mirror of
https://github.com/MariaDB/server.git
synced 2025-10-24 16:38:14 +02:00
351 lines
14 KiB
Text
351 lines
14 KiB
Text
CREATE DATABASE test_user_db;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
========== test 1.1.3.2 ====================================
|
|
CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON `plug%dest` TO plug_user;
|
|
GRANT ALL ON test_user_db.* TO plug_user;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
REVOKE PROXY ON `plug%dest` FROM plug_user;
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
GRANT ALL ON test_user_db.* TO 'plug_dest'@'%';
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
Tables_in_test_user_db
|
|
t1
|
|
REVOKE PROXY ON plug_dest FROM plug_user;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
DROP USER plug_user,plug_dest;
|
|
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
plug_user test_plugin_server plug_dest
|
|
1)
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
Tables_in_test_user_db
|
|
t1
|
|
REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user';
|
|
2)
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
Tables_in_test_user_db
|
|
t1
|
|
REVOKE PROXY ON plug_dest FROM plug_user;
|
|
3)
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
DROP USER plug_user,plug_dest;
|
|
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
1)
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
GRANT ALL ON test_user_db.* TO 'plug_dest'@'%';
|
|
2)
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
Tables_in_test_user_db
|
|
t1
|
|
REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user';
|
|
DROP USER plug_user,plug_dest;
|
|
========== test 1.2 ========================================
|
|
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
RENAME USER plug_dest TO new_dest;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON new_dest TO plug_user;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
plug_user test_plugin_server plug_dest
|
|
DROP USER plug_user,new_dest;
|
|
CREATE USER plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
current_user()
|
|
plug_dest@%
|
|
user()
|
|
plug_user@localhost
|
|
RENAME USER plug_dest TO new_dest;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON new_dest TO plug_user;
|
|
ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
plug_user test_plugin_server plug_dest
|
|
DROP USER plug_user,new_dest;
|
|
CREATE USER plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*";
|
|
select USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
plug_user@localhost plug_dest@%
|
|
connection default;
|
|
disconnect plug_user;
|
|
RENAME USER plug_user TO new_user;
|
|
connect plug_user,localhost,new_user,plug_dest,"*NO-ONE*";
|
|
select USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
new_user@localhost plug_dest@%
|
|
connection default;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_user test_plugin_server plug_dest
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
disconnect plug_user;
|
|
UPDATE mysql.global_priv SET user='plug_user' WHERE user='new_user';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
plug_user test_plugin_server plug_dest
|
|
DROP USER plug_dest,plug_user;
|
|
========== test 1.3 ========================================
|
|
CREATE USER plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*";
|
|
select USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
plug_user@localhost plug_dest@%
|
|
connection default;
|
|
disconnect plug_user;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
plug_user test_plugin_server plug_dest
|
|
UPDATE mysql.global_priv SET user='new_user' WHERE user='plug_user';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_user test_plugin_server plug_dest
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
UPDATE mysql.global_priv SET priv=JSON_SET(priv, '$.authentication_string', 'new_dest') WHERE user='new_user';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_user test_plugin_server new_dest
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
UPDATE mysql.global_priv SET priv=JSON_SET(priv, '$.plugin', 'new_plugin_server') WHERE user='new_user';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_user new_plugin_server new_dest
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
ERROR HY000: Plugin 'new_plugin_server' is not loaded
|
|
UPDATE mysql.global_priv SET priv=JSON_SET(priv, '$.plugin', 'test_plugin_server') WHERE user='new_user';
|
|
UPDATE mysql.global_priv SET user='new_dest' WHERE user='plug_dest';
|
|
FLUSH PRIVILEGES;
|
|
GRANT PROXY ON new_dest TO new_user;
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
new_user test_plugin_server new_dest
|
|
connect plug_user,localhost,new_user,new_dest,"*NO-ONE*";
|
|
select USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
new_user@localhost new_dest@%
|
|
connection default;
|
|
disconnect plug_user;
|
|
UPDATE mysql.global_priv SET user='plug_dest' WHERE user='new_dest';
|
|
FLUSH PRIVILEGES;
|
|
CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd';
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
mariadb.sys mysql_native_password
|
|
new_dest mysql_native_password *01422E86A6FFF84618914AF149F9AEF64B84170A
|
|
new_user test_plugin_server new_dest
|
|
plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119
|
|
GRANT ALL PRIVILEGES ON test.* TO new_user;
|
|
connect plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*";
|
|
select USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
new_dest@localhost new_dest@%
|
|
connection default;
|
|
disconnect plug_user;
|
|
DROP USER new_user,new_dest,plug_dest;
|
|
========== test 2, 2.1, 2.2 ================================
|
|
CREATE USER ''@'%%' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
|
|
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
test_plugin_server proxied_user
|
|
mariadb.sys mysql_native_password
|
|
proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD
|
|
connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user@localhost proxied_user@%
|
|
========== test 2.2.1 ======================================
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection default;
|
|
disconnect proxy_con;
|
|
ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON proxied_user TO ''@'%%';
|
|
connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user@localhost proxied_user@%
|
|
connection default;
|
|
disconnect proxy_con;
|
|
connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxy_user@localhost proxied_user@%
|
|
========== test 2.2.1 ======================================
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
''@'%%'
|
|
connection default;
|
|
disconnect proxy_con;
|
|
DROP USER ''@'%%',proxied_user;
|
|
GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'%%'
|
|
IDENTIFIED WITH test_plugin_server AS 'proxied_user';
|
|
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
test_plugin_server proxied_user
|
|
mariadb.sys mysql_native_password
|
|
proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD
|
|
connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user@localhost proxied_user@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection default;
|
|
disconnect proxy_con;
|
|
ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES)
|
|
GRANT PROXY ON proxied_user TO ''@'%%';
|
|
connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user@localhost proxied_user@%
|
|
connection default;
|
|
disconnect proxy_con;
|
|
connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*";
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxy_user@localhost proxied_user@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
''@'%%'
|
|
connection default;
|
|
disconnect proxy_con;
|
|
DROP USER ''@'%%',proxied_user;
|
|
CREATE USER ''@'%%' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
|
|
CREATE USER proxied_user_1 IDENTIFIED BY 'proxied_user_1_pwd';
|
|
CREATE USER proxied_user_2 IDENTIFIED BY 'proxied_user_2_pwd';
|
|
CREATE USER proxied_user_3 IDENTIFIED BY 'proxied_user_3_pwd';
|
|
CREATE USER proxied_user_4 IDENTIFIED BY 'proxied_user_4_pwd';
|
|
CREATE USER proxied_user_5 IDENTIFIED BY 'proxied_user_5_pwd';
|
|
GRANT PROXY ON proxied_user_1 TO ''@'%%';
|
|
GRANT PROXY ON proxied_user_2 TO ''@'%%';
|
|
GRANT PROXY ON proxied_user_3 TO ''@'%%';
|
|
GRANT PROXY ON proxied_user_4 TO ''@'%%';
|
|
GRANT PROXY ON proxied_user_5 TO ''@'%%';
|
|
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
|
|
User plugin authentication_string
|
|
test_plugin_server proxied_user
|
|
mariadb.sys mysql_native_password
|
|
proxied_user_1 mysql_native_password *551D5A5177FCC3340F7D2FB0F4D8D1EEA7F7EF71
|
|
proxied_user_2 mysql_native_password *3D948F77C6A988AFDCA9755AB2A6724362557220
|
|
proxied_user_3 mysql_native_password *41A18925D237DEE738C76581153990B037F462E3
|
|
proxied_user_4 mysql_native_password *F990073A9B96FF535C2D0721406042B8751E593F
|
|
proxied_user_5 mysql_native_password *5AA915C5D0B5B1336336FD2BF7768BC09FD1F5B2
|
|
connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*";
|
|
connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*";
|
|
connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*";
|
|
connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*";
|
|
connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*";
|
|
connection proxy_con_1;
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user_1@localhost proxied_user_1@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection proxy_con_2;
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user_2@localhost proxied_user_2@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection proxy_con_3;
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user_3@localhost proxied_user_3@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection proxy_con_4;
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user_4@localhost proxied_user_4@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection proxy_con_5;
|
|
SELECT USER(),CURRENT_USER();
|
|
USER() CURRENT_USER()
|
|
proxied_user_5@localhost proxied_user_5@%
|
|
SELECT @@proxy_user;
|
|
@@proxy_user
|
|
NULL
|
|
connection default;
|
|
disconnect proxy_con_1;
|
|
disconnect proxy_con_2;
|
|
disconnect proxy_con_3;
|
|
disconnect proxy_con_4;
|
|
disconnect proxy_con_5;
|
|
DROP USER ''@'%%',proxied_user_1,proxied_user_2,proxied_user_3,proxied_user_4,proxied_user_5;
|
|
========== test 3 ==========================================
|
|
GRANT ALL PRIVILEGES ON *.* TO plug_user
|
|
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
|
|
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
|
|
GRANT PROXY ON plug_dest TO plug_user;
|
|
FLUSH PRIVILEGES;
|
|
DROP USER plug_user, plug_dest;
|
|
DROP DATABASE test_user_db;
|