1.今天需要修改线上数据库权限，查看某账号权限如下：

>show grants for community@localhost;  
+-----------------------------------------------------------------------------------------+
| Grants for community@localhost |
+-----------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'community'@'localhost' IDENTIFIED BY PASSWORD '565491d704013245' |
| GRANT ALL PRIVILEGES ON `community`.* TO 'community'@'localhost' |
| GRANT ALL PRIVILEGES ON `mysql`.`componet` TO 'community'@'localhost' |
+-----------------------------------------------------------------------------------------+

然后纠结于GRANT USAGE ON是什么意思，在虚拟环境下创建了如上账号:

 >grant all privileges on community.* to community@localhost;

> grant usage on *.* to community@localhost identified by password '123456';

回收权限：revoke .. on .. from ..

> revoke all on `mysql`.`componet` from 'community'@'localhost' ;

对于GRANT USAGE ON，查看手册有如下介绍和实例：

mysql> GRANT USAGE ON *.* TO 'dummy'@'localhost';

  一个账户有用户名dummy，没有密码。该账户只用于从本机连接。未授予权限。通过GRANT语句中的USAGE权限，你可以创建账户而不授予任何权限。它可以将所有全局权限设为'N'。假定你将在以后将具体权限授予该账户。

修改community@localhost权限为select

原来权限为：

mysql> show grants for community@localhost;
+-----------------------------------------------------------------------------------------+
| Grants for community@localhost |
+-----------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'community'@'localhost' IDENTIFIED BY PASSWORD '565491d704013245' |
| GRANT ALL PRIVILEGES ON `community`.* TO 'community'@'localhost' |
| GRANT ALL PRIVILEGES ON `componet`.* TO 'community'@'localhost' |
+-----------------------------------------------------------------------------------------+

修改权限语句为：

mysql> grant select on componet.* to community@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> grant select on community.* to community@localhost;
Query OK, 0 rows affected (0.00 sec)
查看权限---为什么没变呀
mysql> show grants for community@localhost;

+-----------------------------------------------------------------------------------------+
| Grants for community@localhost |
+-----------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'community'@'localhost' IDENTIFIED BY PASSWORD '565491d704013245' |
| GRANT ALL PRIVILEGES ON `community`.* TO 'community'@'localhost' |
| GRANT ALL PRIVILEGES ON `componet`.* TO 'community'@'localhost' |
+-----------------------------------------------------------------------------------------+
3 rows in set (0.00 sec)

>flush privileges;一样的呀。

grant只是用于授权，实际上还是对mysql.user表的权限列值进行修改操作，all privileges已经导致所有权限列值为‘Y’，再授予select权限也只对再次修改Select_priv: Y,当然不会删除其他权限，那么只能revoke在grant了
mysql> revoke all privileges on community.* from community@localhost;  
Query OK, 0 rows affected (0.00 sec)

mysql> revoke all privileges on componet.* from community@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> show grants for community@localhost;
+-----------------------------------------------------------------------------------------+
| Grants for community@localhost |
+-----------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'community'@'localhost' IDENTIFIED BY PASSWORD '565491d704013245' |
+-----------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

mysql> grant select on community.* to community@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> grant select on componet.* to community@localhost;
Query OK, 0 rows affected (0.00 sec)