Commit graph

42 commits

Author SHA1 Message Date
Kristian Nielsen
736afe8680 mysql_install_db enhancements to facilitate Debian bug#848616 fix
In Debian, the default install is made more secure by omitting the anonymous
user and by making the root account authenticate by unix socket
authentication instead of the default password-less root. However, Debian
hard-codes this change in mysql_install_db, which breaks that program for
other users.

This commit instead implements new general options for mysql_install_db that
can be used by anyone to similarly perform a more secure install:

  --skip-auth-anonymous-user: omits the anonymous user.

  --auth-root-authentication-method=normal: Keeps the existing behaviour
    with a password-less root account. Currently on by default.

  --auth-root-socket-user=USER
  --auth-root-authentication-method=socket: creates the MariaDB root user
    with the name USER (defaults to 'root') and using unix socket
    authentication. This way, only that user has MariaDB root access
    after install.

The idea with --auth-root-authentication-method=normal is that
applications that need this behaviour can give that option explicitly.
Then eventually we could make --auth-root-authentication-method=socket
the default, giving a more secure default installation.

Note that it is perfectly possible to do a secure install with
--auth-root-authentication-method=normal. For example, installing a
private server just for local access by a single OS-level user, by
using --skip-networking and putting the connection socket in a
location without public access. So it is important to preserve this
API for backwards compatibility.
2017-01-17 17:13:14 +01:00
Monty
cc8aed3eb7 MDEV 4427: query timeouts
Added MAX_STATEMENT_TIME user variable to automaticly kill queries after a given time limit has expired.

- Added timer functions based on pthread_cond_timedwait
- Added kill_handlerton() to signal storage engines about kill/timeout
- Added support for GRANT ... MAX_STATEMENT_TIME=#
- Copy max_statement_time to current user, if stored in mysql.user
- Added status variable max_statement_time_exceeded
- Added KILL_TIMEOUT
- Removed digest hash from performance schema tests as they change all the time.
- Updated test results that changed because of the new user variables or new fields in mysql.user

This functionallity is inspired by work done by Davi Arnaut at twitter.
Test case is copied from Davi's work.

Documentation can be found at
https://kb.askmonty.org/en/how-to-limittimeout-queries/

mysql-test/r/mysqld--help.result:
  Updated for new help message
mysql-test/suite/perfschema/r/all_instances.result:
  Added new mutex
mysql-test/suite/sys_vars/r/max_statement_time_basic.result:
  Added testing of max_statement_time
mysql-test/suite/sys_vars/t/max_statement_time_basic.test:
  Added testing of max_statement_time
mysql-test/t/max_statement_time.test:
  Added testing of max_statement_time
mysys/CMakeLists.txt:
  Added thr_timer
mysys/my_init.c:
mysys/mysys_priv.h:
  Added new mutex and condition variables
  Added new mutex and condition variables
mysys/thr_timer.c:
  Added timer functions based on pthread_cond_timedwait()
  This can be compiled with HAVE_TIMER_CREATE to benchmark agains timer_create()/timer_settime()
sql/lex.h:
  Added MAX_STATEMENT_TIME
sql/log_event.cc:
  Safety fix (timeout should be threated as an interrupted query)
sql/mysqld.cc:
  Added support for timers
  Added status variable max_statement_time_exceeded
sql/share/errmsg-utf8.txt:
  Added ER_QUERY_TIMEOUT
sql/signal_handler.cc:
  Added support for KILL_TIMEOUT
sql/sql_acl.cc:
  Added support for GRANT ... MAX_STATEMENT_TIME=#
  Copy max_statement_time to current user
sql/sql_class.cc:
  Added timer functionality to THD.
  Added thd_kill_timeout()
sql/sql_class.h:
  Added timer functionality to THD.
  Added KILL_TIMEOUT
  Added max_statement_time variable in similar manner as long_query_time was done.
sql/sql_connect.cc:
  Added handling of max_statement_time_exceeded
sql/sql_parse.cc:
  Added starting and stopping timers for queries.
sql/sql_show.cc:
  Added max_statement_time_exceeded for user/connects status in MariaDB 10.0
sql/sql_yacc.yy:
  Added support for GRANT ... MAX_STATEMENT_TIME=# syntax, to be enabled in 10.0
sql/structs.h:
  Added max_statement_time user resource
sql/sys_vars.cc:
  Added max_statement_time variables
mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test
  Removed test as we require all fields in mysql.user table.
scripts/mysql_system_tables.sql
scripts/mysql_system_tables_data.sql
scripts/mysql_system_tables_fix.sql
  Updated mysql.user with new max_statement_time field
2014-10-07 11:37:36 +03:00
Vicentiu Ciorbaru
c55f5d1add Added default_role column to mysql_system_tables 2014-07-23 14:48:12 +02:00
Sergei Golubchik
72c20282db 10.0-base merge 2014-02-03 15:22:39 +01:00
Sergei Golubchik
59d9d08e2b 5.5 merge 2014-02-01 00:54:03 +01:00
Sergei Golubchik
37d240ecf9 MySQL-5.5.35 merge 2014-01-22 15:29:36 +01:00
Venkata Sidagam
186a9fc76b Bug #12917164 DROP USER CAN'T DROP USERS WITH LEGACY
UPPER CASE HOST NAME ANYMORE
Merging from mysql-5.1 to mysql-5.5
2013-10-31 23:14:33 +05:30
Venkata Sidagam
19990c9219 Bug #12917164 DROP USER CAN'T DROP USERS WITH LEGACY
UPPER CASE HOST NAME ANYMORE

Description:
It is not possible to drop users with host names with upper case
letters in them. i.e DROP USER 'root'@'Tmp_Host_Name'; is failing
with error.

Analysis: Since the fix 11748570 we came up with lower case hostnames
as standard. But in the current bug the hostname is created by
mysql_install_db script is still having upper case hostnames. 
So, if we have the hostname with upper case letters like(Tmp_Host_Name)
then we will have as it is stored in the mysql.user table. 
In this case if use "'DROP USER 'root'@'Tmp_Host_Name';" it gives 
error because we do compare with the lower case of hostname since the 
11748570 fix.

Fix: We need to convert the hostname to lower case before storing into 
the mysql.user table when we run the mysql_install_db script.
2013-10-31 23:02:44 +05:30
Sergei Golubchik
0fdb3bcfdb 10.0-base merge (roles) 2013-10-29 15:08:44 +01:00
Vicențiu Ciorbaru
69a3deb58e Modify mysql.user table to contain a is_user column. 2013-10-17 15:02:47 -07:00
Sergei Golubchik
b7b5f6f1ab 10.0-monty merge
includes:
* remove some remnants of "Bug#14521864: MYSQL 5.1 TO 5.5 BUGS PARTITIONING"
* introduce LOCK_share, now LOCK_ha_data is strictly for engines
* rea_create_table() always creates .par file (even in "frm-only" mode)
* fix a 5.6 bug, temp file leak on dummy ALTER TABLE
2013-07-21 16:39:19 +02:00
Michael Widenius
2534521f9a Fixed some merge issues:
- temporary tables now works
- mysql-system_tables updated to not use temporary tables
- PASSWORD() function fixed
- Support for STATS_AUTO_RECALC, STATS_PERSISTENT and STATS_SAMPLE_PAGES table options
2013-06-18 02:01:34 +03:00
Sergei Golubchik
b381cf843c mysql-5.5.31 merge 2013-05-07 13:05:09 +02:00
Sujatha Sivakumar
1048aed515 Merge from mysq-5.1 to mysql-5.5 2013-02-19 14:36:30 +05:30
Sujatha Sivakumar
4d494b1726 Bug#11746817:MYSQL_INSTALL_DB CREATES WILDCARD GRANTS WHEN
HOST HAS '_' IN THE HOSTNAME

Problem:
=======
'_' and '%' are treated as a wildcards by the ACL code and
this is documented in the manual. The problem with
mysql_install_db is that it does not take this into account
when creating the initial GRANT tables:

--- cut ---
REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y',
'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y',
'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',
0,0,0,0 FROM dual WHERE LOWER( @current_hostname) != 'localhost';
--- cut ---

If @current_hostname contains any wildcard characters, then 
a wildcard entry will be defined for the 'root' user, 
which is a flaw.

Analysis:
========
As per the bug description when we have a hostname with a
wildcard character in it, it allows clients from several other
hosts with similar name pattern to connect to the server as root.
For example, if the hostname is like 'host_.com' then the same
name is logged in mysql.user table. This allows 'root' users
from other hosts like 'host1.com', 'host2.com' ... to connect
to the server as root user.

While creating the intial GRANT tables we do not have a check
for wildcard characters in hostname.

Fix:
===
As part of fix escape character "\" is added before wildcard
character to make it a plain character, so that the one and
only host with the exact name will be able to connect to the
server.

scripts/mysql_system_tables_data.sql:
  while creating default users get the hostname and
  replace the wildcard characters within the hostname after
  escaping them.
2013-02-19 14:31:11 +05:30
Sergei Golubchik
4f435bddfd 5.3 merge 2012-01-13 15:50:02 +01:00
Michael Widenius
6920457142 Merge with MariaDB 5.1 2011-11-24 18:48:58 +02:00
Kent Boortz
68f00a5686 Updated/added copyright headers 2011-06-30 17:37:13 +02:00
Kent Boortz
44135d4725 Updated/added copyright headers 2011-06-30 17:31:31 +02:00
Kent Boortz
02e07e3b51 Updated/added copyright headers 2011-06-30 17:46:53 +02:00
Kent Boortz
be6c3fd8aa Merge 2010-12-29 01:26:31 +01:00
Kent Boortz
4acfdb9df1 Merge 2010-12-29 00:47:05 +01:00
Kent Boortz
85323eda8a - Added/updated copyright headers
- Removed files specific to compiling on OS/2
- Removed files specific to SCO Unix packaging
- Removed "libmysqld/copyright", text is included in documentation
- Removed LaTeX headers for NDB Doxygen documentation
- Removed obsolete NDB files
- Removed "mkisofs" binaries
- Removed the "cvs2cl.pl" script
- Changed a few GPL texts to use "program" instead of "library"
2010-12-28 19:57:23 +01:00
Georgi Kodinov
00f1e71d9a Bug #57916: Fix the naming of the proxy_priv table
1. Fixed the name of the table to proxies_priv
2. Fixed the column names to be of the form Capitalized_lowecarse instead of
Capitalized_Capitalized
3. Added Timestamp and Grantor columns
4. Added tests to plugin_auth to check the table structure
5. Updated the existing tests
2010-11-02 17:45:26 +02:00
Georgi Kodinov
9705711596 WL#1054: Pluggable authentication support
Merged the implementation to a new base tree.
2010-08-09 11:32:50 +03:00
Sergei Golubchik
291fd96983 pluggable auth with plugin examples
Makefile.am:
  add new API files to the check_abi rule,
  remove duplicates
client/CMakeLists.txt:
  now a client can use dlopen too
client/Makefile.am:
  be csh-friendly
include/my_global.h:
  add dummy plugs for dlopen and co.
  for the code that needs them to work in static builds
mysys/Makefile.am:
  be csh-friendly
plugin/auth/dialog.c:
  typo fixed
2010-03-29 17:13:53 +02:00
Alexander Nozdrin
7eb84da890 Backport of WL#798 (MySQL IPv6 support) from 6.0.
The following 6.0 revisions were analyzed:
  - sp1r-brian@zim.(none)-20071228102738-21894
  - sp1r-brian@zim.(none)-20071228121841-56447
  - sp1r-brian@zim.(none)-20071228205403-56423
  - sp1r-brian@zim.(none)-20071228221139-55341
  - sp1r-brian@zim.(none)-20071228233443-55352
  - sp1r-brian@zim.(none)-20071229094527-61763
  - sp1r-brian@zim.(none)-20071230203739-61746
  - sp1r-brian@zim.(none)-20080102213805-61741
  - sp1r-brian@zim.(none)-20080103201041-61746
  - sp1r-brian@zim.(none)-20080104234927-59875
  - sp1r-brian@zim.(none)-20080105005827-59874
  - sp1r-brian@zim.(none)-20080105012020-59865
  - sp1r-brian@zim.(none)-20080106003858-59857
  - sp1r-brian@zim.(none)-20080123195552-31680
  - sp1r-brian@zim.(none)-20080124201848-29999
  - sp1r-brian@zim.(none)-20080129075144-36991
  - sp1r-cbell/Chuck@mysql_cab_desk.-20080215041806-21954
  - sp1r-vvaintroub@wva.-20080212124547-06272
  - sp1r-dfischer/mysqldev@mysql.com/production.mysql.com-20071223184258-15140
  - sp1r-brian@zim.(none)-20080206122216-35774
  - sp1r-baker@bk-internal.mysql.com-20080209005622-35947
  - sp1r-baker@bk-internal.mysql.com-20080224215608-24613
  - sp1r-baker@bk-internal.mysql.com-20080307170710-63543
  - sp1r-baker@bk-internal.mysql.com-20080312233205-13069
  - sp1r-Reggie@core.-20080402175211-28643
  - kpettersson@mysql.com-20080901101150-4ne74r8v0492vv42
  - alik@sun.com-20090805173811-9fzt0ymcp9tsvn7k
  - alik@sun.com-20090805173937-fcv1fdveodq5x9gb
  - alik@sun.com-20090805175009-g1od16i3t1xkw2qr
  - kostja@sun.com-20090805200643-j9i4fy7ii8ijho5c
  - alik@sun.com-20090807195303-j4fb5m4l1dgdahwo
  - alik@sun.com-20090808114848-3rkzr9kifrijzaqy
  - alik@sun.com-20090810041739-ugmx34h34uid8mox
  - alik@sun.com-20090810105306-rf43rfyzzblsy5e7
  - alik@sun.com-20090810123113-ccdjwai68b5woqdm
  - alik@sun.com-20090811080423-gb7pibec1znaydzy
  - alik@sun.com-20090811082130-5uckar1vx3kdsw7g
  - alik@sun.com-20090812202051-uqkfwwxxcjvo5ean

The following bugfixes are also backported within this patch:
  - Bug#34292: netdb.h missing in hostname.cc
  - Bug#39153: Failing to lookup a host name can lead to crash
    in current IPv6 implementation
  - Bug#38247: Server does not resolve connecting ip's
  - Bug#43006: main.skip_name_resolve fails on Windows in PB2
  - Bug#45606: ACL requires IPv4-mapped addresses to be used
  - Bug#45584: Host name cache does not work as a cache
2009-11-25 13:53:23 +03:00
Alexander Nozdrin
13f09243e3 A backporting patch for WL#4300 (Define privileges for tablespaces).
Original revision in 6.0:
------------------------------------------------------------
revno: 2630.13.11
committer: Alexander Nozdrin <alik@mysql.com>
branch nick: 6.0-rt-wl4300
timestamp: Thu 2008-07-24 11:44:21 +0400
message:
  A patch for WL#4300: Define privileges for tablespaces.
------------------------------------------------------------

per-file messages:
  mysql-test/r/grant.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/ps.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/system_mysql_db.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/suite/falcon/r/falcon_tablespace_priv.result
    Test case for WL#4300.
  mysql-test/suite/falcon/t/falcon_tablespace_priv.test
    Test case for WL#4300.
  mysql-test/suite/ndb/r/ndb_dd_ddl.result
    Test case for WL#4300.
  mysql-test/suite/ndb/t/ndb_dd_ddl.test
    Test case for WL#4300.
  scripts/mysql_system_tables.sql
    New columm 'Create_tablespace_priv' has been added to mysql.user.
  scripts/mysql_system_tables_data.sql
    'CREATE TABLESPACE' is granted by default to the root user.
  scripts/mysql_system_tables_fix.sql
    Grant 'CREATE TABLESPACE' privilege during system table upgrade
    if a user had SUPER privilege.
  sql/sql_acl.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_acl.h
    Added CREATE TABLESPACE privilege.
  sql/sql_parse.cc
    Check global 'CREATE TABLESPACE' privilege for the following SQL statements:
      - CREATE | ALTER | DROP TABLESPACE
      - CREATE | ALTER | DROP LOGFILE GROUP
  sql/sql_show.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_yacc.yy
    Added CREATE TABLESPACE privilege.
2009-10-10 00:01:10 +04:00
Chad MILLER
1fd6774b3d Merge fix for Bug#35754. 2008-10-03 11:54:22 -04:00
Chad MILLER
392ff10eac Bug#35754: mysql_install_db does not work if no hostname is set
Machines with hostname set to "localhost" cause uniqueness errors in 
the SQL bootstrap data.

Now, insert zero lines for cases where the (lowercased) hostname is 
the same as an already-inserted 'localhost' name.  Also, fix a few tests 
that expect certain local accounts to have a certain host name.
2008-09-24 08:59:56 -04:00
unknown
38fe0fe331 Merge pippilotta.erinye.com:/shared/home/df/mysql/build/mysql-5.0-build
into  pippilotta.erinye.com:/shared/home/df/mysql/build/mysql-5.1-build


Makefile.am:
  Auto merged
configure.in:
  null merge version change
scripts/mysql_install_db.sh:
  manual merge
scripts/mysql_system_tables_data.sql:
  manual merge
2007-12-10 12:16:41 +01:00
unknown
3308d8794e Bug #32219: too many hosts in default grant tables 6.0.3
Fix is to remove any references to the current hostname when running
mysql_install_db --cross-bootstrap.  (The dist-hook make target makes
this call, and the resulting data directory is included in the source
distribution as win/data/*.)

Also, a few other clean-ups to mysql_install_db while there.


Makefile.am:
  Adapt to clean-up in mysql_install_db (--windows becomes --cross-bootstrap)
scripts/mysql_install_db.sh:
  Filter out references to the current hostname when performing
  a cross-bootstrap installation by removing any lines which
  contain the string "@current_hostname".
  
  Deprecate the old --windows option; use --cross-bootstrap
  instead, since it more accurately reflects the purpose.
  
  Other clean-up: the wrong syntax was being used to test the
  exit status of mysqld --bootstrap.  It mostly worked, as long
  as mysqld succeeded.  However, it was not robust.
scripts/mysql_system_tables_data.sql:
  Rename local @hostname variable to @current_hostname, which is a more
  unique label to search on.  mysql_install_db now filters out all
  lines which include "@current_hostname" during a --cross-bootstrap
  installation.
2007-11-30 06:14:43 +01:00
unknown
17c19299af Merge ramayana.hindu.god:/home/tsmith/m/bk/51
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/51


configure.in:
  Auto merged
mysql-test/Makefile.am:
  Auto merged
mysql-test/mysql-test-run.pl:
  Auto merged
scripts/Makefile.am:
  Auto merged
scripts/mysql_system_tables_data.sql:
  Auto merged
scripts/mysqld_safe.sh:
  Auto merged
sql/sql_select.cc:
  Auto merged
storage/innobase/handler/ha_innodb.cc:
  Auto merged
2007-10-10 14:15:09 -06:00
unknown
c7ca2283a9 Merge ramayana.hindu.god:/home/tsmith/m/bk/50
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/50


mysql-test/mysql-test-run.pl:
  Auto merged
scripts/mysql_system_tables_data.sql:
  Auto merged
2007-10-10 14:12:36 -06:00
unknown
a006263f8b Merge production.mysql.com:/usersnfs/jperkin/bk/build/5.0
into  production.mysql.com:/usersnfs/jperkin/bk/build/5.1


mysql-test/mysql-test-run.pl:
  Auto merged
scripts/mysql_install_db.sh:
  Auto merged
2007-10-04 12:21:51 +02:00
unknown
549cbcd547 Restore creation of test databases and the anonymous user which
were accidentally removed during a previous rototill of this
code.  Fixes bug#27692.
  
While it can be argued we should strive to provide a 'secure by
default' installation, this happens to be the setup currently
documented in the manual as the default, so defer changes that
improve security out of the box to a co-ordinated effort later
on.
  
For now, make a note about the test databases and anonymous user
in mysql_install_db and recommend that mysql_secure_installation
be ran for users wishing to remove these defaults.

[..re-commit of previously lost change..]


scripts/mysql_system_tables_data.sql:
  Add anonymous accounts.
scripts/mysql_install_db.sh:
  Point users at the mysql_secure_installation script.
mysql-test/mysql-test-run.pl:
  Add a comment where removing anonymous users.
2007-10-04 11:30:30 +02:00
unknown
5a1db3a9ad Merge pilot.mysql.com:/data/msvensson/mysql/bug31167/my50-bug31167
into  pilot.mysql.com:/data/msvensson/mysql/bug31167/my51-bug31167


scripts/mysql_system_tables_data.sql:
  Merge 5.0->5.1
2007-10-03 11:19:24 +02:00
unknown
f700bf2d0d Bug#31167 Introduction of @@hostname breaks replication in a ring
- Use a local uservariable to avoid @@hostname in binlog


scripts/mysql_system_tables_data.sql:
  Load @@hostname into a local user variable to avoid
  writing @@hostname to the binary log that potentially
  would be replicated to a slave server that not yet was upgraded
  to have @@hostname.
2007-09-26 17:04:41 +02:00
unknown
3001ec2967 Merge pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint
into  pilot.blaudden:/home/msvensson/mysql/mysql-5.1-maint


mysql-test/mysql-test-run.pl:
  Auto merged
scripts/mysql_install_db.sh:
  Auto merged
scripts/mysql_system_tables.sql:
  Manual merge
scripts/mysql_system_tables_data.sql:
  Manual merge
2007-04-13 15:13:12 +02:00
unknown
87a99ed780 Bug#27783 mysql_install_db should be able to install again, preserving existing files.
- Allow mysql_install_db to be run a second time in the same
   datadir to create and fill any missing system tables


scripts/mysql_install_db.sh:
  Remove check that dissallowed running mysql_install_db a second time
  in same directory
scripts/mysql_system_tables.sql:
  Save information about if tables db and user already existed
scripts/mysql_system_tables_data.sql:
  Fill tables db and user with initial data if tables
  didn't already exist.
2007-04-12 17:48:28 +02:00
unknown
af4dcd1fa7 Bug#20166 mysql-test-run.pl does not test system privilege tables creation
scripts/mysql_system_tables_data.sql:
  Update initial data for system tables to 5.1 version format
2007-02-28 14:58:19 +01:00
unknown
838e89dea6 Bug#20166 mysql-test-run.pl does not test system privilege tables creation
- Split out initial data in mysql_system_tables.sql to  it's own file
 - Use file from mysql_install_db and mysql-test-run


scripts/mysql_system_tables_fix.sql:
  Rename: scripts/mysql_fix_privilege_tables.sql.in -> scripts/mysql_system_tables_fix.sql
mysql-test/mysql-test-run.pl:
  - Add mysql_system_tables_data.sql as part of the bootstrap
  - Remove the addition of pid to end of bootstrap.sql, now
    to file used for bootstrap will be $opt_vardir/tmp/bootstrap.sql
  - Improve error message descibing how to find cause of a
    failed bootstrap
scripts/Makefile.am:
  - Rename mysql_fix_privileg_tables.sql.in to mysql_system_tables_fix.sql
  - Build mysql_fix_privilege_tables from mysql_system_tables.sql and
    mysql_system_tables_fix.sql
  - Add mysql_system_tables_fix.sql to EXTRA_DIST
scripts/mysql_install_db.sh:
  - Use mysql_system_tables_data.sql file when bootstrapping
    mysql, it will contain initial data for MysQL system tables
scripts/mysql_system_tables.sql:
  Move initial data for system tables to it's own file
scripts/mysql_system_tables_data.sql:
  Move initial data for system tables to it's own file
2007-02-28 14:26:58 +01:00