. Suppose that
an administrator has created the following role to confer the
ability to set restricted session system variables:
Any user granted the set_session_sysvars role
(and who has that role active) is able to set restricted session
system variables. However, that user is also able to set global
system variables, which may be undesirable.
By modifying the role to have
SESSION_VARIABLES_ADMIN instead
of SYSTEM_VARIABLES_ADMIN, the
role privileges can be reduced to the ability to set restricted
session system variables and nothing else. To modify the role,
use these statements:
Modifying the role has an immediate effect: Any account granted
the set_session_sysvars role no longer has
SYSTEM_VARIABLES_ADMIN and is not
able to set global system variables without being granted that
ability explicitly. A similar
GRANT/REVOKE
sequence can be applied to any account that was granted
SYSTEM_VARIABLES_ADMIN directly
rather than by means of a role.
Document created the 26/06/2006, last modified the 26/10/2018
Source of the printed document:https://www.gaudry.be/en/mysql-rf-system-variable-privileges.html
The infobrol is a personal site whose content is my sole responsibility. The text is available under CreativeCommons license (BY-NC-SA). More info on the terms of use and the author.
References
These references and links indicate documents consulted during the writing of this page, or which may provide additional information, but the authors of these sources can not be held responsible for the content of this page.
The author This site is solely responsible for the way in which the various concepts, and the freedoms that are taken with the reference works, are presented here. Remember that you must cross multiple source information to reduce the risk of errors.
