forked from docs/doc-exports
Yang, Tong
48706b7552
Reviewed-by: Kacur, Michal <michal.kacur@t-systems.com> Co-authored-by: Yang, Tong <yangtong2@huawei.com> Co-committed-by: Yang, Tong <yangtong2@huawei.com>
34 lines
5.6 KiB
HTML
34 lines
5.6 KiB
HTML
<a name="mrs_01_24846"></a><a name="mrs_01_24846"></a>
|
||
|
||
<h1 class="topictitle1">How Do I Grant the Select Permission at the Database Level to ClickHouse Users?</h1>
|
||
<div id="body0000001532995218"><div class="section" id="mrs_01_24846__section33415375115"><h4 class="sectiontitle">Procedure</h4><ol id="mrs_01_24846__ol1369611131631"><li id="mrs_01_24846__li669616131437"><span>Log in to the node where the ClickHouse client is installed in the MRS cluster and run the following commands:</span><p><p id="mrs_01_24846__p165241425582"><strong id="mrs_01_24846__b1516731918583">su - omm</strong></p>
|
||
<p id="mrs_01_24846__p85241295811"><strong id="mrs_01_24846__b1634815054510">source </strong><em id="mrs_01_24846__i1934910010458">{Client installation directory}</em><strong id="mrs_01_24846__b13501606454">/bigdata_env</strong></p>
|
||
<p id="mrs_01_24846__p679210231849"><strong id="mrs_01_24846__b15976153013454">kinit </strong><em id="mrs_01_24846__i1978930134512">Component user</em> (You do not need to run the <strong id="mrs_01_24846__b5979830184510">kinit</strong> command for normal clusters.)</p>
|
||
<p id="mrs_01_24846__p652417255817"><strong id="mrs_01_24846__b1755734913580">clickhouse client --host </strong><em id="mrs_01_24846__i2314550135817">IP address of the ClickHouse node</em><strong id="mrs_01_24846__b152111218597"> --port 9000 -m --user clickhouse –password '</strong><em id="mrs_01_24846__i7944727597">Password of the ClickHouse user</em><strong id="mrs_01_24846__b162111823599">'</strong></p>
|
||
<div class="note" id="mrs_01_24846__note5302413219"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_24846__p145246217588">View the password of the ClickHouse user.</p>
|
||
<p id="mrs_01_24846__p26234474135">Log in to FusionInsight Manager and choose <strong id="mrs_01_24846__b1248521120471">Cluster</strong> > <strong id="mrs_01_24846__b15470191684720">Services</strong> > <strong id="mrs_01_24846__b1345042224712">ClickHouse</strong>. Click <strong id="mrs_01_24846__b365593317475">Instance</strong> and click any ClickHouseServer role name. Go to the <strong id="mrs_01_24846__b524620693612">Dashboard</strong> tab page of ClickHouseServer, click the <strong id="mrs_01_24846__b185222510369">users.xml</strong> file in <strong id="mrs_01_24846__b151345111364">Configuration File</strong> area, and view the password of the ClickHouse user.</p>
|
||
</div></div>
|
||
</p></li><li id="mrs_01_24846__li91019481739"><span>You can use either of the following methods to create a role with the read-only permission for a specified database:</span><p><p id="mrs_01_24846__p145248214584">Method 1</p>
|
||
<ol type="a" id="mrs_01_24846__ol1972243714599"><li id="mrs_01_24846__li11722737115918">Creating a role with the read-only permission for a specified database (the <strong id="mrs_01_24846__b747262519190">default</strong> database is used as an example)<p id="mrs_01_24846__p552492105815"><strong id="mrs_01_24846__b156021930165911">create role ck_role on cluster default_cluster;</strong></p>
|
||
<p id="mrs_01_24846__p352472195810"><strong id="mrs_01_24846__b1960416301594">GRANT SELECT ON default.* TO ck_role on cluster default_cluster;</strong></p>
|
||
</li><li id="mrs_01_24846__li99731943175913">Creating a common user<p id="mrs_01_24846__p1952411215815"><a name="mrs_01_24846__li99731943175913"></a><a name="li99731943175913"></a><strong id="mrs_01_24846__b169121241908">CREATE USER user_01 on cluster default_cluster IDENTIFIED WITH PLAINTEXT_PASSWORD BY 'password';</strong></p>
|
||
</li><li id="mrs_01_24846__li143215115599">Granting the read-only permission role to a common user<p id="mrs_01_24846__p35241245814"><a name="mrs_01_24846__li143215115599"></a><a name="li143215115599"></a><strong id="mrs_01_24846__b997398203">GRANT ck_role to user_01 on cluster default_cluster;</strong></p>
|
||
</li><li id="mrs_01_24846__li1415295995910">Viewing user permissions<p id="mrs_01_24846__p205241124588"><a name="mrs_01_24846__li1415295995910"></a><a name="li1415295995910"></a><strong id="mrs_01_24846__b19114161312013">show grants for user_01;</strong></p>
|
||
<p id="mrs_01_24846__p145248295812"><strong id="mrs_01_24846__b12115713001">select * from system.grants where role_name = 'ck_role';</strong></p>
|
||
</li></ol>
|
||
<p id="mrs_01_24846__p135248215584">Method 2</p>
|
||
<p id="mrs_01_24846__p20524172135812">Creating a user with the read-only permission for a specified database</p>
|
||
<ol type="a" id="mrs_01_24846__ol858426019"><li id="mrs_01_24846__li4520429018">Creating a user:<p id="mrs_01_24846__p0524132125814"><a name="mrs_01_24846__li4520429018"></a><a name="li4520429018"></a><strong id="mrs_01_24846__b0915553206">CREATE USER user_01 on cluster default_cluster IDENTIFIED WITH PLAINTEXT_PASSWORD BY 'password';</strong></p>
|
||
</li></ol><ol type="a" start="2" id="mrs_01_24846__ol157809448010"><li id="mrs_01_24846__li1978020441204">Granting the query permission on a specified database to the created user:<p id="mrs_01_24846__p1285841716113"><a name="mrs_01_24846__li1978020441204"></a><a name="li1978020441204"></a><strong id="mrs_01_24846__b1785713171213">grant select on default.* to user_01 on cluster default_cluster;</strong></p>
|
||
</li><li id="mrs_01_24846__li47183193111">Querying user permissions:<p id="mrs_01_24846__p852416210582"><a name="mrs_01_24846__li47183193111"></a><a name="li47183193111"></a><strong id="mrs_01_24846__b11807411118">select * from system.grants where user_name = 'user_01';</strong></p>
|
||
</li></ol>
|
||
</p></li></ol>
|
||
</div>
|
||
</div>
|
||
<div>
|
||
<div class="familylinks">
|
||
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_24777.html">ClickHouse FAQ</a></div>
|
||
</div>
|
||
</div>
|
||
|