PDF (A4) - 40.3Mb
Man Pages (TGZ) - 262.0Kb
Man Pages (Zip) - 367.6Kb
Info (Gzip) - 4.0Mb
Info (Zip) - 4.0Mb
DROP USER [IF EXISTS]user [,user] ... TheDROP USER statement removes one or more MySQL accounts and their privileges. It removes privilege rows for the account from all grant tables.
Roles named in themandatory_roles system variable value cannot be dropped.
To useDROP USER, you must have the globalCREATE USER privilege, or theDELETE privilege for themysql system schema. When theread_only system variable is enabled,DROP USER additionally requires theCONNECTION_ADMIN privilege (or the deprecatedSUPER privilege).
DROP USER fails with an error if any account to be dropped is named as theDEFINER attribute for any stored object. (That is, the statement fails if dropping an account would cause a stored object to become orphaned.) To perform the operation anyway, you must have theSET_ANY_DEFINER orALLOW_NONEXISTENT_DEFINER privilege; in this case, the statement succeeds with a warning rather than failing with an error. For additional information, including how to identify which objects name a given account as theDEFINER attribute, seeOrphan Stored Objects.
DROP USER either succeeds for all named users or rolls back and has no effect if any error occurs. By default, an error occurs if you try to drop a user that does not exist. If theIF EXISTS clause is given, the statement produces a warning for each named user that does not exist, rather than an error.
The statement is written to the binary log if it succeeds, but not if it fails; in that case, rollback occurs and no changes are made. A statement written to the binary log includes all named users. If theIF EXISTS clause is given, this includes even users that do not exist and were not dropped.
Each account name uses the format described inSection 8.2.4, “Specifying Account Names”. For example:
DROP USER 'jeffrey'@'localhost'; The host name part of the account name, if omitted, defaults to'%'.
DROP USER does not automatically close any open user sessions. Rather, in the event that a user with an open session is dropped, the statement does not take effect until that user's session is closed. Once the session is closed, the user is dropped, and that user's next attempt to log in fails.This is by design.
DROP USER does not automatically drop or invalidate databases or objects within them that the old user created. This includes stored programs or views for which theDEFINER attribute names the dropped user. Attempts to access such objects may produce an error if they execute in definer security context. (For information about security context, seeSection 27.6, “Stored Object Access Control”.)
PDF (A4) - 40.3Mb
Man Pages (TGZ) - 262.0Kb
Man Pages (Zip) - 367.6Kb
Info (Gzip) - 4.0Mb
Info (Zip) - 4.0Mb