Revoking privileges

You can revoke (remove existing) privileges for any of the object types listed on the Manage Db2® Privileges panel apart from column. (You cannot revoke privileges on specific columns. You must revoke the appropriate table privileges.)

To revoke one or more privileges for an object, you can use either of the following methods:

• Method 1 (specifying the object using the revoke privileges panel):
  1. On the Manage Db2® Privileges panel,
     1. Type the required details (if any) in the Object Identification Criteria section.
     2. Type the appropriate number in the Object Type selection field to select the object type you want, or use the default value, 3 (table).
  2. Type R on the command line.
  3. Press Enter.

     The revoke privileges panel for the specified object type is displayed. If there is more than one type of privilege that can apply to the object type, the panel lists each privilege type with a corresponding entry field.

     On the revoke privileges panel:

     1. Select the privileges you want to revoke by entering any character in the corresponding selection fields.
        Note: For object types where there is only one type of privilege, this step does not apply.
     2. In the entry field provided (for some types of privilege there are two entry fields), specify the name of the object.
     3. In the From entry field, specify the SQLID of the user for whom the privileges are to be revoked (the revokee).
     4. In the By entry field, specify the SQLID of the user who granted the privileges (the grantor), or ALL for all grantors.
     5. Press Enter.
• Method 2 (specifying the object from a privilege display panel):
  1. On the Manage Db2® Privileges panel,
     1. Type the required details (if any) in the Object Identification Criteria section.
     2. Type the appropriate number in the Object Type selection field to select the object type you want, or use the default value, 3 (table).
  2. Leave the command line blank.
  3. Press Enter. The privilege display panel for the specified object type is displayed listing the selected objects.
  4. On the privilege display panel, type R in the Cmd field against the object for which you want to revoke the privileges.
  5. Press Enter. The revoke privileges panel for the specified object is displayed.
     Note: If you use this method to navigate to the revoke privileges panel (for the specified object type), the following details are pre-entered:

     • The existing setting for each privilege type (Y, G, or blank)
     • The name details for the object
     • The SQLID of the user for whom the privileges are to be revoked (the revokee) in the From entry field.

     On the revoke privileges panel:

     1. Select the privileges you want to revoke by entering any character in the corresponding selection fields.
        Note: For object types where there is only one type of privilege, this step does not apply.
     2. In the By entry field, specify the SQLID of the user who granted the privileges (the grantor), or ALL for all grantors.
     3. Press Enter.

If the revoke privilege processing is successful, FM/Db2 displays a message indicating that the revoke ran successfully. Otherwise, a panel is displayed showing the formatted SQL return code.

Related tasks

• Displaying privileges
• Granting privileges

Related references

• Manage Db2 Privileges panel
• Primary Option Menu panel
• Utility Functions panel
• Revoke privileges panels