Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-17852

Altered connection limits for user have no effect

    XMLWordPrintable

    Details

      Description

      This issue points out a difference between MySQL and MariaDB, where MySQL seems to have the expected behavior. When you update MAX_CONNECTIONS_PER_HOUR for a user the change can be seen in the users table, but in MariaDB it has no effect in practice. A blocked user will still not be able to connect. This can have serious consequences in production.

      With MySQL 8.0.13 the ALTER actually lets new clients connect with the account, but with MariaDB 10.2.19 it does not. See the attached text file for a simple repro case with Docker.

      MDEV-17852-repro.txt

      I've also tested to change the limit using the following statements, but with the same result:

      • UPDATE mysql.user SET max_connections = 0 WHERE user='testuser'; FLUSH PRIVILEGES;
      • GRANT USAGE ON . TO 'site_devkit_live_index'@'%' WITH MAX_CONNECTIONS_PER_HOUR 0;
      • Delete and re-create the user with a higher limit.

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            solsson Staffan Olsson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: