Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2496

Service user with roles causes false warnings

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Fixed
    • 2.3.6
    • 2.3.8
    • Authenticator
    • None

    Description

      When using roles to assign privileges for the maxscale user for services there are some privilege warnings that do not seem to effect operation:

      2019-05-16 13:08:57 warning: [Galera-Service] User 'maxscale' is missing the SHOW DATABASES privilege. This means that MaxScale cannot see all databases and authentication can fail.
      		 
      2019-05-16 13:08:57 warning: [Galera-Service] User 'maxscale' is missing the SHOW DATABASES privilege. This means that MaxScale cannot see all databases and authentication can fail


      MariaDB [(none)]> SHOW GRANTS FOR 'maxscale'@'xxxxxxxxxx.com';
      		 
      +---------------------------------------------------------------------------------------------------------------------------------+
      		 
      | Grants for maxscale@xxxxxxxxxx.com |
      		 
      +---------------------------------------------------------------------------------------------------------------------------------+
      		 
      | GRANT maxscale_role TO 'maxscale'@'xxxxxxxxxx.com' |
      		 
      | GRANT USAGE ON *.* TO 'maxscale'@'xxxxxxxxxx.com' IDENTIFIED BY PASSWORD '*xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' |
      		 
      +---------------------------------------------------------------------------------------------------------------------------------+
      		 
      2 rows in set (0.00 sec)
      		 
      MariaDB [(none)]> SHOW GRANTS FOR 'maxscale_role';
      		 
      +---------------------------------------------------------------------------------------+
      		 
      | Grants for maxscale_role |
      		 
      +---------------------------------------------------------------------------------------+
      		 
      | GRANT SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'maxscale_role' |
      		 
      | GRANT SELECT ON `mysql`.`roles_mapping` TO 'maxscale_role' |
      		 
      | GRANT SELECT ON `mysql`.`tables_priv` TO 'maxscale_role' |
      		 
      | GRANT SELECT ON `mysql`.`user` TO 'maxscale_role' |
      		 
      | GRANT SELECT ON `mysql`.`db` TO 'maxscale_role' |
      		 
      +---------------------------------------------------------------------------------------+
      		 
      5 rows in set (0.00 sec)
      		 
      MariaDB [(none)]> SELECT user, host, default_role FROM mysql.user WHERE user = 'maxscale' AND host = 'xxxxxxxxxx.com';
      		 
      +----------+---------------------------+---------------+
      		 
      | user | host | default_role |
      		 
      +----------+---------------------------+---------------+
      		 
      | maxscale | xxxxxxxx.com | maxscale_role |
      		 
      +----------+---------------------------+---------------+
      		 
      1 row in set (0.00 sec)

      Attachments

        Activity

          People

            markus makela markus makela
            kjoiner Kyle Joiner (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.