3

This question refers to MySQL and/or MariaDB specifically.

Is it possible to permit certain users to drop/create one (or more) specific databases, but not all databases? By this, I do not mean how to give users all privileges for certain specific databases with a query like: GRANT ALL PRIVILEGES ON `example-db`.* TO 'example-user'@'localhost';

I've found some methods on how to do this for MSSQL here and a similar post for PostgreSQL.

Improve this question

2 Answers 2

Reset to default
3

grant privileges separately for a user account in MySQL.

When specifying the database name and table name, separate them with a. (period) and no spaces. This will give the root user fine-grain control over certain data.

Also, replace the PERMISSION_TYPE value with the kind of access you want to grant to your new user account.

Here are the most used commands in MySQL:

CREATE — enable users to create a database or table

SELECT — permit users to retrieve data

INSERT — let users add new entries in tables

UPDATE — allow users to modify existing entries in tables

DELETE — enable users to erase table entries

DROP — let users delete entire database tables

NOTE: Using the ALL PRIVILEGES permission type from before will allow all of the permissions listed above.

To use any of these options, simply replace PERMISSION_TYPE with the appropriate keyword. To apply multiple privileges, separate them with a comma. For example, we can assign CREATE and SELECT to our non-root MySQL user account with this command:

GRANT CREATE, SELECT ON * . * TO 'user_name'@'localhost';

Sometimes, you might come across a situation where you need to revoke given privileges from a user. You can do so by entering:

REVOKE PERMISSION_TYPE ON database_name.table_name FROM ‘user_name’@‘localhost’;

For example, to withdraw all privileges for our non-root user we should use:

REVOKE ALL PRIVILEGES ON * . * FROM 'user_name'@'localhost';

Finally, you can entirely delete an existing user account by using the following command:

DROP USER ‘user_name’@‘localhost’;

Don't forget to FLUSH PRIVILEGES;

In order to find what privileges have already been granted to a MySQL user, you can use the SHOW GRANTS command:

SHOW GRANTS FOR 'user_name'@'localhost';
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

-2

Let’s start by making a new user within the MySQL shell:

CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';

To provide a specific user with permission, you can use this framework:

GRANT type_of_permission ON database_name.table_name TO 'username'@'localhost'

Once you have finalized the permissions that you want to set up for your new users, always be sure to reload all the privileges.

FLUSH PRIVILEGES;
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.