[MDEV-37925] Is there any adverse effect if READ_ONLY ADMIN privilege is taken away from the root user? - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Not a Bug
Affects Version/s: None
Fix Version/s: N/A
Component/s: N/A
Labels:
None

Bug Category:
Not for Release Notes

Description

This is just a question, a user story.

It turns out, that when running mysql_upgrade on an older server version where ALL PRIVILEGES and the SUPER privilege still included the READ_ONLY ADMIN privilege, the READ_ONLY ADMIN privilege is kept for these users.

It caused an accidental problem, because it allowed a replica to be changed manually, which then broke replication due to a PK violation.

Anyway, my question here is: does taking away the READ_ONLY ADMIN privilege from the root user cause any subtle issues?

I already discovered that by taking this privilege away, the root user cannot give it back to itself:
REVOKE READ_ONLY ADMIN ON . FROM 'root'@'localhost';

GRANT READ_ONLY ADMIN ON . TO 'root'@'localhost';
results in
ERROR 1698 (28000): Access denied for user 'root'@'localhost'

the same error occurs for
GRANT ALL PRIVILEGES ON . FROM 'root'@'localhost';

Attachments

Activity

People

Assignee:: Daniel Black

Reporter:: Zoltán Böszörményi

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2025-10-22 14:04

Updated:: 2025-10-28 01:18

Resolved:: 2025-10-27 06:49

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.