Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL), 11.1(EOL), 11.2, 11.3(EOL), 11.4
Description
While testing MDEV-33383, mleich produced rr replay traces of a 10.5 server that was being backed up, as well as the mariadb-backup processes that made and prepared the backup, and another server process that crashed due to a corrupted page when starting on the prepared backup.
Some painstaking analysis revealed the reason for the corruption: The parameter innodb_encrypt_tables=1 is not being copied to the backup-my.cnf file, neither in encryption_plugin_backup_init(), nor in write_backup_config_file(). The configuration parameter innodb_encrypt_log is being copied, ever since MDEV-9566 was implemented.
It looks like neither the settings innodb_encrypt_log=1 nor innodb_encrypt_tables=1 will be restored from the backup-my.cnf} file during {{mariadb-backup --prepare. The setting innodb_encrypt_log will be persisted via the log file format, but innodb_encrypt_tables would only be recoverable from the configuration file.
Because of the incorrect default setting innodb_encrypt_tables=0 that is in effect during mariadb-backup --prepare, the backup will be corrupted: Those data pages on which some log was applied could be stored unencrypted, while others would be stored encrypted from the server.
As far as I understand, there may be an additional design problem that when SET GLOBAL innodb_encrypt_tables=... is executed during or between backup runs, no consistent backups can be created.
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
- relates to
-
MDEV-9566 Add xtrabackup tool to MariaDB 10.1
-
- Closed
-
-
-
- Open
-
-
-
- Closed
-
-
-
- Closed
-