How to remove permissions from MySQL or MariaDB users

MySQL and MariaDB are widely used relational database systems that provide data management solutions for a variety of applications. Both use the privilege system to grant and revoke user permissions. Properly managing these permissions ensures the safety and integrity of your database content.

Over time, you may need to revoke certain permissions from a user, whether for security reasons, a change in job roles, or simply tidying up unnecessary access. While MySQL and MariaDB are similar in many ways, including their privilege system, it's always good to verify the specific syntax for your database version.

Removing permissions from a user requires understanding the REVOKE command, which allows administrators to take back specific privileges from a user or revoke all privileges entirely. After updating permissions, it's also crucial to flush privileges to ensure changes take immediate effect.

Steps to remove permissions from MySQL or MariaDB users:

Login to the MySQL or MariaDB database using the command line.
```
$ mysql -u root -p
  - Enter password:
```
Identify the privileges currently held by the user.
```
SHOW GRANTS FOR 'username'@'host';
```
Use the REVOKE command to remove a specific permission from the user.
```
REVOKE SELECT ON database_name.* FROM 'username'@'host';
```
This revokes the SELECT permission from the specified user for the specified database.
If you want to revoke all privileges from the user, use the following command.
```
REVOKE ALL PRIVILEGES ON database_name.* FROM 'username'@'host';
```
Be careful when using the ALL PRIVILEGES clause, as it will completely restrict the user's access to the specified database.
Update the privilege tables to ensure that the changes are applied.
```
FLUSH PRIVILEGES;
```
It's essential to execute this command to ensure the changes are recognized by MySQL or MariaDB immediately.
Verify the changes by checking the privileges of the user again.
```
SHOW GRANTS FOR 'username'@'host';
```
Exit the database system.
```
exit;
```
Optionally, test the user's access to validate that the permissions have indeed been revoked.

Remember, while revoking access is an important aspect of database administration, it's equally crucial to regularly audit user permissions to ensure that only necessary rights are granted. Proper privilege management reduces the risk of unauthorized data access and potential breaches.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.

Discuss the article:

Comment anonymously. Login not required.