Merge work:/home/bk/mysql-4.0 into mashka.mysql.fi:/my/mysql-4.0

include/mysqld_error.h

@@ -243,4 +243,5 @@
 #define ER_MIXING_NOT_ALLOWED 1224
 #define ER_DUP_ARGUMENT 1225
 #define ER_USER_LIMIT_REACHED 1226
-#define ER_ERROR_MESSAGES 227
+#define ER_SPECIFIC_ACCESS_DENIED_ERROR 1227
+#define ER_ERROR_MESSAGES 228

mysql-test/install_test_db.sh

@@ -117,9 +117,9 @@ fi
 if test ! -f $mdata/user.frm
 then
   c_u="$c_u CREATE TABLE user ("
-  c_u="$c_u   Host char(60) DEFAULT '' NOT NULL,"
-  c_u="$c_u   User char(16) DEFAULT '' NOT NULL,"
-  c_u="$c_u   Password char(16) DEFAULT '' NOT NULL,"
+  c_u="$c_u   Host char(60) binary DEFAULT '' NOT NULL,"
+  c_u="$c_u   User char(16) binary DEFAULT '' NOT NULL,"
+  c_u="$c_u   Password char(16) binary DEFAULT '' NOT NULL,"
   c_u="$c_u   Select_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Insert_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Update_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
@@ -134,20 +134,29 @@ then
   c_u="$c_u   References_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Index_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Alter_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
-  c_u="$c_u   ssl_type enum('NONE','ANY', 'X509', 'SPECIFIED') NOT NULL,"
-  c_u="$c_u   ssl_cipher char(60) NULL,"
-  c_u="$c_u   x509_issuer blob NULL,"
-  c_u="$c_u   x509_subject blob NULL,"
+  c_u="$c_u   Show_db_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Super_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Create_tmp_table_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Lock_tables_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Execute_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Repl_slave_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Repl_client_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   ssl_type enum('','ANY','X509', 'SPECIFIED') DEFAULT '' NOT NULL,"
+  c_u="$c_u   ssl_cipher BLOB NOT NULL,"
+  c_u="$c_u   x509_issuer BLOB NOT NULL,"
+  c_u="$c_u   x509_subject BLOB NOT NULL,"
+  c_u="$c_u   max_questions int(11) unsigned DEFAULT 0  NOT NULL,"
+  c_u="$c_u   max_updates int(11) unsigned DEFAULT 0  NOT NULL,"
+  c_u="$c_u   max_connections int(11) unsigned DEFAULT 0  NOT NULL,"
   c_u="$c_u   PRIMARY KEY Host (Host,User)"
   c_u="$c_u )"
   c_u="$c_u comment='Users and global privileges';"
 
-  i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','none',NULL,NULL,NULL);
-  INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','none',NULL,NULL,NULL);
-  REPLACE INTO user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','none',NULL,NULL,NULL);
-  
-  INSERT INTO user VALUES ('localhost','','','N','N','N','N','N','N','N','N','N','N','N','N','N','N','none',NULL,NULL,NULL);
-  INSERT INTO user VALUES ('$hostname','','','N','N','N','N','N','N','N','N','N','N','N','N','N','N','none',NULL,NULL,NULL);"
+  i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
+  INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
+  REPLACE INTO user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
+  INSERT INTO user (host,user) values ('localhost','');
+  INSERT INTO user (host,user) values ('$hostname','');"
 fi
 
 if test ! -f $mdata/func.frm

mysql-test/r/grant_cache.result

@@ -104,11 +104,11 @@ a
 1
 2
 select c from t1;
-select command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1'
+SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1'
 select * from t2;
 select command denied to user: 'mysqltest_3@localhost' for table 't2'
 select mysqltest.t1.c from test.t1,mysqltest.t1;
-select command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1'
+SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1'
 show status like "Qcache_queries_in_cache";
 Variable_name	Value
 Qcache_queries_in_cache	6

mysql-test/r/rpl000017.result

 reset master;
-grant file on *.* to replicate@localhost identified by 'aaaaaaaaaaaaaaab';
-grant file on *.* to replicate@127.0.0.1 identified by 'aaaaaaaaaaaaaaab';
+grant replication slave on *.* to replicate@localhost identified by 'aaaaaaaaaaaaaaab';
+grant replication slave on *.* to replicate@127.0.0.1 identified by 'aaaaaaaaaaaaaaab';
 slave start;
 drop table if exists t1;
 create table t1(n int);

mysql-test/t/rpl000017.test

@@ -2,8 +2,8 @@ connect (master,localhost,root,,test,0,master.sock);
 connect (slave,localhost,root,,test,0,slave.sock);
 connection master;
 reset master;
-grant file on *.* to replicate@localhost identified by 'aaaaaaaaaaaaaaab';
-grant file on *.* to replicate@127.0.0.1 identified by 'aaaaaaaaaaaaaaab';
+grant replication slave on *.* to replicate@localhost identified by 'aaaaaaaaaaaaaaab';
+grant replication slave on *.* to replicate@127.0.0.1 identified by 'aaaaaaaaaaaaaaab';
 connection slave;
 slave start;
 connection master;

mysys/safemalloc.c

@@ -374,19 +374,16 @@ static int check_ptr(const char *where, byte *ptr, const char *sFile,
   return 0;
 }
 
-#ifdef THREAD
+
+#if !defined(PEDANTIC_SAFEMALLOC) && defined(THREAD)
 static int legal_leak(struct remember* pPtr)
 {
   /* TODO: This code needs to be made more general */
   return (pthread_self() == pPtr->thread_id || main_th == pPtr->thread_id ||
 	  shutdown_th == pPtr->thread_id || signal_th == pPtr->thread_id);
 }
-#else
-static int legal_leak(struct remember* pPtr)
-{
-  return 1;
-}
-#endif
+#endif /* THREAD */
+
 
 /*
   TERMINATE(FILE *file)

scripts/mysql_fix_privilege_tables.sh

@@ -12,6 +12,17 @@ echo "and give the MySQL root user password as a argument!"
 root_password="$1"
 host="localhost"
 
+echo "Converting all privilege tables to MyISAM format"
+@bindir@/mysql -f --user=root --password="$root_password"  --host="$host" mysql <<END_OF_DATA
+ALTER TABLE user type=MyISAM;
+ALTER TABLE db type=MyISAM;
+ALTER TABLE host type=MyISAM;
+ALTER TABLE func type=MyISAM;
+ALTER TABLE columns_priv type=MyISAM;
+ALTER TABLE tables_priv type=MyISAM;
+END_OF_DATA
+
+
 # Fix old password format, add File_priv and func table
 echo ""
 echo "If your tables are already up to date or partially up to date you will"
@@ -56,10 +67,18 @@ END_OF_DATA
   echo ""
 fi
 
+#
+# The second alter changes ssl_type to new 4.0.2 format
+
 echo "Adding columns needed by GRANT .. REQUIRE (openssl)"
 echo "You can ignore any Duplicate column errors"
-@bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
-ALTER TABLE user ADD ssl_type enum('NONE','ANY','X509', 'SPECIFIED') DEFAULT 'NONE' NOT NULL, ADD ssl_cipher BLOB NOT NULL, ADD x509_issuer BLOB NOT NULL, ADD x509_subject BLOB NOT NULL
+@bindir@/mysql -f --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
+ALTER TABLE user
+ADD ssl_type enum('','ANY','X509', 'SPECIFIED') NOT NULL,
+ADD ssl_cipher BLOB NOT NULL,
+ADD x509_issuer BLOB NOT NULL,
+ADD x509_subject BLOB NOT NULL;
+ALTER TABLE user MODIFY ssl_type enum('','ANY','X509', 'SPECIFIED') NOT NULL;
 END_OF_DATA
 echo ""
 
@@ -98,7 +117,7 @@ END_OF_DATA
 #
 
 echo "Changing name of columns_priv.Type -> columns_priv.Column_priv"
-echo "You can ignore any errors from this"
+echo "You can ignore any Unknown column errors from this"
 
 @bindir@/mysql -f --user=root --password="$root_password"  --host="$host" mysql <<END_OF_DATA
 ALTER TABLE columns_priv change Type Column_priv set('Select','Insert','Update','References') DEFAULT '' NOT NULL;
@@ -117,12 +136,41 @@ alter table func add type enum ('function','aggregate') NOT NULL;
 EOF
 echo ""
 
-echo "Converting all privilege tables to MyISAM format"
-@bindir@/mysql -f --user=root --password="$root_password"  --host="$host" mysql <<END_OF_DATA
-ALTER TABLE user type=MyISAM;
-ALTER TABLE db type=MyISAM;
-ALTER TABLE host type=MyISAM;
-ALTER TABLE func type=MyISAM;
-ALTER TABLE columns_priv type=MyISAM;
-ALTER TABLE tables_priv type=MyISAM;
+#
+# Change the user table to MySQL 4.0 format
+#
+
+echo "Adding new fields used by MySQL 4.02 to the privilege tables"
+echo "You can ignore any Duplicate column errors"
+
+@bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
+alter table user
+add Show_db_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER alter_priv,
+add Super_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Show_db_priv,
+add Create_tmp_table_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Super_priv,
+add Lock_tables_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Create_tmp_table_priv,
+add Execute_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Lock_tables_priv,
+add Repl_slave_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Execute_priv,
+add Repl_client_priv enum('N','Y') DEFAULT 'N' NOT NULL AFTER Repl_slave_priv
+END_OF_DATA
+
+if test $? -eq "0"
+then
+  # Convert privileges so that users have similar privileges as before
+  echo ""
+  echo "Updating new privileges in MySQL 4.0.2 from old ones"
+  @bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
+  update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv
+END_OF_DATA
+  echo ""
+fi
+
+# Add fields that can be used to limit number of questions and connections
+# for some users.
+
+@bindir@/mysql -f --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
+alter table user
+add max_questions int(11) NOT NULL AFTER x509_subject,
+add max_updates   int(11) unsigned NOT NULL AFTER max_questions,
+add max_connections int(11) unsigned NOT NULL AFTER max_updates;
 END_OF_DATA

scripts/mysql_install_db.sh

 #!/bin/sh
-# Copyright (C) 1997, 1998, 1999 TCX DataKonsult AB & Monty Program KB & Detron HB
+# Copyright (C) 2002 MySQL AB
 # For a more info consult the file COPYRIGHT distributed with this file.
 
 # This scripts creates the privilege tables db, host, user, tables_priv,
@@ -224,7 +224,14 @@ then
   c_u="$c_u   References_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Index_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
   c_u="$c_u   Alter_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
-  c_u="$c_u   ssl_type enum('NONE','ANY','X509', 'SPECIFIED') DEFAULT 'NONE' NOT NULL,"
+  c_u="$c_u   Show_db_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Super_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Create_tmp_table_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Lock_tables_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Execute_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Repl_slave_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Repl_client_priv enum('N','Y') DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   ssl_type enum('','ANY','X509', 'SPECIFIED') DEFAULT '' NOT NULL,"
   c_u="$c_u   ssl_cipher BLOB NOT NULL,"
   c_u="$c_u   x509_issuer BLOB NOT NULL,"
   c_u="$c_u   x509_subject BLOB NOT NULL,"
@@ -235,14 +242,14 @@ then
   c_u="$c_u )"
   c_u="$c_u comment='Users and global privileges';"
 
-  i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','NONE','','','',0,0,0);
-  INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','NONE','','','',0,0,0);
+  i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
+  INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
   
-  REPLACE INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','NONE','','','',0,0,0);
-  REPLACE INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','NONE','','','',0,0,0);
+  REPLACE INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
+  REPLACE INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);
   
-  INSERT INTO user VALUES ('localhost','','','N','N','N','N','N','N','N','N','N','N','N','N','N','N','NONE','','','',0,0,0);
-  INSERT INTO user VALUES ('$hostname','','','N','N','N','N','N','N','N','N','N','N','N','N','N','N','NONE','','','',0,0,0);"
+  INSERT INTO user (host,user) values ('localhost','');
+  INSERT INTO user (host,user) values ('$hostname','');"
 fi
 
 if test ! -f $mdata/func.frm
@@ -343,7 +350,7 @@ then
     echo "cd @prefix@ ; $bindir/mysqld_safe &"
     echo
     echo "You can test the MySQL daemon with the benchmarks in the 'sql-bench' directory:"
-    echo "cd sql-bench ; run-all-tests"
+    echo "cd sql-bench ; perl run-all-tests"
     echo
   fi
   echo "Please report any problems with the @scriptdir@/mysqlbug script!"

scripts/mysql_new_fix_privilege_tables.sh

-#!/bin/sh
-
-echo "This scripts updates the mysql.user, mysql.db, mysql.host and the"
-echo "mysql.func table to MySQL 3.22.14 and above."
-echo ""
-echo "This is needed if you want to use the new GRANT functions,"
-echo "CREATE AGGREAGATE FUNCTION or want to use the more secure passwords in 3.23"
-echo ""
-echo "If you get Access denied errors, you should run this script again"
-echo "and give the MySQL root user password as a argument!"
-
-root_password="$1"
-host="localhost"
-
-# Fix old password format, add File_priv and func table
-echo ""
-echo "If your tables are already up to date or partially up to date you will"
-echo "get some warnings about 'Duplicated column name'. You can safely ignore these!"
-
-# Add fields that can be used to limit number of questions and connections
-# for some users.
-
-@bindir@/mysql -f --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
-alter table user add max_questions int(11) NOT NULL, add max_updates int(11) unsigned NOT NULL, add max_connections int(11) unsigned NOT NULL;
-END_OF_DATA

sql/field.h

@@ -923,9 +923,9 @@ public:
     :Field_str(ptr_arg, len_arg, null_ptr_arg, null_bit_arg,
 	       unireg_check_arg, field_name_arg, table_arg),
     packlength(packlength_arg),typelib(typelib_arg)
-    {
+  {
       flags|=ENUM_FLAG;
-    }
+  }
   enum_field_types type() const { return FIELD_TYPE_STRING; }
   enum Item_result cmp_type () const { return INT_RESULT; }
   enum ha_base_keytype key_type() const;

sql/item_strfunc.cc

@@ -316,7 +316,7 @@ String *Item_func_des_decrypt::val_str(String *str)
   {
     uint key_number=(uint) (*res)[0] & 127;
     // Check if automatic key and that we have privilege to uncompress using it
-    if (!(current_thd->master_access & PROCESS_ACL) || key_number > 9)
+    if (!(current_thd->master_access & SUPER_ACL) || key_number > 9)
       goto error;
     VOID(pthread_mutex_lock(&LOCK_des_key_file));
     keyschedule= des_keyschedule[key_number];

sql/lex.h

@@ -30,9 +30,9 @@
 #endif
 
 /*
-** Symbols are breaked in to separated arrays to allow fieldnames with
-** same name as functions
-** Theese are kept sorted for human lookup (the symbols are hashed)
+  Symbols are breaked in to separated arrays to allow field names with
+  same name as functions.
+  These are kept sorted for human lookup (the symbols are hashed).
 */
 
 static SYMBOL symbols[] = {
@@ -86,6 +86,7 @@ static SYMBOL symbols[] = {
   { "CHECK",		SYM(CHECK_SYM),0,0},
   { "CHECKSUM",		SYM(CHECKSUM_SYM),0,0},
   { "CIPHER",		SYM(CIPHER_SYM),0,0},
+  { "CLIENT",		SYM(CLIENT_SYM),0,0},
   { "CLOSE",		SYM(CLOSE_SYM),0,0},
   { "COLUMN",		SYM(COLUMN_SYM),0,0},
   { "COLUMNS",		SYM(COLUMNS),0,0},
@@ -136,6 +137,7 @@ static SYMBOL symbols[] = {
   { "ENCLOSED",		SYM(ENCLOSED),0,0},
   { "ENUM",		SYM(ENUM),0,0},
   { "EVENTS",		SYM(EVENTS_SYM),0,0},
+  { "EXECUTE",		SYM(EXECUTE_SYM),0,0},
   { "EXPLAIN",		SYM(DESCRIBE),0,0},
   { "EXISTS",		SYM(EXISTS),0,0},
   { "EXTENDED",		SYM(EXTENDED_SYM),0,0},
@@ -289,6 +291,7 @@ static SYMBOL symbols[] = {
   { "RENAME",		SYM(RENAME),0,0},
   { "REPAIR",		SYM(REPAIR),0,0},
   { "REPLACE",		SYM(REPLACE),0,0},
+  { "REPLICATION",	SYM(REPLICATION),0,0},
   { "REPEATABLE",	SYM(REPEATABLE_SYM),0,0},
   { "REQUIRE",	        SYM(REQUIRE_SYM),0,0},
   { "RESET",		SYM(RESET_SYM),0,0},
@@ -344,6 +347,7 @@ static SYMBOL symbols[] = {
   { "STOP",		SYM(STOP_SYM),0,0},
   { "STRIPED",		SYM(RAID_STRIPED_SYM),0,0},
   { "SUBJECT",		SYM(SUBJECT_SYM),0,0},
+  { "SUPER",		SYM(SUPER_SYM),0,0},
   { "TABLE",		SYM(TABLE_SYM),0,0},
   { "TABLES",		SYM(TABLES),0,0},
   { "TEMPORARY",	SYM(TEMPORARY),0,0},

sql/log.cc

@@ -826,7 +826,7 @@ bool MYSQL_LOG::write(THD *thd,enum enum_server_command command,
       if (thd)
       {						// Normal thread
 	if ((thd->options & OPTION_LOG_OFF) &&
-	    (thd->master_access & PROCESS_ACL))
+	    (thd->master_access & SUPER_ACL))
 	{
 	  VOID(pthread_mutex_unlock(&LOCK_log));
 	  return 0;				// No logging
@@ -907,7 +907,7 @@ bool MYSQL_LOG::write(Log_event* event_info)
     IO_CACHE *file = &log_file;
 #endif    
     if ((thd && !(thd->options & OPTION_BIN_LOG) &&
-	 (thd->master_access & PROCESS_ACL)) ||
+	 (thd->master_access & SUPER_ACL)) ||
 	(db && !db_ok(db, binlog_do_db, binlog_ignore_db)))
     {
       VOID(pthread_mutex_unlock(&LOCK_log));
@@ -1084,7 +1084,7 @@ bool MYSQL_LOG::write(THD *thd,const char *query, uint query_length,
       char buff[80],*end;
       end=buff;
       if (!(thd->options & OPTION_UPDATE_LOG) &&
-	  (thd->master_access & PROCESS_ACL))
+	  (thd->master_access & SUPER_ACL))
       {
 	VOID(pthread_mutex_unlock(&LOCK_log));
 	return 0;

sql/mysql_priv.h

@@ -82,7 +82,7 @@ char* query_table_status(THD *thd,const char *db,const char *table_name);
 #define TEMP_POOL_SIZE          128
 /*
   The following parameters is to decide when to use an extra cache to
-   optimise seeks when reading a big table in sorted order
+  optimise seeks when reading a big table in sorted order
 */
 #define MIN_FILE_LENGTH_TO_USE_ROW_CACHE (16L*1024*1024)
 #define MIN_ROWS_TO_USE_TABLE_CACHE	 100
@@ -321,11 +321,11 @@ void table_cache_free(void);
 uint cached_tables(void);
 void kill_mysql(void);
 void close_connection(NET *net,uint errcode=0,bool lock=1);
-bool check_access(THD *thd,uint access,const char *db=0,uint *save_priv=0,
+bool check_access(THD *thd, ulong access, const char *db=0, ulong *save_priv=0,
 		  bool no_grant=0, bool no_errors=0);
-bool check_table_access(THD *thd,uint want_access, TABLE_LIST *tables,
+bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
 			bool no_errors=0);
-bool check_process_priv(THD *thd=0);
+bool check_global_access(THD *thd, ulong want_access);
 
 int mysql_backup_table(THD* thd, TABLE_LIST* table_list);
 int mysql_restore_table(THD* thd, TABLE_LIST* table_list);

sql/mysqld.cc

@@ -3146,7 +3146,7 @@ static struct my_option my_long_options[] =
   {"safe-mode", OPT_SAFE, "Skip some optimize stages (for testing).",
    0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0},
   {"safe-show-database", OPT_SAFE_SHOW_DB,
-   "Don't show databases for which the user has no privileges",
+   "Depricated option; One should use GRANT SHOW DATABASES instead...",
    (gptr*) &opt_safe_show_db, (gptr*) &opt_safe_show_db, 0, GET_BOOL, NO_ARG,
    0, 0, 0, 0, 0, 0},
   {"safe-user-create", OPT_SAFE_USER_CREATE,

sql/repl_failsafe.cc

@@ -24,7 +24,6 @@
 #include "mini_client.h"
 #include "log_event.h"
 #include <mysql.h>
-#include <thr_alarm.h>
 
 #define SLAVE_LIST_CHUNK 128
 #define SLAVE_ERRMSG_SIZE (FN_REFLEN+64)
@@ -150,7 +149,7 @@ int register_slave(THD* thd, uchar* packet, uint packet_length)
   int res = 1;
   uchar* p = packet, *p_end = packet + packet_length;
 
-  if (check_access(thd, FILE_ACL, any_db))
+  if (check_access(thd, REPL_SLAVE_ACL, any_db))
     return 1;
 
   if (!(si = (SLAVE_INFO*)my_malloc(sizeof(SLAVE_INFO), MYF(MY_WME))))

sql/share/czech/errmsg.txt

@@ -156,7 +156,7 @@
 "%-.16s p-Bkaz nepstupn pro uivatele: '%-.32s@%-.64s' pro sloupec '%-.64s' v tabulce '%-.64s'",
 "Neplatn-B pkaz GRANT/REVOKE. Prosm, pette si v manulu, jak privilegia je mon pout.",
 "Argument p-Bkazu GRANT uivatel nebo stroj je pli dlouh",
-"Tabulka '%-64s.%s' neexistuje",
+"Tabulka '%-.64s.%s' neexistuje",
 "Neexistuje odpov-Bdajc grant pro uivatele '%-.32s' na stroji '%-.64s' pro tabulku '%-.64s'",
 "Pou-Bit pkaz nen v tto verzi MySQL povolen",
 "Va-Be syntaxe je njak divn",
@@ -236,4 +236,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/danish/errmsg.txt

@@ -230,4 +230,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/dutch/errmsg.txt

@@ -155,7 +155,7 @@
 "%-.16s commando geweigerd voor gebruiker: '%-.32s@%-.64s' voor kolom '%-.64s' in tabel '%-.64s'",
 "Foutief GRANT/REVOKE commando. Raadpleeg de handleiding welke priveleges gebruikt kunnen worden.",
 "De host of gebruiker parameter voor GRANT is te lang",
-"Tabel '%-64s.%s' bestaat niet",
+"Tabel '%-.64s.%s' bestaat niet",
 "Deze toegang (GRANT) is niet toegekend voor gebruiker '%-.32s' op host '%-.64s' op tabel '%-.64s'",
 "Het used commando is niet toegestaan in deze MySQL versie",
 "Er is iets fout in de gebruikte syntax",
@@ -235,4 +235,5 @@
 "Kan de query niet uitvoeren vanwege een conflicterende read lock",
 "Het combineren van transactionele en niet-transactionele tabellen is uitgeschakeld.",
 "Optie '%s' tweemaal gebruikt in opdracht",
-"Gebruiker '%-64s' heeft het maximale gebruik van de '%s' faciliteit overschreden (huidige waarde: %ld)",
+"Gebruiker '%-.64s' heeft het maximale gebruik van de '%s' faciliteit overschreden (huidige waarde: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/english/errmsg.txt

@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/estonian/errmsg.txt

@@ -232,4 +232,5 @@
 "Ei suuda tita pringut konfliktse luku tttu",
 "Transaktsioone toetavate ning mittetoetavate tabelite kooskasutamine ei ole lubatud",
 "Mrangut '%s' on lauses kasutatud topelt",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/french/errmsg.txt

@@ -147,7 +147,7 @@
 "La commande '%-.16s' est interdite à l'utilisateur: '%-.32s@%-.64s' sur la colonne '%-.64s' de la table '%-.64s'",
 "Commande GRANT/REVOKE incorrecte. Consultez le manuel.",
 "L'hôte ou l'utilisateur donné en argument à GRANT est trop long",
-"La table '%-64s.%s' n'existe pas",
+"La table '%-.64s.%s' n'existe pas",
 "Un tel droit n'est pas défini pour l'utilisateur '%-.32s' sur l'hôte '%-.64s' sur la table '%-.64s'",
 "Cette commande n'existe pas dans cette version de MySQL",
 "Erreur de syntaxe",
@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/german/errmsg.txt

@@ -230,4 +230,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/greek/errmsg.txt

@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/hungarian/errmsg.txt

@@ -149,7 +149,7 @@
 "%-.16s parancs a '%-.32s@%-.64s' felhasznalo szamara nem engedelyezett a '%-.64s' mezo eseten a '%-.64s' tablaban",
 "Ervenytelen GRANT/REVOKE parancs. Kerem, nezze meg a kezikonyvben, milyen jogok lehetsegesek",
 "A host vagy felhasznalo argumentuma tul hosszu a GRANT parancsban",
-"A '%-64s.%s' tabla nem letezik",
+"A '%-.64s.%s' tabla nem letezik",
 "A '%-.32s' felhasznalo szamara a '%-.64s' host '%-.64s' tablajaban ez a parancs nem engedelyezett",
 "A hasznalt parancs nem engedelyezett ebben a MySQL verzioban",
 "Szintaktikai hiba",
@@ -229,4 +229,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/italian/errmsg.txt

@@ -147,7 +147,7 @@
 "Comando %-.16s negato per l'utente: '%-.32s@%-.64s' sulla colonna '%-.64s' della tabella '%-.64s'",
 "Comando GRANT/REVOKE illegale. Prego consultare il manuale per sapere quali privilegi possono essere usati.",
 "L'argomento host o utente per la GRANT e` troppo lungo",
-"La tabella '%-64s.%s' non esiste",
+"La tabella '%-.64s.%s' non esiste",
 "GRANT non definita per l'utente '%-.32s' dalla macchina '%-.64s' sulla tabella '%-.64s'",
 "Il comando utilizzato non e` supportato in questa versione di MySQL",
 "Errore di sintassi nella query SQL",
@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/japanese/errmsg.txt

@@ -149,7 +149,7 @@
 "コマンド %-.16s は ユーザー '%-.32s@%-.64s'\n カラム '%-.64s' テーブル '%-.64s' に対して許可されていません",
 "Illegal GRANT/REVOKE command. Please consult the manual which privleges can be used.",
 "The host or user argument to GRANT is too long",
-"Table '%-64s.%s' doesn't exist",
+"Table '%-.64s.%s' doesn't exist",
 "There is no such grant defined for user '%-.32s' on host '%-.64s' on table '%-.64s'",
 "The used command is not allowed with this MySQL version",
 "Something is wrong in your syntax",
@@ -229,4 +229,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/korean/errmsg.txt

@@ -147,7 +147,7 @@
 "'%-.16s' 명령은 다음 사용자에게 거부되었습니다. : '%-.32s@%-.64s' for 칼럼 '%-.64s' in 테이블 '%-.64s'",
 "잘못된 GRANT/REVOKE 명령. 어떤 권리와 승인이 사용되어 질 수 있는지 메뉴얼을 보시오.",
 "승인(GRANT)을 위하여 사용한 사용자나 호스트의 값들이 너무 깁니다.",
-"테이블 '%-64s.%s' 는 존재하지 않습니다.",
+"테이블 '%-.64s.%s' 는 존재하지 않습니다.",
 "사용자 '%-.32s'(호스트 '%-.64s')는 테이블 '%-.64s'를 사용하기 위하여 정의된 승인은 없습니다. ",
 "사용된 명령은 현재의 MySQL 버젼에서는 이용되지 않습니다.",
 "SQL 구문에 오류가 있습니다.",
@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/norwegian-ny/errmsg.txt

@@ -149,7 +149,7 @@
 "%-.16s command denied to user: '%-.32s@%-.64s' for column '%-.64s' in table '%-.64s'",
 "Illegal GRANT/REVOKE command. Please consult the manual which privleges can be used.",
 "The host or user argument to GRANT is too long",
-"Table '%-64s.%s' doesn't exist",
+"Table '%-.64s.%s' doesn't exist",
 "There is no such grant defined for user '%-.32s' on host '%-.64s' on table '%-.64s'",
 "The used command is not allowed with this MySQL version",
 "Something is wrong in your syntax",
@@ -229,4 +229,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/norwegian/errmsg.txt

@@ -149,7 +149,7 @@
 "%-.16s command denied to user: '%-.32s@%-.64s' for column '%-.64s' in table '%-.64s'",
 "Illegal GRANT/REVOKE command. Please consult the manual which privleges can be used.",
 "The host or user argument to GRANT is too long",
-"Table '%-64s.%s' doesn't exist",
+"Table '%-.64s.%s' doesn't exist",
 "There is no such grant defined for user '%-.32s' on host '%-.64s' on table '%-.64s'",
 "The used command is not allowed with this MySQL version",
 "Something is wrong in your syntax",
@@ -229,4 +229,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/polish/errmsg.txt

@@ -151,7 +151,7 @@
 "%-.16s command denied to user: '%-.32s@%-.64s' for column '%-.64s' in table '%-.64s'",
 "Illegal GRANT/REVOKE command. Please consult the manual which privleges can be used.",
 "The host or user argument to GRANT is too long",
-"Table '%-64s.%s' doesn't exist",
+"Table '%-.64s.%s' doesn't exist",
 "There is no such grant defined for user '%-.32s' on host '%-.64s' on table '%-.64s'",
 "The used command is not allowed with this MySQL version",
 "Something is wrong in your syntax",
@@ -231,4 +231,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/portuguese/errmsg.txt

@@ -227,4 +227,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/romanian/errmsg.txt

@@ -231,4 +231,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/russian/errmsg.txt

@@ -230,4 +230,5 @@
 "   -   ",
 "  transactional  non-transactional  ",
 " '%s'  ",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/slovak/errmsg.txt

@@ -155,7 +155,7 @@
 "%-.16s command denied to user: '%-.32s@%-.64s' for column '%-.64s' in table '%-.64s'",
 "Illegal GRANT/REVOKE command. Please consult the manual which privleges can be used.",
 "The host or user argument to GRANT is too long",
-"Table '%-64s.%s' doesn't exist",
+"Table '%-.64s.%s' doesn't exist",
 "There is no such grant defined for user '%-.32s' on host '%-.64s' on table '%-.64s'",
 "The used command is not allowed with this MySQL version",
 "Something is wrong in your syntax",
@@ -235,4 +235,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/spanish/errmsg.txt

@@ -148,7 +148,7 @@
 "%-.16s comando negado para usuario: '%-.32s@%-.64s' para columna '%-.64s' en la tabla '%-.64s'",
 "Ilegal comando GRANT/REVOKE. Por favor consulte el manual para cuales permisos pueden ser usados.",
 "El argumento para servidor o usuario para GRANT es demasiado grande",
-"Tabla '%-64s.%s' no existe",
+"Tabla '%-.64s.%s' no existe",
 "No existe tal permiso definido para usuario '%-.32s' en el servidor '%-.64s' en la tabla '%-.64s'",
 "El comando usado no es permitido con esta versión de MySQL",
 "Algo está equivocado en su sintax",
@@ -228,4 +228,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/share/swedish/errmsg.txt

@@ -61,7 +61,7 @@
 "Kommandot har både sum functions och enkla funktioner",
 "Antalet kolumner motsvarar inte antalet värden",
 "Kolumn namn '%-.64s' är för långt",
-"Kolumn namn '%-64s finns flera gånger",
+"Kolumn namn '%-.64s finns flera gånger",
 "Nyckel namn '%-.64s' finns flera gånger",
 "Dubbel nyckel '%-.64s' för nyckel: %d",
 "Felaktigt kolumn typ för kolumn: '%-.64s'",
@@ -147,7 +147,7 @@
 "%-.16s ej tillåtet för '%-.32s@%-.64s'\n för kolumn '%-.64s' i tabell '%-.64s'",
 "Felaktigt GRANT privilegium använt",
 "Felaktigt maskinnamn eller användarnamn använt med GRANT",
-"Det finns ingen tabell som heter '%-64s.%s'"
+"Det finns ingen tabell som heter '%-.64s.%s'"
 "Det finns inget privilegium definierat för användare '%-.32s' på '%-.64s' för tabell '%-.64s'",
 "Du kan inte använda detta kommando med denna MySQL version",
 "Du har något fel i din syntax",
@@ -227,4 +227,5 @@
 "Kan inte utföra kommandot emedan du har ett READ lås",
 "Blandning av transaktionella och icke-transaktionella tabeller är inaktiverat",
 "Option '%s' användes två gånger",
-"Användare '%-64s' har överskridit '%s' (nuvarande värde: %ld)",
+"Användare '%-.64s' har överskridit '%s' (nuvarande värde: %ld)",
+"Du har inte privlegiet '%-.128s' som behövs för denna operation",

sql/share/ukrainian/errmsg.txt

@@ -232,4 +232,5 @@
 "Can't execute the query because you have a conflicting read lock",
 "Mixing of transactional and non-transactional tables is disabled",
 "Option '%s' used twice in statement",
-"User '%-64s' has exceeded the '%s' resource (current value: %ld)",
+"User '%-.64s' has exceeded the '%s' resource (current value: %ld)",
+"Access denied. You need the %-.128s privilege for this operation",

sql/slave.cc

@@ -388,8 +388,9 @@ int terminate_slave_thread(THD* thd, pthread_mutex_t* term_lock,
     }
   }
   DBUG_ASSERT(thd != 0);
-  /* is is criticate to test if the slave is running. Otherwise, we might
-     be referening freed memory trying to kick it
+  /*
+    Is is criticate to test if the slave is running. Otherwise, we might
+    be referening freed memory trying to kick it
   */
   THD_CHECK_SENTRY(thd);
   if (*slave_running)
@@ -398,22 +399,12 @@ int terminate_slave_thread(THD* thd, pthread_mutex_t* term_lock,
   }
   while (*slave_running)
   {
-    /* there is a small chance that slave thread might miss the first
-       alarm. To protect againts it, resend the signal until it reacts
+    /*
+      There is a small chance that slave thread might miss the first
+      alarm. To protect againts it, resend the signal until it reacts
     */
     struct timespec abstime;
-#ifdef HAVE_TIMESPEC_TS_SEC
-    abstime.ts_sec=time(NULL)+2;		
-    abstime.ts_nsec=0;
-#elif defined(__WIN__)
-    abstime.tv_sec=time((time_t*) 0)+2;
-    abstime.tv_nsec=0;
-#else
-    struct timeval tv;
-    gettimeofday(&tv,0);
-    abstime.tv_sec=tv.tv_sec+2;
-    abstime.tv_nsec=tv.tv_usec*1000;
-#endif
+    set_timespec(abstime,2);
     DBUG_ASSERT_LOCK(cond_lock);
     pthread_cond_timedwait(term_cond, cond_lock, &abstime);
     if (*slave_running)
@@ -1881,7 +1872,7 @@ is correct, restart the server with a higher value of max_allowed_packet",
 			  max_allowed_packet);
 	  goto err;
 	}
-	    
+
 	thd->proc_info = "Waiting to reconnect after a failed read";
 	mc_end_server(mysql);
 	if (retried_once)		// punish repeat offender with sleep

sql/sql_acl.h

@@ -15,33 +15,49 @@
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 
 
-#define SELECT_ACL	1
-#define INSERT_ACL	2
-#define UPDATE_ACL	4
-#define DELETE_ACL	8
-#define CREATE_ACL	16
-#define DROP_ACL	32
-#define RELOAD_ACL	64
-#define SHUTDOWN_ACL	128
-#define PROCESS_ACL	256
-#define FILE_ACL	512
-#define GRANT_ACL	1024
-#define REFERENCES_ACL	2048
-#define INDEX_ACL	4096
-#define ALTER_ACL	8192
-#define EXTRA_ACL	16384
-#define DB_ACLS		(UPDATE_ACL | SELECT_ACL | INSERT_ACL | \
-			 DELETE_ACL | CREATE_ACL | DROP_ACL | GRANT_ACL | \
-			 REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
-#define TABLE_ACLS	(SELECT_ACL | INSERT_ACL | UPDATE_ACL | \
-			 DELETE_ACL | CREATE_ACL | DROP_ACL | GRANT_ACL | \
-			 REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
-#define COL_ACLS	(SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)
-#define GLOBAL_ACLS	(SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL |\
-			 CREATE_ACL | DROP_ACL |  RELOAD_ACL | SHUTDOWN_ACL |\
-			 PROCESS_ACL | FILE_ACL | GRANT_ACL | REFERENCES_ACL |\
-			 INDEX_ACL | ALTER_ACL)
-#define NO_ACCESS	32768
+#define SELECT_ACL	(1L << 0)
+#define INSERT_ACL	(1L << 1)
+#define UPDATE_ACL	(1L << 2)
+#define DELETE_ACL	(1L << 3)
+#define CREATE_ACL	(1L << 4)
+#define DROP_ACL	(1L << 5)
+#define RELOAD_ACL	(1L << 6)
+#define SHUTDOWN_ACL	(1L << 7)
+#define PROCESS_ACL	(1L << 8)
+#define FILE_ACL	(1L << 9)
+#define GRANT_ACL	(1L << 10)
+#define REFERENCES_ACL	(1L << 11)
+#define INDEX_ACL	(1L << 12)
+#define ALTER_ACL	(1L << 13)
+#define SHOW_DB_ACL	(1L << 14)
+#define SUPER_ACL	(1L << 15)
+#define CREATE_TMP_ACL	(1L << 16)
+#define LOCK_TABLES_ACL	(1L << 17)
+#define EXECUTE_ACL	(1L << 18)
+#define REPL_SLAVE_ACL	(1L << 19)
+#define REPL_CLIENT_ACL	(1L << 20)
+
+
+#define DB_ACLS \
+(UPDATE_ACL | SELECT_ACL | INSERT_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
+ GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
+
+#define TABLE_ACLS \
+(SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
+ GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
+
+#define COL_ACLS \
+(SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)
+
+#define GLOBAL_ACLS \
+(SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
+ RELOAD_ACL | SHUTDOWN_ACL | PROCESS_ACL | FILE_ACL | GRANT_ACL | \
+ REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \
+ CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \
+ EXECUTE_ACL)
+
+#define EXTRA_ACL	(1L << 29)
+#define NO_ACCESS	(1L << 30)
 
 /* defines to change the above bits to how things are stored in tables */
 
@@ -57,29 +73,30 @@
 int  acl_init(bool dont_read_acl_tables);
 void acl_reload(void);
 void acl_free(bool end=0);
-uint acl_get(const char *host, const char *ip, const char *bin_ip,
-	     const char *user, const char *db);
-uint acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
-		 const char *password,const char *scramble,char **priv_user,
-		 bool old_ver, USER_RESOURCES *max);
+ulong acl_get(const char *host, const char *ip, const char *bin_ip,
+	      const char *user, const char *db);
+ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
+		  const char *password,const char *scramble,char **priv_user,
+		  bool old_ver, USER_RESOURCES *max);
 bool acl_check_host(const char *host, const char *ip);
 bool change_password(THD *thd, const char *host, const char *user,
 		     char *password);
 int mysql_grant(THD *thd, const char *db, List <LEX_USER> &user_list,
-		uint rights, bool revoke);
+		ulong rights, bool revoke);
 int mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list,
-		      List <LEX_COLUMN> &column_list, uint rights,
+		      List <LEX_COLUMN> &column_list, ulong rights,
 		      bool revoke);
 int  grant_init(void);
 void grant_free(void);
 void grant_reload(void);
-bool check_grant(THD *thd, uint want_access, TABLE_LIST *tables,
+bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
 		 uint show_command=0, bool dont_print_error=0);
-bool check_grant_column (THD *thd,TABLE *table, const char *name,uint length,
+bool check_grant_column (THD *thd,TABLE *table, const char *name, uint length,
 			 uint show_command=0);
-bool check_grant_all_columns(THD *thd, uint want_access, TABLE *table);
+bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table);
 bool check_grant_db(THD *thd,const char *db);
-uint get_table_grant(THD *thd, TABLE_LIST *table);
-uint get_column_grant(THD *thd, TABLE_LIST *table, Field *field);
+ulong get_table_grant(THD *thd, TABLE_LIST *table);
+ulong get_column_grant(THD *thd, TABLE_LIST *table, Field *field);
 int mysql_show_grants(THD *thd, LEX_USER *user);
+void get_privilege_desc(char *to, uint max_length, ulong access);
 void get_mqh(const char *user, const char *host, USER_CONN *uc);

sql/sql_base.cc

@@ -19,7 +19,6 @@
 
 #include "mysql_priv.h"
 #include "sql_acl.h"
-#include <thr_alarm.h>
 #include <m_ctype.h>
 #include <my_dir.h>
 #include <hash.h>

sql/sql_class.cc

@@ -244,26 +244,30 @@ void THD::awake(bool prepare_to_die)
   close_active_vio();
 #endif    
   if (mysys_var)
+  {
+    pthread_mutex_lock(&mysys_var->mutex);
+    if (!system_thread)		// Don't abort locks
+      mysys_var->abort=1;
+    /*
+      This broadcast could be up in the air if the victim thread
+      exits the cond in the time between read and broadcast, but that is
+      ok since all we want to do is to make the victim thread get out
+      of waiting on current_cond.
+    */
+    if (mysys_var->current_cond)
     {
-      pthread_mutex_lock(&mysys_var->mutex);
-      if (!system_thread)		// Don't abort locks
-	mysys_var->abort=1;
-      // this broadcast could be up in the air if the victim thread
-      // exits the cond in the time between read and broadcast, but that is
-      // ok since all we want to do is to make the victim thread get out
-      // of waiting on  current_cond
-      if (mysys_var->current_cond)
-      {
-	pthread_mutex_lock(mysys_var->current_mutex);
-	pthread_cond_broadcast(mysys_var->current_cond);
-	pthread_mutex_unlock(mysys_var->current_mutex);
-      }
-      pthread_mutex_unlock(&mysys_var->mutex);
+      pthread_mutex_lock(mysys_var->current_mutex);
+      pthread_cond_broadcast(mysys_var->current_cond);
+      pthread_mutex_unlock(mysys_var->current_mutex);
     }
+    pthread_mutex_unlock(&mysys_var->mutex);
+  }
 }
 
-// remember the location of thread info, the structure needed for
-// sql_alloc() and the structure for the net buffer
+/*
+  Remember the location of thread info, the structure needed for
+  sql_alloc() and the structure for the net buffer
+*/
 
 bool THD::store_globals()
 {
@@ -272,6 +276,7 @@ bool THD::store_globals()
 	  my_pthread_setspecific_ptr(THR_NET,  &net));
 }
 
+
 /* routings to adding tables to list of changed in transaction tables */
 
 inline static void list_include(CHANGED_TABLE_LIST** prev,

sql/sql_class.h

@@ -309,34 +309,25 @@ public:
    */
   
   char	  *host,*user,*priv_user,*db,*ip;
-  /* proc_info points to a string that will show in the Info column of
-     SHOW PROCESSLIST output
-     host_or_ip points to host if host is available, otherwise points to ip   
-   */
-  const   char *proc_info, *host_or_ip;
-  
-  /*
-    client_capabilities has flags describing what the client can do
-    sql_mode determines if certain non-standard SQL behaviour should be
-     enabled
-    max_packet_length - supposed to be maximum packet length the client
-     can handle, but it currently appears to be assigned but never used
-     except for one debugging statement
-   */
-  uint	  client_capabilities,sql_mode,max_packet_length;
+  /* Points to info-string that will show in SHOW PROCESSLIST */
+  const char *proc_info;
+  /* points to host if host is available, otherwise points to ip */
+  const char *host_or_ip;
+ 
+  uint client_capabilities;		/* What the client supports */
+  ulong max_packet_length;		/* Max packet length for client */
+  /* Determines if which non-standard SQL behaviour should be enabled */
+  uint sql_mode;
+  ulong master_access;			/* Global privileges from mysql.user */
+  ulong db_access;			/* Privileges for current db */
 
-  /*
-    master_access - privillege descriptor mask for system threads
-    db_access - privillege descriptor mask for regular threads
-  */
-  uint	  master_access,db_access;
   
   /*
     open_tables - list of regular tables in use by this thread
     temporary_tables - list of temp tables in use by this thread
     handler_tables - list of tables that were opened with HANDLER OPEN
      and are still in use by this thread
-   */
+  */
   TABLE   *open_tables,*temporary_tables, *handler_tables;
   // TODO: document the variables below
   MYSQL_LOCK *lock,*locked_tables;
@@ -388,10 +379,10 @@ public:
              max_join_size, sent_row_count, examined_row_count;
   table_map  used_tables;
   USER_CONN *user_connect;
-  ulong	     query_id,version, inactive_timeout,options,thread_id;
+  ulong	     query_id,version, inactive_timeout,options,thread_id, col_access;
   long	     dbug_thread_id;
   pthread_t  real_id;
-  uint	     current_tablenr,tmp_table,cond_count,col_access;
+  uint	     current_tablenr,tmp_table,cond_count;
   uint	     server_status,open_options;
   uint32     query_length;
   uint32     db_length;

sql/sql_insert.cc

@@ -102,7 +102,7 @@ int mysql_insert(THD *thd,TABLE_LIST *table_list, List<Item> &fields,
 {
   int error;
   bool log_on= ((thd->options & OPTION_UPDATE_LOG) ||
-		!(thd->master_access & PROCESS_ACL));
+		!(thd->master_access & SUPER_ACL));
   bool using_transactions, bulk_insert=0;
   uint value_count;
   uint save_time_stamp;

sql/sql_lex.h

@@ -63,33 +63,15 @@ enum enum_sql_command {
   SQLCOM_END
 };
 
-enum lex_states { STATE_START, STATE_CHAR, STATE_IDENT,
-		  STATE_IDENT_SEP,
-		  STATE_IDENT_START,
-		  STATE_FOUND_IDENT,
-		  STATE_SIGNED_NUMBER,
-		  STATE_REAL,
-		  STATE_HEX_NUMBER,
-		  STATE_CMP_OP,
-		  STATE_LONG_CMP_OP,
-		  STATE_STRING,
-		  STATE_COMMENT,
-		  STATE_END,
-		  STATE_OPERATOR_OR_IDENT,
-		  STATE_NUMBER_IDENT,
-		  STATE_INT_OR_REAL,
-		  STATE_REAL_OR_POINT,
-		  STATE_BOOL,
-		  STATE_EOL,
-		  STATE_ESCAPE,
-		  STATE_LONG_COMMENT,
-		  STATE_END_LONG_COMMENT,
-		  STATE_COLON,
-		  STATE_SET_VAR,
-		  STATE_USER_END,
-		  STATE_HOSTNAME,
-		  STATE_SKIP,
-		  STATE_USER_VARIABLE_DELIMITER
+enum lex_states
+{
+  STATE_START, STATE_CHAR, STATE_IDENT, STATE_IDENT_SEP, STATE_IDENT_START,
+  STATE_FOUND_IDENT, STATE_SIGNED_NUMBER, STATE_REAL, STATE_HEX_NUMBER,
+  STATE_CMP_OP, STATE_LONG_CMP_OP, STATE_STRING, STATE_COMMENT, STATE_END,
+  STATE_OPERATOR_OR_IDENT, STATE_NUMBER_IDENT, STATE_INT_OR_REAL,
+  STATE_REAL_OR_POINT, STATE_BOOL, STATE_EOL, STATE_ESCAPE, STATE_LONG_COMMENT,
+  STATE_END_LONG_COMMENT, STATE_COLON, STATE_SET_VAR, STATE_USER_END,
+  STATE_HOSTNAME, STATE_SKIP, STATE_USER_VARIABLE_DELIMITER
 };
 
 typedef List<Item> List_item;

sql/sql_repl.cc

@@ -21,7 +21,6 @@
 #include "sql_acl.h"
 #include "log_event.h"
 #include "mini_client.h"
-#include <thr_alarm.h>
 #include <my_dir.h>
 #include <assert.h>
 
@@ -537,11 +536,13 @@ impossible position";
   thd->proc_info = "waiting to finalize termination";
   end_io_cache(&log);
   pthread_mutex_lock(&LOCK_thread_count);
-  // exclude  iteration through thread list
-  // this is needed for purge_logs() - it will iterate through
-  // thread list and update thd->current_linfo->index_file_offset
-  // this mutex will make sure that it never tried to update our linfo
-  // after we return from this stack frame
+  /*
+    Exclude  iteration through thread list
+    this is needed for purge_logs() - it will iterate through
+    thread list and update thd->current_linfo->index_file_offset
+    this mutex will make sure that it never tried to update our linfo
+    after we return from this stack frame
+  */
   thd->current_linfo = 0;
   pthread_mutex_unlock(&LOCK_thread_count);
   if (file >= 0)
@@ -557,7 +558,7 @@ int start_slave(THD* thd , MASTER_INFO* mi,  bool net_report)
   NET* net = &thd->net;
   int thread_mask;
   
-  if (check_access(thd, PROCESS_ACL, any_db))
+  if (check_access(thd, SUPER_ACL, any_db))
     return 1;
   lock_slave_threads(mi);  // this allows us to cleanly read slave_running
   init_thread_mask(&thread_mask,mi,1 /* inverse */);
@@ -597,7 +598,7 @@ int stop_slave(THD* thd, MASTER_INFO* mi, bool net_report )
   if (!thd) thd = current_thd;
   NET* net = &thd->net;
 
-  if (check_access(thd, PROCESS_ACL, any_db))
+  if (check_access(thd, SUPER_ACL, any_db))
     return 1;
   thd->proc_info = "Killing slave";
   int thread_mask;

sql/sql_show.cc

@@ -78,11 +78,11 @@ mysqld_show_dbs(THD *thd,const char *wild)
   List_iterator_fast<char> it(files);
   while ((file_name=it++))
   {
-    if (!opt_safe_show_db || thd->master_access ||
+    if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) ||
 	acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
 		thd->priv_user, file_name) ||
 	(grant_option && !check_grant_db(thd, file_name)))
-      {
+    {
       thd->packet.length(0);
       net_store_data(&thd->packet, thd->convert_set, file_name);
       if (my_net_write(&thd->net, (char*) thd->packet.ptr(),

sql/table.h

@@ -37,8 +37,8 @@ typedef struct st_grant_info
 {
   GRANT_TABLE *grant_table;
   uint version;
-  uint privilege;
-  uint want_privilege;
+  ulong privilege;
+  ulong want_privilege;
 } GRANT_INFO;
 
 enum tmp_table_type {NO_TMP_TABLE=0, TMP_TABLE=1, TRANSACTIONAL_TMP_TABLE=2};

tests/grant.pl

@@ -36,7 +36,8 @@ $|=1;
 
 $tables_cols="Host, Db, User, Table_name, Grantor, Table_priv, Column_priv";
 $columns_cols="Host, Db, User, Table_name, Column_name, Column_priv";
-$tmp_table="/tmp/grant-$$.test";
+$tmp_table="/tmp/mysql-grant.test"; # Can't use $$ as we are logging result
+unlink($tmp_table);
 
 #
 # clear grant tables
@@ -74,6 +75,7 @@ user_connect(0);
 user_query("select * from mysql.user where user = '$opt_user'");
 user_query("select * from mysql.db where user = '$opt_user'");
 safe_query("grant select on *.* to $user,$user");
+safe_query("show grants for $user");
 
 # The following should fail
 user_query("insert into mysql.user (host,user) values ('error','$opt_user')",1);
@@ -384,7 +386,9 @@ safe_query("select $columns_cols from mysql.columns_priv where user = '$opt_user
 # Clear up privileges to make future tests easier
 
 safe_query("delete from user where user='$opt_user'");
+safe_query("delete from db where user='$opt_user'");
 safe_query("flush privileges");
+safe_query("show grants for $user",1);
 
 #
 # Test IDENTIFIED BY
@@ -394,7 +398,9 @@ safe_query("grant ALL PRIVILEGES on $opt_database.test to $user identified by 'd
 user_connect(0,"dummy");
 safe_query("grant SELECT on $opt_database.* to $user identified by ''");
 user_connect(0);
-safe_query("revoke SELECT on $opt_database.* from $user identified by ''");
+safe_query("revoke ALL PRIVILEGES on $opt_database.test from $user identified by ''");
+safe_query("revoke ALL PRIVILEGES on $opt_database.* from $user identified by ''");
+safe_query("show grants for $user");
 
 #
 # Test bug reported in SELECT INTO OUTFILE
@@ -407,7 +413,7 @@ safe_query("insert into $opt_database.test3 values (1)");
 user_connect(0);
 user_query("select * into outfile '$tmp_table' from $opt_database.test3");
 safe_query("revoke SELECT on $opt_database.test3 from $user");
-safe_query("revoke FILE from *.* from $user");
+safe_query("revoke FILE on *.* from $user");
 safe_query("drop table $opt_database.test3");
 
 #
@@ -415,24 +421,36 @@ safe_query("drop table $opt_database.test3");
 #
 
 safe_query("create table $opt_database.test3 (a int)");
+user_connect(1);
+safe_query("grant INSERT on $opt_database.test3 to $user");
 user_connect(0);
 user_query("select * into outfile '$tmp_table' from $opt_database.test3",1);
 safe_query("grant SELECT on $opt_database.test3 to $user");
 user_connect(0);
-user_query("LOCK TABLES $opt_database.test3",1);
-safe_query("grant INSERT,UPDATE,DELETE on $opt_database.test3 to $user");
+user_query("LOCK TABLES $opt_database.test3 READ",1);
+safe_query("grant LOCK TABLES on *.* to $user");
+safe_query("show grants for $user");
+safe_query("select * from mysql.user where user='$opt_user'");
 user_connect(0);
-user_query("LOCK TABLES $opt_database.test3");
-safe_query("revoke SELECT, INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
-safe_query("grant SELECT,INSERT,UPDATE,DELETE on $opt_database.* to $user");
-user_connect(0);
-user_query("LOCK TABLES $opt_database.test3");
-safe_query("revoke SELECT, INSERT,UPDATE,DELETE on $opt_database.* from $user");
-safe_query("grant SELECT,INSERT,UPDATE,DELETE on *.* to $user");
-user_connect(0);
-user_query("LOCK TABLES $opt_database.test3");
+user_query("LOCK TABLES $opt_database.test3 READ");
 user_query("UNLOCK TABLES");
-safe_query("revoke SELECT, INSERT,UPDATE,DELETE on *.* from $user");
+safe_query("revoke SELECT,INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
+user_connect(1);
+safe_query("revoke LOCK TABLES on *.* from $user");
+safe_query("drop table $opt_database.test3");
+
+#
+# test new privileges in 4.0.2
+#
+
+safe_query("show grants for $user");
+safe_query("grant all on *.* to $user WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3");
+safe_query("show grants for $user");
+safe_query("revoke LOCK TABLES on *.* from $user");
+safe_query("flush privileges");
+safe_query("show grants for $user");
+safe_query("revoke ALL PRIVILEGES on *.* from $user");
+safe_query("show grants for $user");
 
 #
 # Clean up things

tests/grant.res

@@ -19,10 +19,13 @@ Access denied for user: 'grant_user@localhost' (Using password: NO)
 set password FOR grant_user=''
 Connecting grant_user
 select * from mysql.user where user = 'grant_user'
-localhost	grant_user		Y	N	N	N	N	N	N	N	N	N	N	N	N	N	NONE			
+localhost	grant_user		Y	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					0	0	0
 
 select * from mysql.db where user = 'grant_user'
 grant select on *.* to grant_user@localhost,grant_user@localhost
+show grants for grant_user@localhost
+GRANT SELECT ON *.* TO 'grant_user'@'localhost'
+
 insert into mysql.user (host,user) values ('error','grant_user')
 Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
 update mysql.user set host='error' WHERE user='grant_user'
@@ -93,7 +96,7 @@ delete from user where user='grant_user'
 flush privileges
 grant select on grant_test.* to grant_user@localhost
 select * from mysql.user where user = 'grant_user'
-localhost	grant_user		N	N	N	N	N	N	N	N	N	N	N	N	N	N	NONE			
+localhost	grant_user		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					0	0	0
 
 select * from mysql.db where user = 'grant_user'
 localhost	grant_test	grant_user	Y	N	N	N	N	N	N	N	N	N
@@ -152,7 +155,7 @@ insert into mysql.user (host,user) values ('error','grant_user',0)
 Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
 revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost
 select * from mysql.user where user = 'grant_user'
-localhost	grant_user		N	N	N	N	N	N	N	N	N	N	N	N	N	N	NONE			
+localhost	grant_user		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					0	0	0
 
 select * from mysql.db where user = 'grant_user'
 Connecting grant_user
@@ -432,18 +435,66 @@ localhost	grant_test	grant_user	N	Y	N	N	N	N	N	N	N	N
 select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user'
 select Host, Db, User, Table_name, Column_name, Column_priv from mysql.columns_priv where user = 'grant_user'
 delete from user where user='grant_user'
+delete from db where user='grant_user'
 flush privileges
+show grants for grant_user@localhost
+Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost'
 grant ALL PRIVILEGES on grant_test.test to grant_user@localhost identified by 'dummy',  grant_user@127.0.0.1 identified by 'dummy2'
 Connecting grant_user
 grant SELECT on grant_test.* to grant_user@localhost identified by ''
 Connecting grant_user
-revoke SELECT on grant_test.* from grant_user@localhost identified by ''
+revoke ALL PRIVILEGES on grant_test.test from grant_user@localhost identified by ''
+revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost identified by ''
+show grants for grant_user@localhost
 create table grant_test.test3 (a int)
 grant SELECT on grant_test.test3 to grant_user@localhost
 grant FILE on *.* to grant_user@localhost
 insert into grant_test.test3 values (1)
 Connecting grant_user
-select * into outfile '/tmp/grant-11047.test' from grant_test.test3
+select * into outfile '/tmp/mysql-grant.test' from grant_test.test3
+revoke SELECT on grant_test.test3 from grant_user@localhost
+revoke FILE on *.* from grant_user@localhost
+drop table grant_test.test3
+create table grant_test.test3 (a int)
+Connecting grant_user
+Access denied for user: 'grant_user@localhost' to database 'grant_test'
+grant INSERT on grant_test.test3 to grant_user@localhost
+Connecting grant_user
+select * into outfile '/tmp/mysql-grant.test' from grant_test.test3
+Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO)
+grant SELECT on grant_test.test3 to grant_user@localhost
+Connecting grant_user
+LOCK TABLES grant_test.test3 READ
+Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO)
+grant LOCK TABLES on *.* to grant_user@localhost
+show grants for grant_user@localhost
+GRANT LOCK TABLES ON *.* TO 'grant_user'@'localhost'
+GRANT SELECT, INSERT ON grant_test.test3 TO 'grant_user'@'localhost'
+
+select * from mysql.user where user='grant_user'
+127.0.0.1	grant_user	7f70e8b858ee6782	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					0	0	0
+localhost	grant_user		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	Y	N	N	N					0	0	0
+
+Connecting grant_user
+LOCK TABLES grant_test.test3 READ
+UNLOCK TABLES
+revoke SELECT,INSERT,UPDATE,DELETE on grant_test.test3 from grant_user@localhost
+Connecting grant_user
+Access denied for user: 'grant_user@localhost' to database 'grant_test'
+revoke LOCK TABLES on *.* from grant_user@localhost
+drop table grant_test.test3
+show grants for grant_user@localhost
+grant all on *.* to grant_user@localhost WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
+show grants for grant_user@localhost
+GRANT ALL PRIVILEGES ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
+
+revoke LOCK TABLES on *.* from grant_user@localhost
+flush privileges
+show grants for grant_user@localhost
+GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
+
+revoke ALL PRIVILEGES on *.* from grant_user@localhost
+show grants for grant_user@localhost
 drop database grant_test
 delete from user where user='grant_user'
 delete from db where user='grant_user'