From b294acf27628df66279b41661be675fa97588c65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Fri, 17 May 2019 15:29:15 +0300
Subject: [PATCH 1/2] MXS-2496: Fix SHOW DATABASES grant check

The code expected that the grant was given to the actual user, not a role.
---
 .../authenticator/MySQLAuth/dbusers.cc        | 21 ++++++++++++-------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/server/modules/authenticator/MySQLAuth/dbusers.cc b/server/modules/authenticator/MySQLAuth/dbusers.cc
index 01197f387..d8319ef18 100644
--- a/server/modules/authenticator/MySQLAuth/dbusers.cc
+++ b/server/modules/authenticator/MySQLAuth/dbusers.cc
@@ -815,23 +815,28 @@ static bool check_server_permissions(SERVICE* service,
     }
 
     // Check whether the current user has the SHOW DATABASES privilege
-    if (mxs_mysql_query(mysql,
-                        "SELECT show_db_priv FROM mysql.user "
-                        "WHERE CONCAT(user, '@', host) = CURRENT_USER()") == 0)
+    if (mxs_mysql_query(mysql, "SHOW GRANTS") == 0)
     {
-        MYSQL_RES* res = mysql_use_result(mysql);
-        if (res)
+        if (MYSQL_RES* res = mysql_use_result(mysql))
         {
-            MYSQL_ROW row = mysql_fetch_row(res);
+            bool found = false;
 
-            if (row && strcasecmp(row[0], "Y") != 0)
+            for (MYSQL_ROW row = mysql_fetch_row(res); row; row = mysql_fetch_row(res))
+            {
+                if (strcasestr(row[0], "SHOW DATABASES"))
+                {
+                    found = true;
+                    break;
+                }
+            }
+
+            if (!found)
             {
                 MXS_WARNING("[%s] User '%s' is missing the SHOW DATABASES privilege. "
                             "This means that MaxScale cannot see all databases and authentication can fail.",
                             service->name,
                             user);
             }
-
             mysql_free_result(res);
         }
     }

From 365efb9d3a6ba7eaf1e60a3472af09f854e8f7c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Wed, 22 May 2019 09:38:04 +0300
Subject: [PATCH 2/2] Ignore SIGHUP termination in ssh_node

Sometimes the command appears to complete and terminate with a SIGHUP
instead of the proper return value.
---
 maxscale-system-test/nodes.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/maxscale-system-test/nodes.cpp b/maxscale-system-test/nodes.cpp
index 25b1ab1b6..68fda7ce6 100644
--- a/maxscale-system-test/nodes.cpp
+++ b/maxscale-system-test/nodes.cpp
@@ -5,6 +5,7 @@
 #include <future>
 #include <functional>
 #include <algorithm>
+#include <signal.h>
 
 #include "envv.h"
 
@@ -189,8 +190,14 @@ int Nodes::ssh_node(int node, const char* ssh, bool sudo)
     {
         return WEXITSTATUS(rc);
     }
+    else if (WIFSIGNALED(rc) && WTERMSIG(rc) == SIGHUP)
+    {
+        // SIGHUP appears to happen for SSH connections
+        return 0;
+    }
     else
     {
+        std::cout << strerror(errno) << std::endl;
         return 256;
     }
 }