Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9996

Do not replicate debian-sys-maint user setup in Debian postinst

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Won't Fix
    • 5.5.49
    • N/A
    • Platform Debian
    • None
    • Debian 7, Debian 8

    Description

      The postinst scripts for Debian (and Ubuntu) run several statements using the --bootstrap option to mysqld:

      # update privilege tables
      password_column_fix_query=`/bin/echo -e \
              "USE mysql;\n" \
              "ALTER TABLE user CHANGE Password Password char(41) character set latin1 collate latin1_bin DEFAULT '' NOT NULL;"`
      replace_query=`/bin/echo -e \
              "USE mysql;\n" \
              "SET sql_mode='';\n" \
              "REPLACE INTO user SET " \
              "  host='localhost', user='debian-sys-maint', password=password('$pass'), " \
              "  Select_priv='Y', Insert_priv='Y', Update_priv='Y', Delete_priv='Y', " \
              "  Create_priv='Y', Drop_priv='Y', Reload_priv='Y', Shutdown_priv='Y', " \
              "  Process_priv='Y',  File_priv='Y', Grant_priv='Y', References_priv='Y', " \
              "  Index_priv='Y', Alter_priv='Y', Super_priv='Y', Show_db_priv='Y', "\
              "  Create_tmp_table_priv='Y', Lock_tables_priv='Y', Execute_priv='Y', "\
              "  Repl_slave_priv='Y', Repl_client_priv='Y', Create_view_priv='Y', "\
              "  Show_view_priv='Y', Create_routine_priv='Y', Alter_routine_priv='Y', "\
              "  Create_user_priv='Y', Event_priv='Y', Trigger_priv='Y',"\
              "  ssl_cipher='', x509_issuer='', x509_subject='';"`;
      # Engines supported by etch should be installed per default. The query sequence is supposed
      # to be aborted if the CREATE TABLE fails due to an already existent table in which case the
      # admin might already have chosen to remove one or more plugins. Newlines are necessary.
      install_plugins=`/bin/echo -e \
              "USE mysql;\n" \
              "CREATE TABLE IF NOT EXISTS plugin (name char(64) COLLATE utf8_bin NOT NULL DEFAULT '', " \
              "  dl char(128) COLLATE utf8_bin NOT NULL DEFAULT '', " \
              "  PRIMARY KEY (name)) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='MySQL plugins';" `

      Because these statements will normally be sent to the binary log, these statements will be replicated – including, crucially, the setting of a new password for debian-sys-maint, which will break the /etc/init.d/mysql script on mysql slaves. The ALTER TABLE statement is also problematic.

      The debian-sys-maint problem is particularly bad in master-master setups, as each upgrade of MariaDB server will reset the debian-sys-maint user and cause a mismatch with the /etc/mysql/debian.cnf file on the "other" server.

      These three blocks should have SET SQL_LOG_BIN=0; added to the top so that these statements are never replicated. This is a similar issue to MDEV-5116.

      Attachments

        Issue Links

          Activity

            People

              serg Sergei Golubchik
              hexetic Tim Gokcen
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.