mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-10-31 02:46:29 +01:00
Code Issues Projects Releases Packages Wiki Activity
mariadb/mysql-test/suite/galera/t/MDEV-35511.test
sjaakola 38d35d7867 MDEV-35511: Backport fix for Audit log not reporting user in Galera cluster 
Replaced the fix in previous commit with a fix which sets the THD::security_ctx:user
field for wsrep applier threads. With this, the audit log events related to
wsrep applying will be written in theaudit log. If user name is empty, nothing
appears in the audit log.

Using user name <cluster user> for wsrep appliers. This is for having identical
look with asyn replication, which uses: <replication_user> user name.
Another option for <cluster user> could be e.g. <wsrep user>. Hoever, using galera
for user name is not a good pick, as the cluster may have (and soon will have)
other GCS backends.

Using same approach as async replication to replace the security_ctx user name
with "system user"

Modifed the test to load the audit log plugin before the test. This is because
uninstalling the audit log plugin gives a warning saying that plugin is busy and
uninstall will be delayed until server shutdown. This must because of the applier
thread being active audit logger. Same problem with plugin unsinstall happens also
with async relication workers. IF plugn remains installed, the post test sanity
check will complain of mismatching state of pre and post test states.

Rebased the fix with 10.6 HEAD version
2025-10-23 16:05:26 +03:00

34 lines
924 B
Text
Executable file
Raw Permalink Blame History

--source include/galera_cluster.inc
if (!$SERVER_AUDIT_SO) {
skip No SERVER_AUDIT plugin;
}
# enable audit loggin in node 2
--connection node_2
SET GLOBAL server_audit_logging=ON;
# replicate CREATE and INSERT, these should be seen in the audit log
--connection node_1
CREATE TABLE t1(a INT);
INSERT INTO t1 VALUES (1);
--connection node_2
# make sure that the INSERT has been applied
--let $wait_condition = SELECT COUNT(*) = 1 FROM test.t1;
--source include/wait_condition.inc
--echo # Now checking the audit log
let $MYSQLD_DATADIR= `SELECT @@datadir`;
--replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/
cat_file $MYSQLD_DATADIR/server_audit.log;
--echo # resetting the test state
SET GLOBAL server_audit_logging=DEFAULT;
--connection node_1
DROP TABLE t1;
#UNINSTALL PLUGIN server_audit;
remove_file $MYSQLD_DATADIR/server_audit.log;
Reference in a new issue View git blame Copy permalink