Details
-
Technical task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.5.4
-
None
Description
As per the documentation, BINLOG MONITOR is new name for REPLICATION CLIENT from MariaDB 10.5.2, (REPLICATION CLIENT still supported as an alias for compatibility purposes). Permits running SHOW commands related to the binary log, in particular the SHOW BINLOG STATUS, SHOW REPLICA STATUS and SHOW BINARY LOGS statements.
https://mariadb.com/kb/en/grant/#binlog-monitor
But SHOW SLAVE STATUS and SHOW REPLICA STATUS failed even though BINLOG MONITOR privilege provided.
MariaDB [(none)]> show grants;
|
+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
| Grants for dbsupp1@localhost |
|
+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
| GRANT PROCESS, SHOW DATABASES, BINLOG MONITOR, SHOW VIEW ON *.* TO "dbsupp1"@"localhost" IDENTIFIED BY PASSWORD '*' |
|
| GRANT SELECT ON "mysql".* TO "dbsupp1"@"localhost" |
|
| GRANT SELECT ON "performance_schema".* TO "dbsupp1"@"localhost" |
|
+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
3 rows in set (0.000 sec)
|
 |
MariaDB [(none)]> show slave status\G
|
ERROR 1227 (42000): Access denied; you need (at least one of) the SUPER, REPLICATION SLAVE ADMIN privilege(s) for this operation
|
MariaDB [(none)]> SHOW REPLICA STATUS\G
|
ERROR 1227 (42000): Access denied; you need (at least one of) the SUPER, REPLICATION SLAVE ADMIN privilege(s) for this operation
|
Now REPLICATION SLAVE ADMIN is bigger privileges for the user because with that, user can START/STOP SLAVE and use CHANGE MASTER. So I think SHOW SLAVE STATUS/SHOW REPLICA STATUS should be a part of BINLOG MONITOR only.