mirror of https://github.com/ansible/ansible.git
Only revoke GRANT OPTION when user actually has it
When revoking privileges from a user, the GRANT OPTION is always revoked, even if the user doesn't have it. If the user exists, this doesn't give an error, but if the user doesn't exist, it does: mysql> GRANT ALL ON test.* TO 'test'@'localhost'; Query OK, 0 rows affected (0.00 sec) mysql> REVOKE GRANT OPTION ON test.* FROM 'test'@'localhost'; Query OK, 0 rows affected (0.00 sec) mysql> REVOKE GRANT OPTION ON test.* FROM 'test'@'localhost'; Query OK, 0 rows affected (0.00 sec) mysql> REVOKE ALL ON test.* FROM 'test'@'localhost'; Query OK, 0 rows affected (0.00 sec) mysql> REVOKE GRANT OPTION ON test.* FROM 'test'@'localhost'; ERROR 1141 (42000): There is no such grant defined for user 'test' on host 'localhost' Additionally, in MySQL 5.6 this breaks replication because of http://bugs.mysql.com/bug.php?id=68892. Rather than revoking the GRANT OPTION and catching the error, check if the user actually has it and only revoke it when he does.reviewable/pr18780/r1
parent
2da5dc7886
commit
7102503bb2
Loading…
Reference in New Issue