[MDEV-10652] Invalid definer for a procedure Created: 2016-08-24  Updated: 2016-08-31  Resolved: 2016-08-26

Status: Closed
Project: MariaDB Server
Component/s: Authentication and Privilege System, Data Definition - Procedure
Affects Version/s: 10.1.14
Fix Version/s: N/A

Type: Bug Priority: Minor
Reporter: Igor Pashev Assignee: Unassigned
Resolution: Not a Bug Votes: 0
Labels: None

Issue Links:
Relates
relates to MDEV-10712 Stored procedures are replicated unex... Closed

 Description   

This is quite cryptic. I create a procedure from a script running as mariadb UNIX user (under systemd service, no human factor), identified by UNIX socket. I expect that the definer (owner) of the procedure is mariadb@localhost. This is the case 99.9999% of time. But at least two times when I called this procedure I saw the error The user specified as a definer ('root'@'%') does not exist. It worth mention that user root does not exist in mysql.user at all. As a workaround I restart the systemd service and get properly defined procedure.

GRANT ALL PRIVILEGES ON *.* TO 'mariadb'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION

Procedure:

DELIMITER $$
 
 
 
DROP PROCEDURE IF EXISTS mywatch_kill $$
 
CREATE PROCEDURE mywatch_kill (IN i BIGINT)
 
  COMMENT 'Kill a query found in information_schema.processlist by ID'
 
BEGIN
 
 
 
  DECLARE n BIGINT;
 
 
 
  SELECT id INTO n
 
    FROM information_schema.processlist
 
    WHERE info IS NOT NULL
 
    AND host <> '' -- means non-system user
 
    AND id = i;
 
 
 
  IF (n IS NOT NULL) THEN
 
    KILL n;
 
  END IF;
 
 
 
END $$
 
 
 
DELIMITER ;


MariaDB [mysql]> show create procedure mywatch_kill\G
 
*************************** 1. row ***************************
 
           Procedure: mywatch_kill
 
            sql_mode: NO_ENGINE_SUBSTITUTION
 
    Create Procedure: CREATE DEFINER=`root`@`%` PROCEDURE `mywatch_kill`(IN i BIGINT)
 
    COMMENT 'Kill a query found in information_schema.processlist by ID'
 
BEGIN
 
 
 
    DECLARE n BIGINT;
 
 
 
    SELECT id INTO n
 
      FROM information_schema.processlist
 
      WHERE info IS NOT NULL
 
      AND host <> '' 
      AND id = i;
 
 
 
    IF (n IS NOT NULL) THEN
 
      CALL mysql.rds_kill(n);
 
    END IF;
 
 
 
  END
 
character_set_client: utf8
 
collation_connection: utf8_general_ci
 
  Database Collation: latin1_swedish_ci
 
1 row in set (0.00 sec)



 Comments   
Comment by Elena Stepanova [ 2016-08-26 ]

I think you should start by checking your scripts. The procedures in the description are clearly different. The "normal" one has 

  IF (n IS NOT NULL) THEN
 
    KILL n;
 
  END IF;

and the "bad" one has

    IF (n IS NOT NULL) THEN
 
      CALL mysql.rds_kill(n);
 
    END IF;

If you don't find how the alternative procedure is created, you could try to enable the general log, this way you'll see which connection it comes from.

Comment by Igor Pashev [ 2016-08-26 ]

Holy cow! I was blind, thank you.
The problem is not in scripts, but in replication. The root@% version is replicated from RDS.
How this happens is a different issue, but this case can be closed

Generated at Thu Feb 08 07:43:53 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.