Details
-
Task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
None
-
None
-
MXS-SPRINT-159
Description
This was originally reported in the docs-talk slack channel by Luke Smith.
Luke reported a problem with this KB documentation page about using MaxScale with Xpand, which is generated from this page in GitHub.
This document does not list the full set of required privileges.
When a user tries to connect with the privileges listed in the document, they will see the following error in the Maxscale error log:
2022-05-24 23:21:56 error : Failed to query server '@@Xpand:node-1' for user account info. Query 'SELECT * FROM system.users; SELECT u.username, u.host, a.dbname, a.privileges FROM system.user_acl AS a LEFT JOIN system.users AS u ON (u.user = a.role); SHOW DATABASES;' failed. Error 1045: [11281] Permission denied: User 'maxscale'@'10.70.120.%' is missing SELECT on `system`.`users`.; transaction aborted.
|
If the SELECT privilege is granted on the `system`.`users` table, users still see the following error in the Maxscale error log:
2022-05-24 23:23:35 error : Failed to query server '@@Xpand:node-1' for user account info. Multiquery element 'SELECT u.username, u.host, a.dbname, a.privileges FROM system.user_acl AS a LEFT JOIN system.users AS u ON (u.user = a.role);' failed. Error 1045: [11281] Permission denied: User 'maxscale'@'10.70.120.%' is missing SELECT on `system`.`user_acl`.; transaction aborted.
|
If the SELECT privilege is also granted on the `system`.`user_acl` table, then connections are successful.
However, there might be other permissions missing as the "maxscale" user still can't use customer databases due to the following error in the MaxScale error log:
2022-05-24 23:48:26 warning: (26) [MariaDBProtocol] Authentication failed for user 'horizonApp'@[10.70.120.51] to service 'Xpand-Service'. Originating listener: 'xpand_listener'. MariaDB error: 'Unknown database 'database_name''.
|