[MDEV-20577] Require lower privilege than SUPER to set rocksdb_create_checkpoint - Jira

XML

Word

Printable

Details

Type: Task
Status: Open (View Workflow)
Priority: Minor
Resolution: Unresolved
Fix Version/s: None
Component/s: Storage Engine - RocksDB
Labels:
- beginner-friendly

Description

If you want to set the rocksdb_create_checkpoint system variable, then you need the SUPER privilege. This is not exactly unexpected since it is a GLOBAL system variable.

From the MySQL documentation:

Setting a global system variable runtime value requires the SUPER privilege.

https://dev.mysql.com/doc/refman/5.5/en/system-variable-privileges.html

The problem is that Mariabackup uses this system variable to backup MyRocks data. This limitation means that MyRocks data can only be backed up by Mariabackup if the user account has the SUPER privilege. See ~~MDEV-20564~~.

This has been documented now:

https://mariadb.com/kb/en/library/mariabackup-overview/#authentication-and-privileges

I think some users would dislike the idea of making the backup user require SUPER privileges. Would it be possible and desirable to change MyRocks, so that a lower privilege than SUPER is required in order to set the rocksdb_create_checkpoint system variable? Should the system variable be made into a SESSION system variable?

Attachments

Issue Links

relates to

MDEV-13122 Backup myrocks with mariabackup

Closed

MDEV-21743 Split up SUPER privilege to smaller privileges

Closed

MDEV-20564 Mariabackup docs for privileges incomplete / outdated for rocksdb backups

Closed

Activity

People

Assignee:: Sergei Petrunia

Reporter:: Geoff Montee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2019-09-12 23:31

Updated:: 2024-11-06 20:14

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.