[MDEV-8047] Make USERs a special case of ROLE Created: 2015-04-24 Updated: 2015-11-04 |
|
| Status: | Open |
| Project: | MariaDB Server |
| Component/s: | Authentication and Privilege System |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major |
| Reporter: | Felipe Gasper | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Description |
|
I am trying to have one user masquerade as another: grants, default owner/definer, etc. This is trivial to do in PostgreSQL because that DB treats “users” merely as “roles that can log in”. MariaDB’s implementation of ROLEs doesn’t allow this, though it seems a very useful feature. It’s kinda-sorta possible via MariaDB’s PAM auth plugin and perhaps a custom PAM plugin that would rewrite the username, but being able to do this with MariaDB’s native authentication would be most ideal. |
| Comments |
| Comment by Geoff Montee (Inactive) [ 2015-04-24 ] | ||||
|
To give an explicit example, I think Felipe wants to do something like this:
Then if user1 logs in, they can do this:
At the moment, users and roles are in entirely different namespaces, so this isn't currently possible. | ||||
| Comment by Felipe Gasper [ 2015-04-24 ] | ||||
|
^^ Yes, this. |
Thank you, @Geoff!