diff --git a/sql/set_var.cc b/sql/set_var.cc
index d09e2bcac77..33c360ae785 100644
--- a/sql/set_var.cc
+++ b/sql/set_var.cc
@@ -876,14 +876,20 @@ int set_var_password::update(THD *thd)
 *****************************************************************************/
 int set_var_role::check(THD *thd)
 {
-  /* nothing to check */
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+  ulonglong access;
+  int status= acl_check_setrole(thd, base.str, &access);
+  save_result.ulonglong_value= access;
+  return status;
+#else
   return 0;
+#endif
 }
 
 int set_var_role::update(THD *thd)
 {
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  return acl_setrole(thd, this->role.str);
+  return acl_setrole(thd, base.str, save_result.ulonglong_value);
 #else
   return 0;
 #endif
diff --git a/sql/set_var.h b/sql/set_var.h
index 75090d6e1da..11501c4212a 100644
--- a/sql/set_var.h
+++ b/sql/set_var.h
@@ -278,11 +278,11 @@ public:
 
 /* For SET ROLE */
 
-class set_var_role: public set_var_base
+class set_var_role: public set_var
 {
-  LEX_STRING role;
 public:
-  set_var_role(LEX_STRING role_arg) : role(role_arg) {};
+  set_var_role(LEX_STRING role_arg) :
+    set_var(OPT_SESSION, NULL, &role_arg, NULL){};
   int check(THD *thd);
   int update(THD *thd);
 };
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 6704d28ae89..61989b5de09 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -1672,7 +1672,7 @@ bool acl_getroot(Security_context *sctx, char *user, char *host,
   DBUG_RETURN(res);
 }
 
-bool acl_setrole(THD *thd, char *rolename)
+int acl_check_setrole(THD *thd, char *rolename, ulonglong *access)
 {
   bool is_granted;
   int result= 0;
@@ -1693,8 +1693,8 @@ bool acl_setrole(THD *thd, char *rolename)
       my_error(ER_INVALID_CURRENT_USER, MYF(0), rolename);
       result= -1;
     }
-    else
-      thd->security_ctx->master_access= acl_user->access;
+    else if (access)
+      *access= acl_user->access;
 
     goto end;
   }
@@ -1728,16 +1728,26 @@ bool acl_setrole(THD *thd, char *rolename)
     goto end;
   }
 
-  /* merge the privileges */
-  thd->security_ctx->master_access= acl_user->access | role->access;
-  /* mark the current role */
-  strcpy(thd->security_ctx->priv_role, rolename);
-
+  if (access)
+  {
+    *access = acl_user->access | role->access;
+  }
 end:
   mysql_mutex_unlock(&acl_cache->lock);
   return result;
 }
 
+int acl_setrole(THD *thd, char *rolename, ulonglong access) {
+  /* merge the privileges */
+  thd->security_ctx->master_access= access;
+  /* mark the current role */
+  strmake(thd->security_ctx->priv_role, rolename,
+          sizeof(thd->security_ctx->priv_role)-1);
+  return 0;
+}
+
+
+
 static uchar* check_get_key(ACL_USER *buff, size_t *length,
                             my_bool not_used __attribute__((unused)))
 {
diff --git a/sql/sql_acl.h b/sql/sql_acl.h
index abc5e8ac25c..0e04d8f86d6 100644
--- a/sql/sql_acl.h
+++ b/sql/sql_acl.h
@@ -382,5 +382,6 @@ get_cached_table_access(GRANT_INTERNAL_INFO *grant_internal_info,
 
 bool acl_check_proxy_grant_access (THD *thd, const char *host, const char *user,
                                    bool with_grant);
-bool acl_setrole(THD *thd, char *rolename);
+int acl_setrole(THD *thd, char *rolename, ulonglong access);
+int acl_check_setrole(THD *thd, char *rolename, ulonglong *access);
 #endif /* SQL_ACL_INCLUDED */