Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31809

Automatic SST user account management

    XMLWordPrintable

Details

    Description

      Most advanced SST methods happen to require a dedicated database user
      account with certain privileges to access the server during the SST
      process on the donor node. Previously that user account had to be
      created manually before any SST could take place and its authentication
      credentials had to be manually entered into the configuration file and
      stored there in clear text indefinitely - to be accessed by the SST
      script when needed.

      A much less error prone and more secure approach is to automatically
      create such user account just for the SST and delete it afterwards. The
      account credentials can be passed directly to SST script. Besides better
      security and simpler node configuration this also solves the problem of
      SST user privilege evolution: the required privileges may change with
      the new server release, and automatic account generation will always
      create the user with the right privileges.

      Attachments

        Issue Links

          duplicates

          New Feature - A new feature of the product, which has yet to be developed. MDEV-16009 mariabackup SST requires clear text password in xtrabackup.cnf

          • Major - Major loss of function.
          • Open
          relates to

          New Feature - A new feature of the product, which has yet to be developed. MDEV-16009 mariabackup SST requires clear text password in xtrabackup.cnf

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MDEV-19949 mariabackup option of '--password' or '-p' without specifying password in commandline

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Task - A task that needs to be done. MDEV-20757 wsrep_ss_auth password encryption

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. MDEV-25321 mariabackup failed if password is passed via environment variable

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              sysprg Julius Goryavsky
              Yurchenko Alexey
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.