Add utility scripts to make installation easier

The `create_grants` scripts allow users to be easily "copied" to
MaxScale. It queries the backend for grants for all users and converts
them into similar grants for the MaxScale host.

The `create_roles.sql` is a small set of queries which creates two utility
roles, `proxy_authenticator` and `proxy_monitor`. These roles can be
assigned to the actual service and monitor users with a single grant
command.

CMakeLists.txt

@@ -205,6 +205,8 @@ install_file(${CMAKE_BINARY_DIR}/ReleaseNotes.txt core)
 install_file(${CMAKE_BINARY_DIR}/UpgradingToMaxScale12.txt core)
 install_file(server/maxscale.cnf.template core)
 install_file(server/maxscale_binlogserver_template.cnf core)
+install_program(script/create_grants core)
+install_file(script/create_roles.sql core)
 
 # Install the template into /etc
 if(WITH_MAXSCALE_CNF AND (NOT TARGET_COMPONENT OR "core" STREQUAL "${TARGET_COMPONENT}"))

script/create_grants

@@ -0,0 +1,84 @@
+#!/bin/bash
+
+# Copyright (c) 2016 MariaDB Corporation Ab
+#
+# Use of this software is governed by the Business Source License included
+# in the LICENSE.TXT file and at www.mariadb.com/bsl.
+#
+# Change Date: 2019-07-01
+#
+# On the date above, in accordance with the Business Source License, use
+# of this software will be governed by version 2 or later of the General
+# Public License.
+
+function runQuery(){
+    mysql -s -s -h "$host" -P "$port" -u "$user" -p"$password" -e "$1"
+    if [ $? -ne 0 ]
+    then
+        echo "Failed to execute query: $1"
+        exit
+    fi
+}
+
+# Transform grants to from external hosts to MaxScale's host
+function getGrants(){
+    result=$(runQuery "show grants for $1"|sed -e "s/@[^ ]*/@'$maxscalehost'/" -e "s/ *IDENTIFIED BY.*//" -e "s/$/;/")
+    echo "$result"
+}
+
+user=$(whoami)
+host=$(hostname)
+port=3306
+include_root="and user <> 'root'"
+
+if [ "$1" == "--help" ] || [ $# -eq 0 ]
+then
+    echo "Transform grants from original host to this host"
+    echo ""
+    echo "This script queries the backend database for a list of grants and outputs "
+    echo "copies of them with the hostnames replaced with the current server's hostname."
+    echo "The value of the hostname is the same you would get by doing a 'SELECT USER()'"
+    echo "query from this server."
+    echo ""
+    echo "Usage: $0 -u USER -p PASSWORD -h HOST -P PORT [-r]"
+    echo "-u USER        Username"
+    echo "-p PASSWORD    Password"
+    echo "-h HOST        Database address ($host)"
+    echo "-P PORT        Database port ($port)"
+    echo "-r             Include root user in the grants"
+    exit
+fi
+
+while getopts "u:p:h:P:r" var
+do
+    case $var in
+        u)
+            user=$OPTARG
+            ;;
+
+        p)
+            password=$OPTARG
+            ;;
+
+        h)
+            host=$OPTARG
+            ;;
+
+        P)
+            port=$OPTARG
+            ;;
+        r)
+            include_root=""
+            ;;
+    esac
+done
+
+# Get the MaxScale hostname from the backend server
+maxscalehost=$(runQuery "select user()")
+maxscalehost=${maxscalehost#*@}
+
+# List all the users
+runQuery "select concat(\"'\", user, \"'\", '@', \"'\", host, \"'\") from mysql.user where user <> '' and host <> '%' $include_root"|while read i
+do
+    getGrants "$i"
+done

script/create_roles.sql

@@ -0,0 +1,7 @@
+CREATE ROLE proxy_authenticator;
+GRANT SELECT ON mysql.user TO proxy_authenticator;
+GRANT SELECT ON mysql.db TO proxy_authenticator;
+GRANT SELECT ON mysql.tables_priv TO proxy_authenticator;
+GRANT SHOW DATABASES ON *.* TO proxy_authenticator;
+CREATE ROLE proxy_monitor;
+GRANT REPLICATION CLIENT ON *.* TO proxy_monitor;