REVOKEpriv_type[(column_list)] [,priv_type[(column_list)]] ... ON [object_type] {tbl_name| * | *.* |db_name.*} FROMuser[,user] ... REVOKE ALL PRIVILEGES, GRANT OPTION FROMuser[,user] ...
The REVOKE statement enables system
administrators to revoke privileges from MySQL accounts. To
use REVOKE, you must have the
GRANT OPTION privilege, and you must have
the privileges that you are revoking.
Each account is named using the same format as for the
GRANT statement; for example,
'jeffrey'@'localhost'. If you specify only
the username part of the account name, a hostname part of
'%' is used. For additional information
about specifying account names, see Section 13.5.1.3, “GRANT Syntax”.
For details on the levels at which privileges exist, the
allowable priv_type values, and the
syntax for specifying users and passwords, see
Section 13.5.1.3, “GRANT Syntax”
If the grant tables hold privilege rows that contain
mixed-case database or table names and the
lower_case_table_names system variable is
set to a non-zero value, REVOKE cannot be
used to revoke these privileges. It will be necessary to
manipulate the grant tables directly.
(GRANT will not create such rows when
lower_case_table_names is set, but such
rows might have been created prior to setting the variable.)
To revoke all privileges, use the following syntax, which drops all global, database-, table-, and column-level privileges for the named user or users:
REVOKE ALL PRIVILEGES, GRANT OPTION FROMuser[,user] ...
To use this REVOKE syntax, you must have
the global CREATE USER privilege or the
UPDATE privilege for the
mysql database.
REVOKE removes privileges, but does not
drop user table entries. You must do that
explicitly using DELETE or DROP
USER (see Section 13.5.1.2, “DROP USER Syntax”).
User Comments
Add your own comment.