Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-629

Lack of tables_priv privilege causes confusing error message

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.4.0
    • Fix Version/s: 1.4.1
    • Component/s: Core
    • Labels:
      None

      Description

      MaxScale 1.4 introduces a requirement that the user reading privilege tables on the backend has the table_priv privilege. If this privilege is not granted, MaxScale complains with this error:

      RW Split Router: Unable to load database grant information, MaxScale authentication will proceed without including database permissions. To correct this GRANT SHOW DATABASES ON . privilege to the user maxscalemonitor.

      Loading users from [mysql.user] without access to [mysql.db] for service [RW Split Router]. MaxScale Authentication with DBname on connect will not consider database grants.

      This error message is inaccurate. The problem here is with access to mysql.tables_priv, not mysql.db. The recommended solution is incorrect. This failure case for missing privileges on mysql.tables_priv should be handled separately from missing privileges on mysql.db.

      It also doesn't seem right that missing access to mysql.tables_priv should have the side effect that users cannot specify a default database when connecting. The selection of a default database should be affected only by the privileges specified in mysql.db and not by privileges specified in mysql.tables_priv.

        Attachments

          Activity

            People

            Assignee:
            markus makela markus makela
            Reporter:
            kolbe Kolbe Kegel (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration