REVOKE priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user] ... REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ...
REVOKE statement enables system administrators to revoke
privileges (or roles - see section below) from MariaDB accounts. Each account is named using the same format
as for the
GRANT statement; for example,
jeffrey'@'localhost'. If you specify only the user name part
of the account name, a host name part of '
' is used. For
details on the levels at which privileges exist, the allowable
priv_level values, and the
syntax for specifying users and passwords, see GRANT.
To use the first
REVOKE syntax, you must have the
GRANT OPTION privilege, and you must have the privileges that
you are revoking.
To revoke all privileges, use the second syntax, which drops all global, database, table, column, and routine privileges for the named user or users:
REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ...
REVOKE SUPER ON *.* FROM 'alexander'@'localhost';
REVOKE role [, role ...] FROM grantee [, grantee2 ... ] REVOKE ADMIN OPTION FOR role FROM grantee [, grantee2]
REVOKE is also used to remove a role from a user or another role that it's previously been assigned to. If a role has previously been set as a default role,
REVOKE does not remove the record of the default role from the mysql.user table. If the role is subsequently granted again, it will again be the user's default. Use SET DEFAULT ROLE NONE to explicitly remove this.
REVOKE journalist FROM hulda