1create user test_user@localhost; 2create role test_role1; 3create role test_role2; 4grant test_role1 to test_user@localhost; 5grant test_role2 to test_role1; 6select user, host from mysql.user where user not like 'root'; 7user host 8test_role1 9test_role2 10test_user localhost 11select * from mysql.roles_mapping; 12Host User Role Admin_option 13 test_role1 test_role2 N 14localhost root test_role1 Y 15localhost root test_role2 Y 16localhost test_user test_role1 N 17grant select (Role) on mysql.roles_mapping to test_role2; 18select * from mysql.roles_mapping; 19ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping' 20show grants; 21Grants for test_user@localhost 22GRANT USAGE ON *.* TO `test_user`@`localhost` 23GRANT `test_role1` TO `test_user`@`localhost` 24select current_user(), current_role(); 25current_user() current_role() 26test_user@localhost NULL 27set role test_role1; 28select current_user(), current_role(); 29current_user() current_role() 30test_user@localhost test_role1 31show grants; 32Grants for test_user@localhost 33GRANT SELECT (Role) ON `mysql`.`roles_mapping` TO `test_role2` 34GRANT USAGE ON *.* TO `test_role1` 35GRANT USAGE ON *.* TO `test_role2` 36GRANT USAGE ON *.* TO `test_user`@`localhost` 37GRANT `test_role1` TO `test_user`@`localhost` 38GRANT `test_role2` TO `test_role1` 39select * from mysql.roles_mapping; 40ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for column 'Host' in table 'roles_mapping' 41select Role from mysql.roles_mapping; 42Role 43test_role1 44test_role1 45test_role2 46test_role2 47show grants; 48Grants for test_user@localhost 49GRANT SELECT (Role) ON `mysql`.`roles_mapping` TO `test_role2` 50GRANT USAGE ON *.* TO `test_role1` 51GRANT USAGE ON *.* TO `test_role2` 52GRANT USAGE ON *.* TO `test_user`@`localhost` 53GRANT `test_role1` TO `test_user`@`localhost` 54GRANT `test_role2` TO `test_role1` 55use mysql; 56set role none; 57select current_user(), current_role(); 58current_user() current_role() 59test_user@localhost NULL 60select Role from mysql.roles_mapping; 61ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping' 62drop user 'test_user'@'localhost'; 63select * from mysql.tables_priv; 64Host Db User Table_name Grantor Timestamp Table_priv Column_priv 65 mysql test_role2 roles_mapping root@localhost 0000-00-00 00:00:00 Select 66revoke select on mysql.roles_mapping from test_role2; 67delete from mysql.user where user like'test_%'; 68delete from mysql.roles_mapping where Role like 'test%'; 69flush privileges; 70