Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2600

Documentation is inconsistent regarding privileges for MariaDB Monitor

    XMLWordPrintable

    Details

    • Sprint:
      MXS-SPRINT-91

      Description

      The documentation is inconsistent regarding the privileges that are needed by the user account used by MariaDB Monitor.

      One section says this:

      The user requires the REPLICATION CLIENT privilege to successfully monitor the state of the servers. SUPER privilege is required for cluster manipulation features such as failover.

      MariaDB [(none)]> grant replication client on . to 'maxscale'@'maxscalehost';
      Query OK, 0 rows affected (0.00 sec)

      https://mariadb.com/kb/en/mariadb-maxscale-23-mariadb-monitor/#configuration

      It mentions that the SUPER privilege may also be needed, but a latter section says that several other privileges may also be needed:

      The cluster operations require that the monitor user (user) has the following privileges:

      • SUPER, to modify slave connections and set globals such as read_only
      • REPLICATION CLIENT, to list slave connections
      • RELOAD, to flush binary logs
      • PROCESS, to check if the event_scheduler process is running
      • SHOW DATABASES and EVENTS, to list and modify server events

      https://mariadb.com/kb/en/mariadb-maxscale-23-mariadb-monitor/#cluster-manipulation-operations

      These sections should be made consistent. I would also suggest adding a GRANT example to the "configuration" section that includes all privileges required for cluster manipulation options. e.g.:

      GRANT RELOAD, PROCESS, SHOW DATABASES, REPLICATION CLIENT, EVENT, SUPER ON *.* TO 'maxscale'@'maxscalehost';
      

        Attachments

          Activity

            People

            Assignee:
            esa.korhonen Esa Korhonen
            Reporter:
            GeoffMontee Geoff Montee
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: