From 9508dec7476457717d3606f868783e90ebc2d653 Mon Sep 17 00:00:00 2001
From: Clinton Ebadi <clinton@unknownlamer.org>
Date: Sat, 6 Nov 2021 15:29:31 -0400
Subject: [PATCH] mysql: revoke permissions when dropping database

Grants are not automatically deleted. Also have to explicitly revoke
grant option or a "USAGE WITH GRANT OPTION" grant is left behind.
---
 src/plugins/domtool-mysql | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/plugins/domtool-mysql b/src/plugins/domtool-mysql
index 0d1710e..4e549e6 100755
--- a/src/plugins/domtool-mysql
+++ b/src/plugins/domtool-mysql
@@ -42,7 +42,10 @@ case $1 in
 		DBNAME_BASE=$3
 		DBNAME="${USERNAME}_${DBNAME_BASE}"
 
+		sudo -H mysql -e "REVOKE ALL ON TABLE * FROM '$USERNAME'@$WHERE;" $DBNAME
+		sudo -H mysql -e "REVOKE GRANT OPTION ON TABLE * FROM '$USERNAME'@$WHERE;" $DBNAME
 		sudo -H mysql -e "DROP DATABASE $DBNAME;"
+
 	;;
 
 	grant)
-- 
2.20.1