[#MCOL-4293] columnstore-docker-cluster: database user access not able to be restricted by IP addresses

[MCOL-4293] columnstore-docker-cluster: database user access not able to be restricted by IP addresses Created: 2020-09-03 Updated: 2020-09-23 Resolved: 2020-09-07
Status:	Closed
Project:	MariaDB ColumnStore
Component/s:	Docker
Affects Version/s:	None
Fix Version/s:	5.4.1

Type:

New Feature

Priority:

Major

Reporter:

Jens Röwekamp (Inactive)

Assignee:

Todd Stoffel (Inactive)

Resolution:

Fixed

Votes:

Labels:

skysql

Environment:

mariadb/skysql-enterprise-columnstore-handoff sky-1.5.4-1 95e34753d40f

Description

The access to the automatically created database users cej, idrep, and maxscale isn't able to be restricted by IP addresses. All three users are accessible from everywhere.

It would be a nice security addition to be able to specify multiple allowed IP ranges for the users.

How to reproduce:

jens@ubuntu18:~/columnstore-docker-cluster$ docker-compose up -d

Creating network "columnstore-docker-cluster_default" with the default driver

Creating volume "columnstore-docker-cluster_data1" with default driver

Creating volume "columnstore-docker-cluster_data2" with default driver

Creating volume "columnstore-docker-cluster_data3" with default driver

Creating volume "columnstore-docker-cluster_storagemanager" with default driver

Creating mcs3 ... done

Creating mcs2 ... done                                                                                                                                                                                                                      Creating mcs1 ... done

Creating mx1  ... done

jens@ubuntu18:~/columnstore-docker-cluster$ sleep 60 && docker exec -it mcs1 mariadb -e "SELECT user,host FROM mysql.user"

+-------------+-----------+

| User        | Host      |

+-------------+-----------+

| cej         | %         |

| idbrep      | %         |

| maxscale    | %         |

| mariadb.sys | localhost |

| mysql       | localhost |

| root        | localhost |

+-------------+-----------+

Generated at Thu Feb 08 02:49:16 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MCOL-4293] columnstore-docker-cluster: database user access not able to be restricted by IP addresses Created: 2020-09-03 Updated: 2020-09-23 Resolved: 2020-09-07