Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Not a Bug
-
2.2.3
-
None
Description
When using PAM_Auth with maxscale and mariadb running on different hosts and both using pam_unix.so, but having different local passwords for a given unix user, connecting with the maxscale side password succeeds, but every SQL command ends with
Here the user "pamuser" has password "geheim" on the server running maxscale, but "secret" on the server running mariadb:
$ mysql -h 127.0.0.1 -p -P 5006 -u pamuser -pgeheim test
|
Welcome to the MariaDB monitor. Commands end with ; or \g.
|
Your MySQL connection id is 39
|
Server version: 10.2.12 2.2.3-maxscale
|
|
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
|
|
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
|
|
MySQL [test]> show tables;
|
ERROR 2006 (HY000): MySQL server has gone away
|
No connection. Trying to reconnect...
|
Connection id: 40
|
Current database: test
|
|
ERROR 2013 (HY000): Lost connection to MySQL server during query
|
MySQL [test]>
|
The MaxScale log shows this right after connection:
2018-03-12 21:35:27 error : (42) [mariadbbackend] Invalid authentication message from backend 'server1'. Error code: 1045, Msg : #28000Access denied for user 'pamuser'@'10.0.42.12' (using password: NO)
|
2018-03-12 21:35:27 notice : (42) [PAMAuth] Loaded 4 users for service RWSp.
|
2018-03-12 21:35:27 error : [mariadbbackend] Unable to write to backend 'server1' due to authentication failure. Server in state RUNNING MASTER.
|
Shouldn't maxscale simply report an "Access denied" error in this case as the MariaDB backend clearly reported that when MaxScale tried to connect?