Re: Why can't I revoke usage from user?
Hi there, > > > > > > 'USAGE' means that user doesn't have any privileges. Use > > 'DROP USER'. > > > See: > > > http://dev.mysql.com/doc/mysql/en/drop-user.html > > > > I disagree here. > > > > "drop user" will drop the user, revoking "usage" can be > > something different. > > You can't actually revoke USAGE, without dropping the user. > > > If, for example, you do "grant usage on dbname.*" this is > > different from then "just" a user without "usage" granted to > > that database. > > USAGE is a global level privilege, whilst you can "GRANT USAGE ON test.* > ..", it's actually ignored. I thought that on a database level, it created a record in "db" with all "N" for each privilege? Either way: rather stupid statement then. Why doesn't it raise an error if it's invalid/ignored? Guess it's another MySQL Gotcha?? This, however, works in MySQL 5 (latest) and creates a row in "db": grant usage on test.* to [EMAIL PROTECTED] with grant option All privileges "N" except "grant_priv". Which is useless as well, in this case, correct? > > Besides, having a user without privileges might be useful as well :-) > > Exactly what USAGE is for.. ;) With regards, Martijn Tonies Database Workbench - tool for InterBase, Firebird, MySQL, Oracle & MS SQL Server Upscene Productions http://www.upscene.com Database development questions? Check the forum! http://www.databasedevelopmentforum.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
RE: Why can't I revoke usage from user?
Martin, Comments in-line: > -Original Message- > From: Martijn Tonies [mailto:[EMAIL PROTECTED] > Sent: 16 August 2005 10:35 > To: mysql@lists.mysql.com > Subject: Re: Why can't I revoke usage from user? > > Gleb, > > > Hello. > > > > 'USAGE' means that user doesn't have any privileges. Use > 'DROP USER'. > > See: > > http://dev.mysql.com/doc/mysql/en/drop-user.html > > I disagree here. > > "drop user" will drop the user, revoking "usage" can be > something different. You can't actually revoke USAGE, without dropping the user. > > If, for example, you do "grant usage on dbname.*" this is > different from then "just" a user without "usage" granted to > that database. USAGE is a global level privilege, whilst you can "GRANT USAGE ON test.* ..", it's actually ignored. > > Besides, having a user without privileges might be useful as well :-) Exactly what USAGE is for.. ;) Here's a quick example: mysql> create user frank; Query OK, 0 rows affected (0.00 sec) mysql> show grants for frank; +---+ | Grants for [EMAIL PROTECTED]| +---+ | GRANT USAGE ON *.* TO 'frank'@'%' | +---+ 1 row in set (0.00 sec) mysql> show databases; ++ | Database | ++ | information_schema | | Tracking | | mysql | | test | ++ 4 rows in set (0.00 sec) mysql> grant usage on test.* to frank; Query OK, 0 rows affected (0.00 sec) mysql> show grants for frank; +---+ | Grants for [EMAIL PROTECTED]| +---+ | GRANT USAGE ON *.* TO 'frank'@'%' | +---+ 1 row in set (0.00 sec) mysql> revoke usage on *.* from frank; Query OK, 0 rows affected (0.00 sec) mysql> show grants for frank; +---+ | Grants for [EMAIL PROTECTED]| +---+ | GRANT USAGE ON *.* TO 'frank'@'%' | +---+ 1 row in set (0.00 sec) Mark Mark Leith Cool-Tools UK Limited http://www.cool-tools.co.uk http://leithal.cool-tools.co.uk -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.10/73 - Release Date: 15/08/2005 -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Why can't I revoke usage from user?
Gleb, > Hello. > > 'USAGE' means that user doesn't have any privileges. Use 'DROP USER'. > See: > http://dev.mysql.com/doc/mysql/en/drop-user.html I disagree here. "drop user" will drop the user, revoking "usage" can be something different. If, for example, you do "grant usage on dbname.*" this is different from then "just" a user without "usage" granted to that database. Besides, having a user without privileges might be useful as well :-) With regards, Martijn Tonies Database Workbench - tool for InterBase, Firebird, MySQL, Oracle & MS SQL Server Upscene Productions http://www.upscene.com Database development questions? Check the forum! http://www.databasedevelopmentforum.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Why can't I revoke usage from user?
Hi, > Why can't I revoke usage from user? > mysql> show grants for ''@'172.20.16.110'; > +--+ > | Grants for @172.20.16.110| > +--+ > | GRANT USAGE ON *.* TO ''@'172.20.16.110' | > +--+ > 1 row in set (0.00 sec) > > mysql> revoke usage on *.* from ''@'172.20.16.110'; > Query OK, 0 rows affected (0.00 sec) > > mysql> show grants for ''@'172.20.16.110'; > +--+ > | Grants for @172.20.16.110| > +--+ > | GRANT USAGE ON *.* TO ''@'172.20.16.110' | > +--+ > 1 row in set (0.00 sec) Try: revoke all from ... With regards, Martijn Tonies Database Workbench - tool for InterBase, Firebird, MySQL, Oracle & MS SQL Server Upscene Productions http://www.upscene.com Database development questions? Check the forum! http://www.databasedevelopmentforum.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Why can't I revoke usage from user?
Hello. 'USAGE' means that user doesn't have any privileges. Use 'DROP USER'. See: http://dev.mysql.com/doc/mysql/en/drop-user.html Gu Lei <[EMAIL PROTECTED]> wrote: > Hello everyone: > > Why can't I revoke usage from user? > mysql> show grants for ''@'172.20.16.110'; > +--+ > | Grants for @172.20.16.110| > +--+ > | GRANT USAGE ON *.* TO ''@'172.20.16.110' | > +--+ > 1 row in set (0.00 sec) > > mysql> revoke usage on *.* from ''@'172.20.16.110'; > Query OK, 0 rows affected (0.00 sec) > > mysql> show grants for ''@'172.20.16.110'; > +--+ > | Grants for @172.20.16.110| > +--+ > | GRANT USAGE ON *.* TO ''@'172.20.16.110' | > +--+ > 1 row in set (0.00 sec) > > Thanks. > > > -- For technical support contracts, goto https://order.mysql.com/?ref=ensita This email is sponsored by Ensita.NET http://www.ensita.net/ __ ___ ___ __ / |/ /_ __/ __/ __ \/ /Gleb Paharenko / /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED] /_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.NET <___/ www.mysql.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
