hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Extend MDEV-13453 workaround explanations

Browse Source 
The example SQL now shows the extra grant required for 10.2 versions. Also
removed duplicate user creation examples from the tutorials.
This commit is contained in:
Markus Mäkelä
2018-09-21 11:18:34 +03:00
parent e5739c4e00
commit e54a44d56a
4 changed files with 14 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Documentation/Getting-Started/Configuration-Guide.md
View File

@ -907,15 +907,18 @@ GRANT SELECT ON mysql.db TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost'; GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'maxscalehost'; GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'maxscalehost';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost'; GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost';
-- MariaDB from 10.2.2 to 10.2.10 requires extra grants
GRANT SELECT ON mysql.* TO 'maxscale'@'maxscalehost';
``` ```
**Note:** MariaDB versions 10.2.10 and older require a `SELECT` grant on
`mysql.*` in addition to the normal grants. This is to work around MDEV-13453
which was fixed in MariaDB 10.2.11.
See [MaxScale Troubleshooting](https://mariadb.com/kb/en/mariadb-enterprise/maxscale-troubleshooting/) See [MaxScale Troubleshooting](https://mariadb.com/kb/en/mariadb-enterprise/maxscale-troubleshooting/)
for more information on how to troubleshoot authentication related problems. for more information on how to troubleshoot authentication related problems.
**Note:** Due to a bug in MariaDB 10.2.9, if you see a
`SELECT command denied to user ... for table 'users'`
error, grant `SELECT ON mysql.*` to this user.
<a id="passwd"></a> <a id="passwd"></a>
#### `password` #### `password`

12
Documentation/Tutorials/Connection-Routing-Tutorial.md
View File

@ -90,16 +90,8 @@ for the read service we use the _slave_ type.
The final part of the service configuration is the `user` and `password` The final part of the service configuration is the `user` and `password`
parameters that define the credentials that the service will use to populate the parameters that define the credentials that the service will use to populate the
user authentication data. To create this user, execute the following SQL commands. user authentication data. These users were created at the start of the
[MaxScale Tutorial](MaxScale-Tutorial.md).
```
CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
GRANT SELECT ON mysql.user TO 'maxscale'@'%';
GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
```
**Note:** For increased security [encrypt your passwords in the configuration file](Encrypting-Passwords.md). **Note:** For increased security [encrypt your passwords in the configuration file](Encrypting-Passwords.md).

3
Documentation/Tutorials/MaxScale-Tutorial.md
View File

@ -35,6 +35,9 @@ GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%'; GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%'; GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%'; GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
-- MariaDB from 10.2.2 to 10.2.10 requires extra grants
GRANT SELECT ON mysql.* TO 'maxscale'@'%';
``` ```
These credentials will be used by the services in MaxScale to populate the user These credentials will be used by the services in MaxScale to populate the user

12
Documentation/Tutorials/Read-Write-Splitting-Tutorial.md
View File

@ -72,16 +72,8 @@ or addresses of the servers.
The final part of the service configuration is the `user` and `password` The final part of the service configuration is the `user` and `password`
parameters that define the credentials that the service will use to populate the parameters that define the credentials that the service will use to populate the
user authentication data. To create this user, execute the following SQL commands. user authentication data. These users were created at the start of the
[MaxScale Tutorial](MaxScale-Tutorial.md).
```
CREATE USER 'maxscale'@'%' IDENTIFIED BY 'maxscale_pw';
GRANT SELECT ON mysql.user TO 'maxscale'@'%';
GRANT SELECT ON mysql.db TO 'maxscale'@'%';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'%';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'%';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'%';
```
**Note:** For increased security [encrypt your passwords in the configuration file](Encrypting-Passwords.md). **Note:** For increased security [encrypt your passwords in the configuration file](Encrypting-Passwords.md).