How do I modify an existing user's permissions without downtime on MySQL/MariaDB

Question

We have an existing database user in our MariaDB 10.3 instance. We'd like to grant the user a couple of extra permissions, without any interruption to service.

I understand from the helpful answer here the basic process, but I'm concerned that between the execution of the REVOKE ALL PRIVILEGES... command and the GRANT ... command that the user will not have any access to the database. Is this correct? If so, is there a good way around this, other than creating a new user with a different username and migrating the application code to use this new user instead?

Thanks for your help.

score 4 · Accepted Answer · answered Aug 07 '19 at 09:26

4

If you modify the mysql database directely with UPDATE (in user and db tables), then use FLUSH PRIVILEGES command, you will not revoke anything. So no user interruption...

answered Aug 07 '19 at 09:26

Dom

6,873

score 0 · Answer 2 · answered Aug 07 '19 at 20:19

0

Privileges are not looked at except during login. That is, whatever you do to the grant tables won't take effect until the user logs out and logs back in.

answered Aug 07 '19 at 20:19

Rick James

2,743

How do I modify an existing user's permissions without downtime on MySQL/MariaDB

2 Answers2