Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.4, 10.5, 10.6, 10.11, 11.0, 11.1, 11.2, 11.3
-
None
-
None
-
None
Description
When mariadb-dump --system=user is run on MySQL 8.0 it runs show create user that dumps users from MySQL 8.0 .
Output looks like this:
CREATE USER `testuser`@`%` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$\"XewpRxu+dxYGcD3zAit3J5Zu1WwImONrLcgjctWxnIB8UkU8ShY.EY2JFA' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT; |
Other MySQL 8.0 users:
|
"MariaDB dump of MySQL 8.0 system user" |
|
Show all |
CREATE USER `root`@`%` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$|cQeO/3]*CTwoyKXc.JUQUo/S3pEH.7n0VM0.euyognPOEutjp4Vu4.' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
CREATE USER `testuser`@`%` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$\"XewpRxu+dxYGcD3zAit3J5Zu1WwImONrLcgjctWxnIB8UkU8ShY.EY2JFA' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
CREATE USER `mysql.infoschema`@`localhost` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT LOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
CREATE USER `mysql.session`@`localhost` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT LOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
CREATE USER `mysql.sys`@`localhost` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT LOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
CREATE USER `root`@`localhost` IDENTIFIED WITH 'caching_sha2_password' AS '$A$005$GO{ OyXPK%I(\nGH]vQZkPH28iL64nNade0WvWmE6lINV5nFkgOPgOWzEkM6' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
|
SELECT COALESCE(CURRENT_ROLE(),'NONE') into @current_role;
|
CREATE ROLE IF NOT EXISTS mariadb_dump_import_role;
|
GRANT mariadb_dump_import_role TO CURRENT_USER();
|
SET ROLE mariadb_dump_import_role;
|
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`@`%` WITH GRANT OPTION;
|
GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `root`@`%` WITH GRANT OPTION;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'root'@'%' */;
|
/*!80001 ALTER USER 'root'@'%' DEFAULT ROLE NONE */;
|
GRANT USAGE ON *.* TO `testuser`@`%`;
|
GRANT ALL PRIVILEGES ON `testdb`.* TO `testuser`@`%`;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'testuser'@'%' */;
|
/*!80001 ALTER USER 'testuser'@'%' DEFAULT ROLE NONE */;
|
GRANT SELECT ON *.* TO `mysql.infoschema`@`localhost`;
|
GRANT AUDIT_ABORT_EXEMPT,FIREWALL_EXEMPT,SYSTEM_USER ON *.* TO `mysql.infoschema`@`localhost`;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'mysql.infoschema'@'localhost' */;
|
/*!80001 ALTER USER 'mysql.infoschema'@'localhost' DEFAULT ROLE NONE */;
|
GRANT SHUTDOWN, SUPER ON *.* TO `mysql.session`@`localhost`;
|
GRANT AUDIT_ABORT_EXEMPT,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,FIREWALL_EXEMPT,PERSIST_RO_VARIABLES_ADMIN,SESSION_VARIABLES_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `mysql.session`@`localhost`;
|
GRANT SELECT ON `performance_schema`.* TO `mysql.session`@`localhost`;
|
GRANT SELECT ON `mysql`.`user` TO `mysql.session`@`localhost`;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'mysql.session'@'localhost' */;
|
/*!80001 ALTER USER 'mysql.session'@'localhost' DEFAULT ROLE NONE */;
|
GRANT USAGE ON *.* TO `mysql.sys`@`localhost`;
|
GRANT AUDIT_ABORT_EXEMPT,FIREWALL_EXEMPT,SYSTEM_USER ON *.* TO `mysql.sys`@`localhost`;
|
GRANT TRIGGER ON `sys`.* TO `mysql.sys`@`localhost`;
|
GRANT SELECT ON `sys`.`sys_config` TO `mysql.sys`@`localhost`;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'mysql.sys'@'localhost' */;
|
/*!80001 ALTER USER 'mysql.sys'@'localhost' DEFAULT ROLE NONE */;
|
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`@`localhost` WITH GRANT OPTION;
|
GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `root`@`localhost` WITH GRANT OPTION;
|
GRANT PROXY ON ``@`` TO `root`@`localhost` WITH GRANT OPTION;
|
/*M!100005 SET DEFAULT ROLE NONE FOR 'root'@'localhost' */;
|
/*!80001 ALTER USER 'root'@'localhost' DEFAULT ROLE NONE */;
|
SET ROLE NONE;
|
DROP ROLE mariadb_dump_import_role;
|
/*M!100203 EXECUTE IMMEDIATE CONCAT('SET ROLE ', @current_role) */;
|
outputs following 3 options that are not in our parser
Possible options to migrate MySQL 8.0 system users to MariaDB:
1. Create missing statements in parser
password_option: {
|
| PASSWORD HISTORY {DEFAULT | N} # PASSWORD HISTORY DEFAULT
|
| PASSWORD REUSE INTERVAL {DEFAULT | N DAY} # PASSWORD REUSE INTERVAL DEFAULT
|
| PASSWORD REQUIRE CURRENT [DEFAULT | OPTIONAL] # PASSWORD REQUIRE CURRENT DEFAULT
|
2. change mariadb-dump to recognize statements and silently remove them
Another problem is with default authentication with caching_sha2_password that is default in MySQL 8.0 and is not implemented in MariaDB (MDEV-9804).
Attachments
Issue Links
- relates to
-
MDBF-633 Create blogs for migration from MySQL 5.7/8.0 with Docker Official Images using Docker compose
-
- In Review
-