When granting privileges on a set of databases using wildcards including '\_' with 'grant option' to a user this user may create new databases according to the pattern but cannot grant privileges to other users.

Excerpt from http://dev.mysql.com/doc/refman/5.5/en/grant.html:

The “” and “%” wildcards are permitted when specifying database names in GRANT statements that grant privileges at the global or database levels. This means, for example, that if you want to use a “” character as part of a database name, you should specify it as “_” in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern; for example, GRANT ... ON `foo_bar`.* TO

So when executing as root/admin user

grant all on `%\_bar` to user with grant option

I would expect the user to be able to create a database foo_bar (which works just fine) and then be able to grant privileges to other users. Instead an access denied error is reported ERROR 1044 (42000): Access denied for user 'user'@'%' to database 'foo_bar'

When I change the db pattern to '%_bar', granting privileges works as expected.

Logged in as admin user:

grant all on `%_bar` to user with grant option

Logged in as 'user'

MariaDB [none]> create database foo_bar;

Query OK, 1 row affected (0.00 sec)

MariaDB [none]> grant all on foo_bar.* to otheruser;

Query OK, 0 rows affected (0.00 sec)

After this 'otheruser' can work with database foo_bar. However, this workaround will allow 'user' to create databases such as 'abar' which is not intended.