Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2623

MaxScale should write a log message if a user with SUPER privileges connects

    XMLWordPrintable

Details

    • MXS-SPRINT-88, MXS-SPRINT-89, MXS-SPRINT-90, MXS-SPRINT-101, MXS-SPRINT-102

    Description

      I think that it would be helpful if MaxScale could write a log message if a user with SUPER privileges connected to the instance. A pre-requisite for this would probably have to be that skip_authentication is not set.

      https://mariadb.com/kb/en/mariadb-maxscale-23-mysql-authenticator/#skip_authentication

      The main reason is that users with SUPER privileges can cause some serious issues, particularly when MaxScale is using MariaDB Monitor. In that case, users with SUPER privileges can still write to the servers while failover is occurring, which can cause failover to break. This problem seems to occur quite frequently.

      If we add this log message, then maybe it should be optional. Should it be an option that is configurable in authenticator_options? Or should it only be written when log_info is enabled?

      Attachments

        Activity

          People

            esa.korhonen Esa Korhonen
            GeoffMontee Geoff Montee (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0d
                0d
                Logged:
                Time Spent - 0.25d
                0.25d

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.