Merge branch '2.2' into develop

Documentation/Getting-Started/Configuration-Guide.md

@@ -959,6 +959,7 @@ name and grants suitable for database name authorization.
 GRANT SELECT ON mysql.user TO 'maxscale'@'maxscalehost';
 GRANT SELECT ON mysql.db TO 'maxscale'@'maxscalehost';
 GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost';
+GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'maxscalehost';
 GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost';
 ```
 

Documentation/Tutorials/Connection-Routing-Tutorial.md

@@ -97,6 +97,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
 GRANT SELECT ON mysql.user TO 'maxscale'@'%';
 GRANT SELECT ON mysql.db TO 'maxscale'@'%';
 GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
+GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
 GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
 ```
 

Documentation/Tutorials/MaxScale-Tutorial.md

@@ -32,6 +32,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
 GRANT SELECT ON mysql.user TO 'maxscale'@'%';
 GRANT SELECT ON mysql.db TO 'maxscale'@'%';
 GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
+GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
 GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
 ```
 

Documentation/Tutorials/Read-Write-Splitting-Tutorial.md

@@ -79,6 +79,7 @@ CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
 GRANT SELECT ON mysql.user TO 'maxscale'@'%';
 GRANT SELECT ON mysql.db TO 'maxscale'@'%';
 GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
+GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
 GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
 ```
 

maxscale-system-test/CMakeLists.txt

@@ -1009,6 +1009,10 @@ add_test_executable(mxs1889.cpp mxs1889 mxs1889 LABELS REPL_BACKEND)
 # MXS-421 Improved log facility
 add_test_executable(mxs421_events.cpp mxs421_events mxs421_events LABELS REPL_BACKEND)
 
+# MXS-1932: Hidden files are not ignored
+# https://jira.mariadb.org/browse/MXS-1932
+add_test_executable(mxs1932_hidden_cnf.cpp mxs1932_hidden_cnf replication LABELS REPL_BACKEND)
+
 configure_file(templates.h.in templates.h @ONLY)
 
 include(CTest)

maxscale-system-test/mxs1932_hidden_cnf.cpp

@@ -0,0 +1,39 @@
+/**
+ * MXS-1932: Hidden files are not ignored
+ *
+ * https://jira.mariadb.org/browse/MXS-1932
+ */
+
+#include "testconnections.h"
+
+#include <fstream>
+#include <iostream>
+
+using namespace std;
+
+int main(int argc, char** argv)
+{
+    TestConnections::skip_maxscale_start(true);
+    TestConnections test(argc, argv);
+
+    ofstream cnf("hidden.cnf");
+    cnf << "[something]" << endl;
+    cnf << "type=turbocharger" << endl;
+    cnf << "target=maxscale" << endl;
+    cnf << "speed=maximum" << endl;
+    cnf.close();
+
+    test.maxscales->copy_to_node_legacy("hidden.cnf", "~");
+    test.maxscales->ssh_node_f(0, true,
+                               "mkdir -p /etc/maxscale.cnf.d/;"
+                               "mv %s/hidden.cnf /etc/maxscale.cnf.d/.hidden.cnf;"
+                               "chown -R maxscale:maxscale /etc/maxscale.cnf.d/",
+                               test.maxscales->access_homedir[0]);
+
+    test.assert(test.maxscales->restart_maxscale() == 0, "Starting MaxScale should suceed");
+
+    test.maxscales->ssh_node_f(0, true, "rm -r /etc/maxscale.cnf.d/");
+    remove("hidden.cnf");
+
+    return test.global_result;
+}

server/core/config.cc

@@ -755,7 +755,7 @@ int config_cb(const char* fpath, const struct stat *sb, int typeflag, struct FTW
         const char* filename = fpath + ftwbuf->base;
         const char* dot = strrchr(filename, '.');
 
-        if (dot) // that must have a suffix,
+        if (dot && *filename != '.') // that have a suffix and are not hidden,
         {
             const char* suffix = dot + 1;
 

server/modules/authenticator/MySQLAuth/dbusers.cc

@@ -113,9 +113,9 @@ static char* get_mariadb_users_query(bool include_root)
     return rval;
 }
 
-static char* get_users_query(const char *server_version, uint64_t version, bool include_root)
+static char* get_users_query(const char *server_version, bool include_root, bool is_mariadb)
 {
-    if (version >= 100101) // 10.1.1 or newer, supports default roles
+    if (is_mariadb) // 10.1.1 or newer, supports default roles
     {
         return get_mariadb_users_query(include_root);
     }
@@ -794,6 +794,31 @@ static bool get_hostname(DCB *dcb, char *client_hostname, size_t size)
     return lookup_result == 0;
 }
 
+static bool roles_are_available(MYSQL* conn, SERVICE* service, SERVER* server)
+{
+    bool rval = false;
+
+    if (server->version >= 100101)
+    {
+        static bool log_missing_privs = true;
+
+        if (mxs_mysql_query(conn, "SELECT 1 FROM mysql.roles_mapping LIMIT 1") == 0)
+        {
+            mysql_free_result(mysql_store_result(conn));
+            rval = true;
+        }
+        else if (log_missing_privs)
+        {
+            log_missing_privs = false;
+            MXS_WARNING("The user for service '%s' is missing the SELECT grant on "
+                        "`mysql.roles_mapping`. Use of default roles is disabled "
+                        "until the missing privileges are added.", service->name);
+        }
+    }
+
+    return rval;
+}
+
 int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service, SERV_LISTENER *listener)
 {
     if (server_ref->server->version_string[0] == 0)
@@ -801,9 +826,9 @@ int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service,
         mxs_mysql_set_server_version(con, server_ref->server);
     }
 
-    char *query = get_users_query(server_ref->server->version_string,
+    char *query = get_users_query(server_ref->server->version_string, service->enable_root,
-                                  server_ref->server->version,
+                                  roles_are_available(con, service, server_ref->server));
-                                  service->enable_root);
+
     MYSQL_AUTH *instance = (MYSQL_AUTH*)listener->auth_instance;
     sqlite3* handle = get_handle(instance);
     bool anon_user = false;