Menu
In mysql 5.6 command line client (when logged in as root), i created a user with:
CREATE USER 'admin'@'localhost' IDENTIFIED BY 'password';
Then granted privileges with:
GRANT ALL PRIVILEGES ON databasename.* TO 'admin'@'localhost';
When checking privileges with:
SHOW GRANTS FOR 'admin'@'localhost';
Privileges for the assigned database above are showing as well as one for:
GRANT USAGE ON *.* TO 'admin'@'localhost' IDENTIFIED BY PASSWORD...
I tried to revoke privilege with:
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'admin'@'localhost';
But it does not remove the usage on *.*
How do i revoke access to *.* for new user in mysql?
461
To revoke all privileges, use the second syntax, which drops all global, database, table, column, and routine privileges for the named users or roles: REVOKE ALL PRIVILEGES, GRANT OPTION FROM user_or_role [, user_or_role] ... REVOKE ALL PRIVILEGES, GRANT OPTION does not revoke any roles.
Revoke one or more privileges First, specify a list of comma-separated privileges that you want to revoke from a user account after the REVOKE keyword. Second, specify the object type and privilege level of the privileges after the ON keyword; check it out the GRANT statement for more information on privilege level.
The REVOKE statement can be used to remove granted permissions, and the DENY statement can be used to prevent a principal from gaining a specific permission through a GRANT. Granting a permission removes DENY or REVOKE of that permission on the specified securable.
Revoke permissions from a MySQL user account To remove privileges, use the REVOKE command, which uses a syntax similar to the GRANT command. For example, if you wanted to revoke `SELECT` and `INSERT` privileges from a local user on the `strongdm` database, type the following: mysql> REVOKE SELECT, INSERT ON strongdm.
You can't actually revoke USAGE without dropping the user. USAGE is a global level privilege:
The USAGE privilege specifier stands for "no privileges." It is used at the global level with GRANT to modify account attributes such as resource limits or SSL characteristics without affecting existing account privileges.
from Privileges Provided by MySQL documentation.
So basically if you want to remove the USAGE privilege just use:
DROP USER 'admin'@'localhost';
It is possible to remove USAGE grant from a user in MySQL using following
SHOW GRANTS FOR 'user'@'%';
if you see this output of the command
GRANT USAGE ON `<database>`.* TO 'user'@'%' WITH GRANT OPTION
then to remove it use revoke with flush privileges
REVOKE ALL PRIVILEGES ON `<database>`.* from 'user'@'%';
FLUSH PRIVILEGES;
REVOKE GRANT OPTION ON `<database>`.* from 'user'@'%';
FLUSH PRIVILEGES;
use this command to verify updated user privileges
SHOW GRANTS FOR 'user'@'%';
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
