1

We have an existing database user in our MariaDB 10.3 instance. We'd like to grant the user a couple of extra permissions, without any interruption to service.

I understand from the helpful answer here the basic process, but I'm concerned that between the execution of the REVOKE ALL PRIVILEGES... command and the GRANT ... command that the user will not have any access to the database. Is this correct? If so, is there a good way around this, other than creating a new user with a different username and migrating the application code to use this new user instead?

Thanks for your help.

Luke Cousins
  • 377
  • 1
  • 3
  • 18

2 Answers2

4

If you modify the mysql database directely with UPDATE (in user and db tables), then use FLUSH PRIVILEGES command, you will not revoke anything. So no user interruption...

Dom
  • 6,628
  • 1
  • 19
  • 24
0

Privileges are not looked at except during login. That is, whatever you do to the grant tables won't take effect until the user logs out and logs back in.

Rick James
  • 2,058
  • 5
  • 11
  • No, I didn't need to change for an already logged in user. This scenario is a web application where the database user logs in for each web request (so many times per second) but only stays logged in for the duration of the page load (so usually under a second). I simply needed a solution which meant I could change the permissions going forward (prior to deployment of an update which needed the extra permissions), but without breaking the many logins per second which were happening during this time. The solution from @Dom did the trick. Thanks. – Luke Cousins Aug 08 '19 at 07:06