Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MDEV-34053 mariadbbackup privilege REPLICA MONITOR issue #3239

Merged
merged 1 commit into from
May 8, 2024
Merged

MDEV-34053 mariadbbackup privilege REPLICA MONITOR issue #3239

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion extra/mariabackup/xtrabackup.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6413,7 +6413,7 @@ static bool check_all_privileges()
if (opt_galera_info || opt_slave_info
|| opt_safe_slave_backup) {
check_result |= check_privilege(granted_privileges,
"REPLICA MONITOR", "*", "*",
"SLAVE MONITOR", "*", "*",
PRIVILEGE_WARNING);
}

Expand Down
9 changes: 7 additions & 2 deletions mysql-test/suite/mariabackup/backup_grants.result
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,20 @@
CREATE user backup@localhost IDENTIFIED BY 'xyz';
NOT FOUND /missing required privilege/ in backup.log
FOUND 1 /missing required privilege RELOAD/ in backup.log
FOUND 1 /missing required privilege PROCESS/ in backup.log
FOUND 1 /GRANT USAGE ON/ in backup.log
GRANT RELOAD, PROCESS on *.* to backup@localhost;
FOUND 1 /missing required privilege REPLICA MONITOR/ in backup.log
NOT FOUND /missing required privilege/ in backup.log
FOUND 1 /missing required privilege SLAVE MONITOR/ in backup.log
GRANT REPLICA MONITOR ON *.* TO backup@localhost;
NOT FOUND /missing required privilege/ in backup.log
REVOKE REPLICA MONITOR ON *.* FROM backup@localhost;
FOUND 1 /missing required privilege CONNECTION ADMIN/ in backup.log
GRANT CONNECTION ADMIN ON *.* TO backup@localhost;
NOT FOUND /missing required privilege/ in backup.log
FOUND 1 /missing required privilege REPLICATION SLAVE ADMIN/ in backup.log
FOUND 1 /missing required privilege REPLICA MONITOR/ in backup.log
FOUND 1 /missing required privilege SLAVE MONITOR/ in backup.log
GRANT REPLICATION SLAVE ADMIN ON *.* TO backup@localhost;
GRANT REPLICA MONITOR ON *.* TO backup@localhost;
NOT FOUND /missing required privilege/ in backup.log
DROP USER backup@localhost;
29 changes: 20 additions & 9 deletions mysql-test/suite/mariabackup/backup_grants.test
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,14 @@
let $targetdir=$MYSQLTEST_VARDIR/tmp/backup;
CREATE user backup@localhost IDENTIFIED BY 'xyz';

let SEARCH_FILE=$MYSQLTEST_VARDIR/tmp/backup.log;
# backup possible for unprivileges user, with --no-lock
--disable_result_log
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --no-lock --target-dir=$targetdir;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --no-lock --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log

--let SEARCH_PATTERN= missing required privilege
--source include/search_pattern_in_file.inc
rmdir $targetdir;

# backup fails without --no-lock, because of FTWRL
Expand All @@ -13,7 +17,6 @@ error 1;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log

let SEARCH_FILE=$MYSQLTEST_VARDIR/tmp/backup.log;
--let SEARCH_PATTERN= missing required privilege RELOAD
--source include/search_pattern_in_file.inc
--let SEARCH_PATTERN= missing required privilege PROCESS
Expand All @@ -23,25 +26,29 @@ let SEARCH_FILE=$MYSQLTEST_VARDIR/tmp/backup.log;
# backup succeeds with RELOAD privilege
GRANT RELOAD, PROCESS on *.* to backup@localhost;
--disable_result_log
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup --user=backup --password=xyz --target-dir=$targetdir;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup --user=backup --password=xyz --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log
--let SEARCH_PATTERN= missing required privilege
--source include/search_pattern_in_file.inc
rmdir $targetdir;

# MDEV-23607 Warning: missing required privilege REPLICATION CLIENT
# --slave-info and galera info require REPLICA MONITOR
# --slave-info and --galera-info require REPLICA MONITOR
--disable_result_log
error 1;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup --user backup --password xyz --slave-info --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log
rmdir $targetdir;

--let SEARCH_PATTERN= missing required privilege REPLICA MONITOR
--let SEARCH_PATTERN= missing required privilege SLAVE MONITOR
--source include/search_pattern_in_file.inc

GRANT REPLICA MONITOR ON *.* TO backup@localhost;
--disable_result_log
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --slave-info --target-dir=$targetdir;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --slave-info --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log
--let SEARCH_PATTERN= missing required privilege
--source include/search_pattern_in_file.inc
rmdir $targetdir;
REVOKE REPLICA MONITOR ON *.* FROM backup@localhost;

Expand All @@ -59,8 +66,10 @@ rmdir $targetdir;

GRANT CONNECTION ADMIN ON *.* TO backup@localhost;
--disable_result_log
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup --user=backup --password=xyz --kill-long-query-type=all --kill-long-queries-timeout=1 --target-dir=$targetdir;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --password=xyz --kill-long-query-type=all --kill-long-queries-timeout=1 --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log
--let SEARCH_PATTERN= missing required privilege
--source include/search_pattern_in_file.inc
rmdir $targetdir;

# --safe-slave-backup requires REPLICATION SLAVE ADMIN, and REPLICA MONITOR
Expand All @@ -72,14 +81,16 @@ rmdir $targetdir;

--let SEARCH_PATTERN= missing required privilege REPLICATION SLAVE ADMIN
--source include/search_pattern_in_file.inc
--let SEARCH_PATTERN= missing required privilege REPLICA MONITOR
--let SEARCH_PATTERN= missing required privilege SLAVE MONITOR
--source include/search_pattern_in_file.inc

GRANT REPLICATION SLAVE ADMIN ON *.* TO backup@localhost;
GRANT REPLICA MONITOR ON *.* TO backup@localhost;
--disable_result_log
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --safe-slave-backup --target-dir=$targetdir;
exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup -pxyz --safe-slave-backup --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
--enable_result_log
--let SEARCH_PATTERN= missing required privilege
--source include/search_pattern_in_file.inc
rmdir $targetdir;

DROP USER backup@localhost;