REVOKE priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user] ... REVOKE ALL [PRIVILEGES], GRANT OPTION FROM user [, user] ... REVOKE PROXY ON user FROM user [, user] ...
REVOKE statement enables
system administrators to revoke privileges from MySQL accounts.
For details on the levels at which privileges exist, the
object_type values, and the syntax
for specifying users and passwords, see Section 220.127.116.11, “GRANT Statement”.
Each account name uses the format described in Section 6.2.4, “Specifying Account Names”. For example:
REVOKE INSERT ON *.* FROM 'jeffrey'@'localhost';
The host name part of the account name, if omitted, defaults to
To revoke all privileges, use the second syntax, which drops all global, database, table, column, and routine privileges for the named user or users:
REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ...
User accounts from which privileges are to be revoked must exist, but the privileges to be revoked need not be currently granted to them.
If the grant tables hold privilege rows that contain mixed-case
database or table names and the
variable is set to a nonzero value,
REVOKE cannot be used to revoke
these privileges. It will be necessary to manipulate the grant
tables directly. (
GRANT will not
create such rows when
lower_case_table_names is set,
but such rows might have been created prior to setting the
When successfully executed from the mysql
REVOKE responds with
Query OK, 0 rows affected. To determine what
privileges remain after the operation, use
SHOW GRANTS. See
Section 18.104.22.168, “SHOW GRANTS Statement”.