[MXS-5352] Binlog filter does not filter SQL which updates mysql.user table - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Not a Bug
Affects Version/s: 22.08.14
Fix Version/s: N/A
Component/s: binlogfilter
Labels:
- Maxscale
- binlogrouter

Sprint:
MXS-SPRINT-221

Description

A client wants to prevent user and user privilege statements from replicating to an offsite replica.
This replica replicates via a binlog router.

The issue is important for the client as they want to use the offsite replica with different users and privileges compared to their on-premise databases and is blocking our ability to fulfil their request. (see support ticket).

I setup an binlog filter to exclude mysql.user statements but the filter does not exclude the create user, grant statements from running via replication on the offsite replica

https://mariadb.com/kb/en/mariadb-maxscale-2208-binlog-filter/

– based on documentation
– exclude/ignore any statements going to mysql.user

[BinlogFilter]

type=filter

module=binlogfilter

exclude=/mysql[.]user/

When I reviewed the binlog there is no mention of a table (mysql.user) when those grant statements are run.

Attachments

Activity

Ascending order - Click to sort in descending order

Paul Moen created issue - 2024-10-13 21:38

markus makela made changes - 2024-10-14 05:54

Field	Original Value	New Value
Description	A client wants to prevent user and user privilege statements from replicating to an offsite replica. This replica replicates via a binlog router. The issue is important for the client as they want to use the offsite replica with different users and privileges compared to their on-premise databases and is blocking our ability to fulfil their request. (see support ticket). I setup an binlog filter to exclude mysql.user statements but the filter does not exclude the create user, grant statements from running via replication on the offsite replica https://mariadb.com/kb/en/mariadb-maxscale-2208-binlog-filter/ -- based on documentation -- exclude/ignore any statements going to mysql.user {{[BinlogFilter] type=filter module=binlogfilter exclude=/mysql[.]user/}} When I reviewed the binlog there is no mention of a table (mysql.user) when those grant statements are run. More info in ticket https://mariadb.zendesk.com/agent/tickets/207207	A client wants to prevent user and user privilege statements from replicating to an offsite replica. This replica replicates via a binlog router. The issue is important for the client as they want to use the offsite replica with different users and privileges compared to their on-premise databases and is blocking our ability to fulfil their request. (see support ticket). I setup an binlog filter to exclude mysql.user statements but the filter does not exclude the create user, grant statements from running via replication on the offsite replica https://mariadb.com/kb/en/mariadb-maxscale-2208-binlog-filter/ -- based on documentation -- exclude/ignore any statements going to mysql.user {code} [BinlogFilter] type=filter module=binlogfilter exclude=/mysql[.]user/ {code} When I reviewed the binlog there is no mention of a table (mysql.user) when those grant statements are run. More info in ticket https://mariadb.zendesk.com/agent/tickets/207207

markus makela made changes - 2024-10-14 05:54

Description

A client wants to prevent user and user privilege statements from replicating to an offsite replica.
This replica replicates via a binlog router.

The issue is important for the client as they want to use the offsite replica with different users and privileges compared to their on-premise databases and is blocking our ability to fulfil their request. (see support ticket).

I setup an binlog filter to exclude mysql.user statements but the filter does not exclude the create user, grant statements from running via replication on the offsite replica

https://mariadb.com/kb/en/mariadb-maxscale-2208-binlog-filter/

-- based on documentation
-- exclude/ignore any statements going to mysql.user

{code}
[BinlogFilter]
type=filter
module=binlogfilter
exclude=/mysql[.]user/
{code}

When I reviewed the binlog there is no mention of a table (mysql.user) when those grant statements are run.

More info in ticket https://mariadb.zendesk.com/agent/tickets/207207

markus makela made changes - 2024-10-14 06:00

Status

Open [ 1 ]

Needs Feedback [ 10501 ]

Julien Fritsch made changes - 2024-10-14 07:24

Assignee

Paul Moen [ paul.moen ]

markus makela made changes - 2024-10-15 04:00

Assignee

Paul Moen [ paul.moen ]

markus makela [ <markus.makela ]

markus makela made changes - 2024-10-15 04:00

Status

Needs Feedback [ 10501 ]

Open [ 1 ]

Johan Wikman made changes - 2024-10-16 10:21

Rank

Ranked higher

markus makela made changes - 2024-11-01 11:49

Sprint

MXS-SPRINT-221 [ 773 ]

markus makela made changes - 2024-11-01 11:49

Rank

Ranked lower

markus makela made changes - 2024-11-02 09:05

Rank

Ranked lower

markus makela made changes - 2024-11-06 12:19

Fix Version/s		N/A [ 22001 ]
Resolution		Not a Bug [ 6 ]
Status	Open [ 1 ]	Closed [ 6 ]

People

Assignee:: markus makela

Reporter:: Paul Moen

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2024-10-13 21:38

Updated:: 2024-11-06 12:19

Resolved:: 2024-11-06 12:19

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB MaxScale

Details

Description

Attachments

Activity

People

Dates

Git Integration