Name
REVOKE
Synopsis
REVOKE ALL PRIVILEGES, GRANT OPTION FROM user[, ...] REVOKEprivilege
[,...] [(column
[, ...])] ON {[{database
|*}.{table
|*}] | *} FROM 'user
'@'host
'[, ...]
Use this statement to revoke some or all privileges that were
granted to a user with the GRANT
statement. The
first syntax is used to revoke all privileges from a user. Multiple
users may be given in a comma-separated list. A list of users and
their privileges are stored in the mysql
database,
in the user
table in particular:
REVOKE ALL PRIVILEGES ON *.* FROM 'paola'@localhost';
To revoke only some privileges, use the second syntax structure,
giving the specific privileges to be removed in a comma-separated list
after the keyword REVOKE
. For a list of privileges
and their descriptions, see Table 4-2
under the description of the GRANT
statement earlier in this
chapter.
To revoke privileges for specific columns, list the columns
within parentheses in a comma-separated list. Privileges that are
granted based on columns are stored in the columns_priv
table of the
mysql
database. Privileges may be revoked on a
specific table for a specific database. To revoke privileges on
all tables of a database, specify an asterisk as a wildcard for the
table name. You can do the same for the database name to apply the
statement to all databases. Table-specific privileges are stored in
the tables_priv
table, and database-specific
privileges are stored in the db
table.
Get MySQL in a Nutshell, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.