【MySQL】撤销所有授权(revoke all)报错:Access denied; you need (at least one of) the SYSTEM_USER privilege(s) for this operation
在 Linux 7 下的 MySQL 8.0.16 中遇到这个问题:
创建新用户并赋予所有权限:
grant all privileges on *.* to 'NipGeihou'@'%' with grant option;
随后撤销所有授权时,出现了报错:
mysql> revoke all on *.* from NipGeihou;
ERROR 1227 (42000): Access denied; you need (at least one of) the SYSTEM_USER privilege(s) for this operation
在搜素资料后得知:这是 MySQL 8.0.16 的一个新权限 SYSTEM_USER,奇怪的是 root 账号竟可以授予其他用户 SYSTEM_USER 权限,而本身却没有 SYSTEM_USER 权限,知道了原因后就好办了:
方法一: 直接在需要撤销的用户会话下
revoke all privileges on *.* from NipGeihou;
方法二:先在需要撤销的用户会话下,赋予 root 账户 SYSTEM_USER 权限,再回到 root 用户下撤销
# NipGeihou用户会话
mysql> grant system_user on *.* to root;
Query OK, 0 rows affected (0.01 sec)
# root用户会话
mysql> revoke all privileges on *.* from NipGeihou;
Query OK, 0 rows affected (0.00 sec)
参考文章:
- MySQL :: MySQL 8.0 Reference Manual :: 6.2.2 Privileges Provided by MySQL (opens new window)
- MySQL :: MySQL 8.0 Reference Manual :: 6.2.11 Account Categories (opens new window)
- The SYSTEM_USER Dynamic Privilege | MySQL Server Blog (opens new window)
- The SYSTEM_USER Dynamic Privilege |MySQL 8.0.16 新特性:SYSTEM_USER 动态权限(英译中文) (opens new window)
上次更新: 2022/01/05, 22:36:44