Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why is a "GRANT USAGE" created the first time I grant a user privileges?

Tags:

database

mysql

privileges

grant

People also ask

What does grant usage mean?

GRANT USAGE ON *. * means "No privilege". In other word, the user has been created (with an entry in mysql. users table) with no privilege.

What does grant usage do in Snowflake?

Grants full control over a Snowflake Marketplace or Data Exchange listing. Only a single role can hold this privilege on a specific object at a time. Grants all privileges, except OWNERSHIP, on a Snowflake Marketplace or Data Exchange listing.

How do I grant grants privilege to user?

To GRANT ALL privileges to a user , allowing that user full control over a specific database , use the following syntax: mysql> GRANT ALL PRIVILEGES ON database_name. * TO 'username'@'localhost';

As you said, in MySQL USAGE is synonymous with "no privileges". From the MySQL Reference Manual:

The USAGE privilege specifier stands for "no privileges." It is used at the global level with GRANT to modify account attributes such as resource limits or SSL characteristics without affecting existing account privileges.

USAGE is a way to tell MySQL that an account exists without conferring any real privileges to that account. They merely have permission to use the MySQL server, hence USAGE. It corresponds to a row in the `mysql`.`user` table with no privileges set.

The IDENTIFIED BY clause indicates that a password is set for that user. How do we know a user is who they say they are? They identify themselves by sending the correct password for their account.

A user's password is one of those global level account attributes that isn't tied to a specific database or table. It also lives in the `mysql`.`user` table. If the user does not have any other privileges ON *.*, they are granted USAGE ON *.* and their password hash is displayed there. This is often a side effect of a CREATE USER statement. When a user is created in that way, they initially have no privileges so they are merely granted USAGE.


I was trying to find the meaning of GRANT USAGE on *.* TO and found here. I can clarify that GRANT USAGE on *.* TO user IDENTIFIED BY PASSWORD password will be granted when you create the user with the following command (CREATE): 

CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';

When you grant privilege with GRANT, new privilege s will be added on top of it.


In addition mysql passwords when not using the IDENTIFIED BY clause, may be blank values, if non-blank, they may be encrypted. But yes USAGE is used to modify an account by granting simple resource limiters such as MAX_QUERIES_PER_HOUR, again this can be specified by also using the WITH clause, in conjuction with GRANT USAGE(no privileges added) or GRANT ALL, you can also specify GRANT USAGE at the global level, database level, table level,etc....

Related questions

add column to mysql table if it does not exist
How can I restore the MySQL root user’s full privileges?
Mysql order by specific ID values
Cannot issue data manipulation statements with executeQuery()
Remote connect to clearDB heroku database
PHP and MySQL - how to avoid password in source code? [duplicate]
Closing JDBC Connections in Pool
MIN/MAX vs ORDER BY and LIMIT
How do I create a user with the same privileges as root in MySQL/MariaDB? [closed]
java.sql.SQLException: Incorrect string value: '\xF0\x9F\x91\xBD\xF0\x9F...'
How to escape single quotes in MySQL
How do I check if an index exists on a table field in MySQL?
MySQL: Selecting multiple fields into multiple variables in a stored procedure
convert_tz returns null
How to add a primary key to a MySQL table?
Problems with contenttypes when loading a fixture in Django
MySQL/Amazon RDS error: "you do not have SUPER privileges..."
MySQL - This version of MySQL doesn't yet support 'LIMIT & IN/ALL/ANY/SOME subquery
MySQL Query to select data from last week?
Does a UNIQUE constraint automatically create an INDEX on the field(s)?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!