hcq/MaxScale
hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated documentation about new grants required by MaxScale

Browse Source 
The documentation now mentions the additional SELECT privileges that are needed
on the `mysql.tables_priv` table.
This commit is contained in:
Markus Makela 2016-03-07 20:27:56 +02:00
parent fd34cd4014
commit 44d9929f3c
3 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Documentation/Changelog.md
View File

@ -1,5 +1,8 @@
#Changelog
## MaxScale 1.4
* Authentication now allows table level resolution of grants. MaxScale service users will now need SELECT privileges on `mysql.tables_priv` to be able to authenticate users at the database and table level.
## MaxScale 1.3
* Added support for persistent backend connections
* The *binlog server* is now an integral component of MaxScale.

9
Documentation/Getting-Started/Configuration-Guide.md
View File

@ -370,19 +370,22 @@ In order for MaxScale to obtain all the data it must be given a username it can
The account used must be able to select from the mysql.user table, the following is an example showing how to create this user.
```
MariaDB [mysql]> create user 'maxscale'@'maxscalehost' identified by 'Mhu87p2D';
MariaDB [mysql]> CREATE USER 'maxscale'@'maxscalehost' IDENTIFIED BY 'Mhu87p2D';
Query OK, 0 rows affected (0.01 sec)
MariaDB [mysql]> grant SELECT on mysql.user to 'maxscale'@'maxscalehost';
MariaDB [mysql]> GRANT SELECT ON mysql.user TO 'maxscale'@'maxscalehost';
Query OK, 0 rows affected (0.00 sec)
```
Additionally, `GRANT SELECT` on the `mysql.db` table and `SHOW DATABASES` privileges are required in order to load databases name and grants suitable for database name authorization.
Additionally, `SELECT` privileges on the `mysql.db` and `mysql.tables_priv` tables and `SHOW DATABASES` privileges are required in order to load databases name and grants suitable for database name authorization.
```
MariaDB [(none)]> GRANT SELECT ON mysql.db TO 'maxscale'@'maxscalehost';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost';
Query OK, 0 rows affected (0.00 sec)
```

6
Documentation/Tutorials/MaxScale-Tutorial.md
View File

@ -42,12 +42,16 @@ MariaDB [(none)]> grant SELECT on mysql.user to '*username*'@'*maxscalehost*';
**Query OK, 0 rows affected (0.03 sec)**
```
Additionally, GRANT SELECT on the mysql.db table and SHOW DATABASES privileges are required in order to load databases name and grants suitable for database name authorization.
Additionally, `SELECT` privileges on the `mysql.db` and `mysql.tables_priv` tables and `SHOW DATABASES` privileges are required in order to load databases name and grants suitable for database name authorization.
```
MariaDB [(none)]> GRANT SELECT ON mysql.db TO 'username'@'maxscalehost';
**Query OK, 0 rows affected (0.00 sec)**
MariaDB [(none)]> GRANT SELECT ON mysql.tables_priv TO 'username'@'maxscalehost';
**Query OK, 0 rows affected (0.00 sec)**
MariaDB [(none)]> GRANT SHOW DATABASES ON *.* TO 'username'@'maxscalehost';
**Query OK, 0 rows affected (0.00 sec)**