Redis7命令ACL

后端 0 800 0
发表于: 2023-06-19 20:23:55

简介: mark

Redis7

ACL

用户列表

127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all"
]

添加用户

127.0.0.1:6379> acl setuser hsslive on >123456 ~* &* +@all
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 ~* resetchannels +@all"
]
127.0.0.1:6379> 

on,表示激活账号。off 表示禁用账号

>123456,表示设置密码为123456

~*,表示可操作所有key

+@all,表示可执行所有命令

添加用户密码

同一个账号可以设置多个密码

127.0.0.1:6379> acl setuser hsslive on >666666
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 #94edf28c6d6da38fd35d7ad53e485307f89fbeaf120485c8d17a43f323deee71 ~* resetchannels +@all"
]
127.0.0.1:6379> 

给hsslive用户增加666666密码

删除用户密码

127.0.0.1:6379> acl setuser hsslive on <666666
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 ~* resetchannels +@all"
]
127.0.0.1:6379> 

删除hsslive用户的666666密码

清理用户密码

acl setuser hsslive on nopass

127.0.0.1:6379> acl setuser hsslive on >111111
OK
127.0.0.1:6379> acl setuser hsslive on >222222
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 #bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a #4cc8f4d609b717356701c57a03e737e5ac8fe885da8c7163d3de47e01849c635 ~* resetchannels +@all"
]
127.0.0.1:6379> acl setuser hsslive on nopass
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on nopass ~* resetchannels +@all"
]
127.0.0.1:6379> 

删除用户

127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on nopass ~* resetchannels +@all"
]
127.0.0.1:6379> acl deluser hsslive
(integer) 1
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all"
]
127.0.0.1:6379> 

aclfile

我们添加一个hsslive用户,设置密码为123456,然后acl list查看:

127.0.0.1:6379> acl setuser hsslive on >123456 ~* +@all
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 ~* resetchannels +@all"
]
127.0.0.1:6379> 

管理员权限的话,使用:

127.0.0.1:6379> acl setuser hsslive on >123456 ~* &* +@all
OK
127.0.0.1:6379> acl list
[
    "user default on nopass ~* &* +@all",
    "user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 ~* &* +@all"
]
127.0.0.1:6379> 

将acl list的数据复制下来即可

users.acl

user default on nopass ~* &* +@all
user hsslive on #8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 ~* resetchannels +@all

然后在redis的启动配置文件(/etc/redis/redis.conf)使用aclfile:

aclfile /etc/redis/users.acl

修改完aclfile后,记得重启redis

切换用户

auth 用户名 密码

禁用用户

acl setuser hsslive off
billd-live

最后更新于:2024-01-16 11:20:18

欢迎评论留言~
0/400
支持markdown
Comments | 0 条留言
按时间
按热度
目前还没有人留言~