[#MDEV-22963] Password expiry is broken in mysql.user view

[MDEV-22963] Password expiry is broken in mysql.user view Created: 2020-06-19 Updated: 2020-06-20 Resolved: 2020-06-20
Status:	Closed
Project:	MariaDB Server
Component/s:	Authentication and Privilege System
Affects Version/s:	10.4
Fix Version/s:	N/A

Type:

Bug

Priority:

Major

Reporter:

Alexander Keremidarski

Assignee:

Sergei Golubchik

Resolution:

Not a Bug

Votes:

Labels:

None

Description

mysql.user view is set to always return 'N' in password_expired column

'N' AS `password_expired

As a result any tool that query mysql.user.password_expired column for expired passwords will be broken contrary to what https://mariadb.com/kb/en/authentication-from-mariadb-104/ says:
"Tools that analyze the mysql.user table should continue to work as before."

mysql.user should instead extract information from mysql.global_priv.Prv with JSON_VALUE(Priv, '$.password_lifetime')

Comments

Comment by Sergei Golubchik [ 2020-06-20 ]

The behavior is correct. Tools that use mysql.user continue to work as before.

Because before the view was created, in 10.3, the password_expired column was always N, password expiration was only implemented in 10.4.13. This is why the view shows N there, precisely to preserve the content and behavior as it was before mysql.global_priv was introduced.

Generated at Thu Feb 08 09:18:49 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-22963] Password expiry is broken in mysql.user view Created: 2020-06-19 Updated: 2020-06-20 Resolved: 2020-06-20