DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

(mysql.info.gz) User resources

Info Catalog (mysql.info.gz) Removing users (mysql.info.gz) User Account Management (mysql.info.gz) Passwords 
 
 5.6.4 Limiting Account Resources
 --------------------------------
 
 Before MySQL 4.0.2, the only available method for limiting use of MySQL
 server resources is to set the `max_user_connections' system variable
 to a non-zero value. But that method is strictly global.  It does not
 allow for management of individual accounts. Also, it limits only the
 number of simultaneous connections made using a single account, not
 what a client can do once connected. Both types of control are interest
 to many MySQL administrators, particularly those for Internet Service
 Providers.
 
 Starting from MySQL 4.0.2, you can limit the following server resources
 for individual accounts:
 
    * The number of queries that an account can issue per hour
 
    * The number of updates that an account can issue per hour
 
    * The number of times an account can connect to the server per hour
 
 Any statement that a client can issue counts against the query limit.
 Only statements that modify databases or tables count against the update
 limit.
 
 From MySQL 5.0.3 on, it is also possible to limit the number of
 simultaneous connection to the server on a per-account basis.
 
 An account in this context is a single record in the `user' table. Each
 account is uniquely identified by its `User' and `Host' column values.
 
 As a prerequisite for using this feature, the `user' table in the
 `mysql' database must contain the resource-related columns.  Resource
 limits are stored in the `max_questions', `max_updates',
 `max_connections', and `max_user_connections' columns.  If your `user'
 table doesn't have these columns, it must be upgraded; see 
 Upgrading-grant-tables.
 
 To set resource limits with a `GRANT' statement, use a `WITH' clause
 that names each resource to be limited and a per-hour count indicating
 the limit value.  For example, to create a new account that can access
 the `customer' database, but only in a limited fashion, issue this
 statement:
 
      mysql> GRANT ALL ON customer.* TO 'francis'@'localhost'
          ->     IDENTIFIED BY 'frank'
          ->     WITH MAX_QUERIES_PER_HOUR 20
          ->          MAX_UPDATES_PER_HOUR 10
          ->          MAX_CONNECTIONS_PER_HOUR 5
          ->          MAX_USER_CONNECTIONS 2;
 
 The limit types need not all be named in the `WITH' clause, but those
 named can be present in any order. The value for each per-hour limit
 should be an integer representing a count per hour. If the `GRANT'
 statement has no `WITH' clause, the limits are each set to the default
 value of zero (that is, no limit).  For `MAX_USER_CONNECTIONS', the
 limit is an integer indicating the maximum number of simultaneous
 connections the account can make at any one time. If the limit is set
 to the default value of zero, the `max_user_connections' system
 variable determines the number of simultaneous connections for the
 account.
 
 To set or change limits for an existing account, use a `GRANT USAGE'
 statement at the global level (`ON *.*'). The following statement
 changes the query limit for `francis' to 100:
 
      mysql> GRANT USAGE ON *.* TO 'francis'@'localhost'
          ->     WITH MAX_QUERIES_PER_HOUR 100;
 
 This statement leaves the account's existing privileges unchanged and
 modifies only the limit values specified.
 
 To remove an existing limit, set its value to zero. For example, to
 remove the limit on how many times per hour `francis' can connect, use
 this statement:
 
      mysql> GRANT USAGE ON *.* TO 'francis'@'localhost'
          ->     WITH MAX_CONNECTIONS_PER_HOUR 0;
 
 Resource-use counting takes place when any account has a non-zero limit
 placed on its use of any of the resources.
 
 As the server runs, it counts the number of times each account uses
 resources.  If an account reaches its limit on number of connections
 within the last hour, further connections for the account are rejected
 until that hour is up. Similarly, if the account reaches its limit on
 the number of queries or updates, further queries or updates are
 rejected until the hour is up. In all such cases, an appropriate error
 message is issued.
 
 Resource counting is done per account, not per client. For example, if
 your account has a query limit of 50, you cannot increase your limit to
 100 by making two simultaneous client connections to the server.
 Queries issued on both connections are counted together.
 
 The current per-hour resource-use counts can be reset globally for all
 accounts, or individually for a given account:
 
    * To reset the current counts to zero for all accounts, issue a
      `FLUSH USER_RESOURCES' statement. The counts also can be reset by
      reloading the grant tables (for example, with a `FLUSH PRIVILEGES'
      statement or a `mysqladmin reload' command).
 
    * The counts for an individual account can be set to zero by
      re-granting it any of its limits. To do this, use `GRANT USAGE' as
      described earlier and specify a limit value equal to the value
      that the account currently has.
 
 
 Counter resets do not affect the `MAX_USER_CONNECTIONS' limit.
 
 All counts begin at zero when the server starts; counts are not carried
 over through a restart.
Info Catalog (mysql.info.gz) Removing users (mysql.info.gz) User Account Management (mysql.info.gz) Passwords
automatically generated byinfo2html