MySQL 用户管理之 REVOKE 撤销授权

基础语法

需要有 GRANT OPTION 权限或 mysql 系统表的 UPDATE 权限。

REVOKE ALL ON *.* FROM 'finley'@'%.example.com';

REVOKE INSERT ON *.* FROM 'jeffrey'@'localhost';

REVOKE 'role1', 'role2' FROM 'user1'@'localhost', 'user2'@'localhost';

REVOKE SELECT ON world.* FROM 'role3';

撤销全局权限

需要有 CREATE USER 权限或 mysql 系统表的 UPDATE 权限。

REVOKE ALL PRIVILEGES, GRANT OPTION FROM user_or_role [, user_or_role] ...

撤销数据库权限

REVOKE INSERT, UPDATE ON db1.* FROM 'jeffrey'@'localhost';

查看权限

mysql> SHOW GRANTS FOR 'someuser'@'somehost';
+-------------------------------------------------------+
| Grants for admin@localhost                            |
+-------------------------------------------------------+
| GRANT RELOAD, PROCESS ON *.* TO 'someuser'@'somehost' |
+-------------------------------------------------------+

查看用户

mysql> SET print_identified_with_as_hex = ON;
mysql> SHOW CREATE USER 'admin'@'localhost'\G
*************************** 1. row ***************************
CREATE USER for admin@localhost: CREATE USER 'admin'@'localhost'
IDENTIFIED WITH 'caching_sha2_password'
AS 0x24412430303524301D0E17054E2241362B1419313C3E44326F294133734B30792F436E77764270373039612E32445250786D43594F45354532324B6169794F47457852796E32
REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK
PASSWORD HISTORY DEFAULT
PASSWORD REUSE INTERVAL DEFAULT
PASSWORD REQUIRE CURRENT DEFAULT