Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23918

admin privlege required to view contents of relay logs in 10.5

Details

    Description

      I completely understand the point that SUPER privilege has been divided in to multiple parts for better privilege management.

      Here, we can use "binlog monitor" privilege to view the contents of binary logs. However, when it comes to relay log it require "replication slave admin" privilege. In earlier version, it need "replication slave" privilege to view the contents of relay logs.

      https://mariadb.com/kb/en/grant/#replication-slave-admin

      It would be nice to consider the same behavior and provide users with "replication slave" privilege to view the relay log contents using "SHOW RELAYLOGS EVENTS" command accordingly

      MariaDB [(none)]> select version();
      		 
      +---------------------+
      		 
      | version()           |
      		 
      +---------------------+
      		 
      | 10.4.13-MariaDB-log |
      		 
      +---------------------+
      		 
      1 row in set (0.00 sec)
      		 
       
      		 
      MariaDB [(none)]>
      		 
      MariaDB [(none)]> show relaylog events in 'relaylog.000030';
      		 
      ERROR 1227 (42000): Access denied; you need (at least one of) the REPLICATION SLAVE privilege(s) for this operation
      		 
      MariaDB [(none)]>
      		 
       
      		 
      MariaDB [(none)]> select version();
      		 
      +----------------+
      		 
      | version()      |
      		 
      +----------------+
      		 
      | 10.5.5-MariaDB |
      		 
      +----------------+
      		 
      1 row in set (0.00 sec)
      		 
       
      		 
      MariaDB [(none)]> show relaylog events in 'relaylog.000603';
      		 
      ERROR 1227 (42000): Access denied; you need (at least one of) the REPLICATION SLAVE ADMIN privilege(s) for this operation
      		 
      MariaDB [(none)]>

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-23610 Slave user can't run "SHOW SLAVE STATUS" anymore after upgrade to 10.5, mysql_upgrade should take of that

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-27611 CLONE - Slave user can't run "SHOW SLAVE STATUS" anymore after upgrade to 10.5, mysql_upgrade should take of that

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              sujatha.sivakumar Sujatha Sivakumar (Inactive)
              vidyadhar.chelluru vidyadhar
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.