Details
-
Bug
-
Status: Closed (View Workflow)
-
Blocker
-
Resolution: Fixed
-
10.0.14, 10.0.16
-
None
-
PROD
Description
We have observed that galera cluster replicates commands on all other nodes when it was actually refused on one node due to lack of database permissions:
Steps to reproduce this issue:
Set up 3x nodes cluster (db01, db02 and db03):
|
|
-- Add database user account with following permissions:
|
|
|
GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'iayyaz'@'%' identified by '123';
|
|
|
-- Create dummy database + table
|
|
|
CREATE DATABASE test;
|
USE test;
|
create table t1 (a int);
|
– Login using user 'iayyaz' to node 'db01'
– Issue following commands:
|
|
rename table t1 to t2;
|
(this command would fail due to lack of permissions)
|
ERROR 1142 (42000): DROP, ALTER command denied to user 'iayyaz'@'10.10.16.7' for table 't1'
|
|
|
– Login to node 'db02'
You would find table has been renamed:
MariaDB [test]> show tables;
|
+----------------+
|
| Tables_in_test |
|
+----------------+
|
| t2 |
|
+----------------+
|
1 row in set (0.00 sec)
|
|
|