MySQL Toolkit’s Show Grants tool can now separate grants into individual statements, convert them into
REVOKE statements, and help you remove users from a server, even if your server doesn’t support
The comment on my last post, combined with my need to revoke some grants today on a server that accidentally got grants replicated to it, prompted me to add more functionality to this tool. It can now:
- Separate grants into individual statements, one grant per line. Instead of a line with
GRANT SELECT, INSERT...you can now see one line for each grant, if you wish. This makes it easier to pipe the output through other tools to select only the grants you want, and actually makes the output more diff-friendly too.
GRANTstatements into equivalent
REVOKEstatements (also one at a time if you wish). This makes it easier to remove specific grants from a user.
DROP USERand other statements to help you completely remove a user’s account. MySQL historically has three ways to do this. In recent versions you can just say
DROP USERand it gets rid of the user and all the user’s grants. In older versions this command didn’t remove the grants, so you still had to manually remove those — a tedious process. And in even older versions there’s no
DROP USERcommand at all; you have to
DELETEfrom the user table and
FLUSH PRIVILEGES. The tool now has options to create these statements for you.
The temptation I resisted
I had to resist the temptation to add more options, for example to entirely remove the
GRANT statements so the tool will merely output the statements required to remove a user. But I think that’s feature creep; you can easily pipe the output through
grep -v "^GRANT" and do it yourself.
Still, if you’d find this or other features useful, let me know.
About MySQL Toolkit
MySQL Toolkit is a set of essential tools for MySQL users, developers and administrators. The project’s goal is to make high-quality command-line tools that follow the UNIX philosophy of doing one thing and doing it well. They are designed for scriptability and ease of processing with standard command-line utilities such as
sed. Other tools in the toolkit include a table checksummer and a duplicate key checker.