Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20577

Require lower privilege than SUPER to set rocksdb_create_checkpoint

    Details

      Description

      If you want to set the rocksdb_create_checkpoint system variable, then you need the SUPER privilege. This is not exactly unexpected since it is a GLOBAL system variable.

      From the MySQL documentation:

      Setting a global system variable runtime value requires the SUPER privilege.

      https://dev.mysql.com/doc/refman/5.5/en/system-variable-privileges.html

      The problem is that Mariabackup uses this system variable to backup MyRocks data. This limitation means that MyRocks data can only be backed up by Mariabackup if the user account has the SUPER privilege. See MDEV-20564.

      This has been documented now:

      https://mariadb.com/kb/en/library/mariabackup-overview/#authentication-and-privileges

      I think some users would dislike the idea of making the backup user require SUPER privileges. Would it be possible and desirable to change MyRocks, so that a lower privilege than SUPER is required in order to set the rocksdb_create_checkpoint system variable? Should the system variable be made into a SESSION system variable?

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                psergey Sergei Petrunia
                Reporter:
                GeoffMontee Geoff Montee
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: