[MXS-1449] Database change not allowed Created: 2017-09-25 Updated: 2017-09-27 Resolved: 2017-09-27 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | dbfwfilter |
| Affects Version/s: | 2.1.6 |
| Fix Version/s: | 2.1.10, 2.2.0 |
| Type: | Bug | Priority: | Major |
| Reporter: | Anders Karlsson | Assignee: | Johan Wikman |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Environment: |
CenOS 7.2 |
||
| Description |
|
The change database command, used as when using the "use" command from the commandlind or using mysql_select_db() command are not allowed unless there is a rule for that matches the specific name of the database, when using dbfwfilter. One can connect to any database, that is not the problem, but changing the database in the middle of the section requires that there is a rule that allos that specific database. The SQL Command that is parsed seems to be just the name of the database. For example, to allow use of the "use test" command to change to the "test" database, a rule similar to this is required: |
| Comments |
| Comment by Johan Wikman [ 2017-09-26 ] |
|
Could you provide your config file and firewall rules. In my test-setup I have no regex rules of any kind and use xyz works just fine. Downgrading to major, as I suspect a configuration issue and even if it is a bug, there seems to be a workaround. |
| Comment by Anders Karlsson [ 2017-09-26 ] |
|
Module configuration: Rules (the third one allows "use test"): users %@% match any rules allow_select allow_show allow_test |
| Comment by Johan Wikman [ 2017-09-26 ] |
|
Ok, now I got it and could repeat it, you are using the firewall in white-listing mode. I incorrectly assumed it was in black-listing mode. So no configuration error on your part. |
| Comment by Johan Wikman [ 2017-09-27 ] |
|
USE db is now always passed through when the firewall is in white-list mode. |