Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Not a Bug
-
2.3.3
-
None
Description
I enabled PAM authentication in MaxScale 2.3.3, and I'm now seeing GaleraMon fail because it can't load dialog.so. For example:
2019-01-26 03:56:11 error : [Galera-Monitor] Failed to connect to server 'C1N1' ([172.30.0.249]:3306) when checking monitor user credentials and permissions: Plugin dialog could not be loaded: /var/lib/plugin/dialog.so: cannot open shared object file: No such file or directory
|
2019-01-26 03:56:11 error : [Galera-Monitor] Failed to connect to server 'C1N2' ([172.30.0.32]:3306) when checking monitor user credentials and permissions: Plugin dialog could not be loaded: /var/lib/plugin/dialog.so: cannot open shared object file: No such file or directory
|
Is the MaxScale package supposed to include a file /var/lib/plugin/dialog.so? It does not seem to:
[ec2-user@ip-172-30-0-106 ~]$ rpm -q maxscale
|
maxscale-2.3.3-1.x86_64
|
[ec2-user@ip-172-30-0-106 ~]$ rpm -ql maxscale | grep dialog
|
[ec2-user@ip-172-30-0-106 ~]$ ls -l /var/lib/plugin/dialog.so
|
ls: cannot access /var/lib/plugin/dialog.so: No such file or directory
|
I know that the MariaDB-common package includes a dialog.so file, but that is not in /var/lib/plugin either:
[ec2-user@ip-172-30-0-106 ~]$ ls -l /usr/lib64/mysql/plugin/dialog.so
|
-rwxr-xr-x. 1 root root 47656 Jan 4 10:53 /usr/lib64/mysql/plugin/dialog.so
|
[ec2-user@ip-172-30-0-106 ~]$ rpm -qf /usr/lib64/mysql/plugin/dialog.so
|
MariaDB-common-10.3.12-1.el7.centos.x86_64
|
Is the maxscale package supposed to install its own dialog.so, or is it supposed to have a dependency on the MariaDB-common package, and load the dialog.so plugin from /usr/lib64/mysql/plugin/?
I was able to workaround the problem with:
[ec2-user@ip-172-30-0-106 ~]$ sudo mkdir -p /var/lib/plugin
|
[ec2-user@ip-172-30-0-106 ~]$ sudo install --mode=0755 /usr/lib64/mysql/plugin/dialog.so /var/lib/plugin/
|
[ec2-user@ip-172-30-0-106 ~]$ sudo systemctl restart maxscale
|
Attachments
Issue Links
Activity
Yeah, the monitor user used PAM authentication. If you want all of the details, it's the configuration that I used in MXS-2294.
Maybe this can be fixed by adjusting connector_plugindir and installing the required libraries?
Pointing connector_plugindir to the proper location solved the issue:
[ec2-user@ip-172-30-0-106 ~]$ grep "connector_plugindir" /etc/maxscale.cnf
|
connector_plugindir=/usr/lib64/mysql/plugin/
|
[ec2-user@ip-172-30-0-106 ~]$ sudo rm /var/lib/plugin/dialog.so
|
[ec2-user@ip-172-30-0-106 ~]$ sudo systemctl start maxscale
|
Is there a specific reason that connector_plugindir defaults to /var/lib/plugin? I think it should default to the location where the MariaDB-common package installs authentication plugins on the specific OS. On RHEL/CentOS, that's /usr/lib64/mysql/plugin/:
[ec2-user@ip-172-30-0-106 ~]$ sudo rpm -q MariaDB-common
|
MariaDB-common-10.3.12-1.el7.centos.x86_64
|
[ec2-user@ip-172-30-0-106 ~]$ sudo rpm -q MariaDB-common --list | grep "plugin"
|
/usr/lib64/mysql/plugin
|
/usr/lib64/mysql/plugin/auth_gssapi_client.so
|
/usr/lib64/mysql/plugin/caching_sha2_password.so
|
/usr/lib64/mysql/plugin/client_ed25519.so
|
/usr/lib64/mysql/plugin/dialog.so
|
/usr/lib64/mysql/plugin/mysql_clear_password.so
|
/usr/lib64/mysql/plugin/sha256_password.so
|
I created MXS-2308 about potentially changing the default connector_plugindir.
Did the monitor user use PAM authentication as well? If it didn't, I'd expect it to work.