hcq/MaxScale
hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch '2.2' into develop

Browse Source
This commit is contained in:
Markus Mäkelä 2018-06-20 14:43:03 +03:00
commit 396f5d96c2
No known key found for this signature in database
GPG Key ID: 72D48FCE664F7B19
8 changed files with 78 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Documentation/Getting-Started/Configuration-Guide.md
View File

@ -959,6 +959,7 @@ name and grants suitable for database name authorization.
GRANT SELECT ON mysql.user TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.db TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'maxscalehost';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost';
```

1
Documentation/Tutorials/Connection-Routing-Tutorial.md
View File

@ -97,6 +97,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
GRANT SELECT ON mysql.user TO 'maxscale'@'%';
GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
```

1
Documentation/Tutorials/MaxScale-Tutorial.md
View File

@ -32,6 +32,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
GRANT SELECT ON mysql.user TO 'maxscale'@'%';
GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
```

1
Documentation/Tutorials/Read-Write-Splitting-Tutorial.md
View File

@ -79,6 +79,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
GRANT SELECT ON mysql.user TO 'maxscale'@'%';
GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
```

4
maxscale-system-test/CMakeLists.txt
View File

@ -1009,6 +1009,10 @@ add_test_executable(mxs1889.cpp mxs1889 mxs1889 LABELS REPL_BACKEND)
# MXS-421 Improved log facility
add_test_executable(mxs421_events.cpp mxs421_events mxs421_events LABELS REPL_BACKEND)
# MXS-1932: Hidden files are not ignored
# https://jira.mariadb.org/browse/MXS-1932
add_test_executable(mxs1932_hidden_cnf.cpp mxs1932_hidden_cnf replication LABELS REPL_BACKEND)
configure_file(templates.h.in templates.h @ONLY)
include(CTest)

39
maxscale-system-test/mxs1932_hidden_cnf.cpp Normal file
View File

@ -0,0 +1,39 @@
/**
* MXS-1932: Hidden files are not ignored
*
* https://jira.mariadb.org/browse/MXS-1932
*/
#include "testconnections.h"
#include <fstream>
#include <iostream>
using namespace std;
int main(int argc, char** argv)
{
TestConnections::skip_maxscale_start(true);
TestConnections test(argc, argv);
ofstream cnf("hidden.cnf");
cnf << "[something]" << endl;
cnf << "type=turbocharger" << endl;
cnf << "target=maxscale" << endl;
cnf << "speed=maximum" << endl;
cnf.close();
test.maxscales->copy_to_node_legacy("hidden.cnf", "~");
test.maxscales->ssh_node_f(0, true,
"mkdir -p /etc/maxscale.cnf.d/;"
"mv %s/hidden.cnf /etc/maxscale.cnf.d/.hidden.cnf;"
"chown -R maxscale:maxscale /etc/maxscale.cnf.d/",
test.maxscales->access_homedir[0]);
test.assert(test.maxscales->restart_maxscale() == 0, "Starting MaxScale should suceed");
test.maxscales->ssh_node_f(0, true, "rm -r /etc/maxscale.cnf.d/");
remove("hidden.cnf");
return test.global_result;
}

2
server/core/config.cc
View File

@ -755,7 +755,7 @@ int config_cb(const char* fpath, const struct stat *sb, int typeflag, struct FTW
const char* filename = fpath + ftwbuf->base;
const char* dot = strrchr(filename, '.');
if (dot) // that must have a suffix,
if (dot && *filename != '.') // that have a suffix and are not hidden,
{
const char* suffix = dot + 1;

35
server/modules/authenticator/MySQLAuth/dbusers.cc
View File

@ -113,9 +113,9 @@ static char* get_mariadb_users_query(bool include_root)
return rval;
}
static char* get_users_query(const char *server_version, uint64_t version, bool include_root)
static char* get_users_query(const char *server_version, bool include_root, bool is_mariadb)
{
if (version >= 100101) // 10.1.1 or newer, supports default roles
if (is_mariadb) // 10.1.1 or newer, supports default roles
{
return get_mariadb_users_query(include_root);
}
@ -794,6 +794,31 @@ static bool get_hostname(DCB *dcb, char *client_hostname, size_t size)
return lookup_result == 0;
}
static bool roles_are_available(MYSQL* conn, SERVICE* service, SERVER* server)
{
bool rval = false;
if (server->version >= 100101)
{
static bool log_missing_privs = true;
if (mxs_mysql_query(conn, "SELECT 1 FROM mysql.roles_mapping LIMIT 1") == 0)
{
mysql_free_result(mysql_store_result(conn));
rval = true;
}
else if (log_missing_privs)
{
log_missing_privs = false;
MXS_WARNING("The user for service '%s' is missing the SELECT grant on "
"`mysql.roles_mapping`. Use of default roles is disabled "
"until the missing privileges are added.", service->name);
}
}
return rval;
}
int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service, SERV_LISTENER *listener)
{
if (server_ref->server->version_string[0] == 0)
@ -801,9 +826,9 @@ int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service,
mxs_mysql_set_server_version(con, server_ref->server);
}
char *query = get_users_query(server_ref->server->version_string,
server_ref->server->version,
service->enable_root);
char *query = get_users_query(server_ref->server->version_string, service->enable_root,
roles_are_available(con, service, server_ref->server));
MYSQL_AUTH *instance = (MYSQL_AUTH*)listener->auth_instance;
sqlite3* handle = get_handle(instance);
bool anon_user = false;