I have an account, user_a, and I would like to grant all available permissions on some_db to user_b. I have tried the following query:
GRANT
ALTER, ALTER ROUTINE,
CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW,
DELETE, DROP, EVENT, EXECUTE,
INDEX, INSERT, LOCK TABLES,
REFERENCES, SELECT, SHOW VIEW,
TRIGGER, UPDATE
ON `some_db`.* TO 'user_b'@'%' WITH GRANT OPTION
The result:
Access denied for user 'user_a'@'%' to database 'some_db'
Some experimentation has shown me that the only permissions my account (user_a) is unable to grant are EVENT, EXECUTE, LOCK TABLES, and TRIGGER.
What privileges are required for my account to GRANT these privileges to another user?
If I run SHOW GRANTS, I get this output:
"GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER ON *.* TO 'user_a'@'%' IDENTIFIED BY PASSWORD '1234567890abcdef' WITH GRANT OPTION"
"GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE ON `some_other_unrelated_db`.* TO 'user_a'@'%'"
"GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE ROUTINE, ALTER ROUTINE ON `another_unrelated_db`.* TO 'user_a'@'%' WITH GRANT OPTION"
Best Answer
With the
GRANT OPTIONprivilege, you can only grant privileges that you have. So, the following privileges cannot be granted to theuser_b: EVENT, EXECUTE, LOCK TABLES, TRIGGER, UPDATE.