Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-17852

Altered connection limits for user have no effect

    XMLWordPrintable

Details

    Description

      This issue points out a difference between MySQL and MariaDB, where MySQL seems to have the expected behavior. When you update MAX_CONNECTIONS_PER_HOUR for a user the change can be seen in the users table, but in MariaDB it has no effect in practice. A blocked user will still not be able to connect. This can have serious consequences in production.

      With MySQL 8.0.13 the ALTER actually lets new clients connect with the account, but with MariaDB 10.2.19 it does not. See the attached text file for a simple repro case with Docker.

      MDEV-17852-repro.txt

      I've also tested to change the limit using the following statements, but with the same result:

      • UPDATE mysql.user SET max_connections = 0 WHERE user='testuser'; FLUSH PRIVILEGES;
      • GRANT USAGE ON . TO 'site_devkit_live_index'@'%' WITH MAX_CONNECTIONS_PER_HOUR 0;
      • Delete and re-create the user with a higher limit.

      Attachments

        1. MDEV-17852-repro.txt
          2 kB
          Staffan Olsson
        2. MDEV-17852-repro-docker-with-workaround.txt
          2 kB
          Staffan Olsson
        3. test-max-user-connections.txt
          0.9 kB
          Staffan Olsson

        Activity

          People

            serg Sergei Golubchik
            solsson Staffan Olsson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.