Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.11, 11.4, 11.8
-
None
Description
SET @tx= @@global.tx_read_only; |
|
|
INSTALL SONAME 'password_reuse_check'; |
SET GLOBAL tx_read_only= ON; |
SET tx_read_only=0; |
CREATE USER foo IDENTIFIED BY 'qux'; |
|
|
DROP USER foo; |
UNINSTALL SONAME 'password_reuse_check'; |
SET @@global.tx_read_only= @tx; |
DROP TABLE mysql.password_reuse_check_history; |
|
10.11 ddd5ba3a00ebf164c169efb312ee5f4a624f575c |
mysqltest: At line 6: query 'CREATE USER foo IDENTIFIED BY 'qux'' failed: ER_NOT_VALID_PASSWORD (1819): Your password does not satisfy the current policy requirements (password_reuse_check) |
If we allow it to run SHOW WARNINGS afterwards, it says
show warnings;
|
Level Code Message |
Warning 1105 password_reuse_check:[1792] Cannot execute statement in a READ ONLY transaction |
Error 1819 Your password does not satisfy the current policy requirements (password_reuse_check) |
To my understanding, upon the first use the plugin attempts to create a table in mysql schema, and the global transaction_read_only apparently prevents it from doing so.
I don't think that the plugin should be affected by read-only settings at all, it's our internal business how it stores the history and when it creates the structures (note that the session read-only is set to OFF, so CREATE USER is not supposed to be affected); but if there has to be an error, probably it should be the real one, about read-only, not the imaginary one about the invalid password.