Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22482

pam v2: mysql_upgrade doesn't fix the ownership/privileges of auth_pam_tool

    XMLWordPrintable

    Details

      Description

      As part of MDEV-19876, some code was added to mysql_install_db that fixes the ownership and privileges of auth_pam_tool:

      https://github.com/mariadb/server/commit/11f3e2366282eb8cf1cb0062793d102067db6472

      Now, we have code that fixes the ownership and privileges of auth_pam_tool in the following cases:

      • If the MariaDB-server RPM is installed by the root user, then it will properly set the ownership and privileges of the auth_pam_tool binary.
      • If the mariadb-server DEB is installed by the root user, then it will properly set the ownership and privileges of the auth_pam_tool binary.
      • If mysql_install_db is run by the root user, then it will properly set the ownership and privileges of the auth_pam_tool binary.

      This still leaves a big gap, because:

      • If someone is using a binary tarball installation, then the RPM and DEB improvements won't help them.
      • If someone is performing an upgrade, rather than a fresh install, then the mysql_install_db improvements won't help them.

      It seems as though mysql_upgrade should also try to fix the ownership and privileges of auth_pam_tool, so that these cases are also covered.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              GeoffMontee Geoff Montee
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: