Show users with any privileges to database. MySQL

Question

i have to select all users with any privileges to database (e.g. database 'mysql'). Any suggestions? Thanks.

score 26 · Answer 1 · answered Mar 20 '13 at 05:11

A good view of all users and their approximate privileges. If there is a password, it will by an encrytped string; if not, this field is blank. Select is a very general privlege; insert allows table manipulation within a database; shutdown allows major system changes, and should only be usable by root; the ability to grant permissions is separate from the others.

SELECT user, host, password, select_priv, insert_priv, shutdown_priv, grant_priv 
FROM mysql.user

View permissions for individual databases.

SELECT user, host, db, select_priv, insert_priv, grant_priv FROM mysql.db

dnozay · Answer 2 · 2013-11-05T03:55:09.697

database privileges are stored in mysql.db
table privileges are stored in mysql.tables_priv
column privileges are stored in mysql.columns_priv
routine privileges are stored in mysql.proc_privs

You can define a store procedure to list the privileges:

delimiter //

CREATE PROCEDURE list_privileges (IN db_name CHAR(50))
BEGIN
    SELECT concat(Db,'.', '*') as 'what', User, Host, '...' as 'perms'
    FROM mysql.db
    WHERE Db=db_name
    UNION
    SELECT concat(Db,'.', Table_name), User, Host, table_priv
    FROM mysql.tables_priv
    WHERE Db=db_name and table_priv != ''
    UNION
    SELECT concat(Db,'.', Table_name, '(', Column_name,')'), User, Host, Column_priv
    FROM mysql.columns_priv
    WHERE Db=db_name
    UNION
    SELECT concat(Db,'.', Routine_name, '()'), User, Host, Proc_priv
    FROM mysql.procs_priv
    WHERE Db=db_name;
END//

delimiter ;

example:

mysql> call list_privileges("testlink2");
+-----------------------------+-----------+-----------+---------+
| what                        | User      | Host      | perms   |
+-----------------------------+-----------+-----------+---------+
| testlink2.*                 | testlink2 | %         | ...     |
| testlink2.*                 | testlink2 | localhost | ...     |
| testlink2.executions        | testlink2 | %         | Select  |
| testlink2.users(id)         | testlink2 | %         | Select  |
| testlink2.list_privileges() | testlink2 | %         | Execute |
+-----------------------------+-----------+-----------+---------+
5 rows in set (0.00 sec)

Query OK, 0 rows affected (0.00 sec)

score 10 · Accepted Answer · edited Jul 26 '16 at 10:07

Look the in mysql database (an actual db named mysql inside the mysql server, just to be clear). There's three tables (db, tables_priv, and columns_priv) where the db/table/column privs are stored:

SELECT 'db', User, Host
FROM db
WHERE Db='mydatabase'

UNION

SELECT 'table', User, Host
FROM tables_priv
WHERE Db='mydatabase'

UNION

SELECT 'col', User, Host
FROM columns_priv
WHERE Db='mydatabase'

should show you what you need.

Show users with any privileges to database. MySQL

3 Answers3