mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-12-24 05:05:45 +01:00
Code Issues Projects Releases Packages Wiki Activity
mariadb/mysql-test/suite/plugins/t/server_audit.test
Sergei Golubchik 38828f2078 MDEV-37501 plugins.server_audit Fails in 12.1+ 
DISCONNECT audit record is added at some point after the actual
disconnect. To have it at the deterministic place in the log,
we have to wait for it to be added before continuing.
2025-09-30 22:20:40 +02:00

267 lines
10 KiB
Text
Raw Permalink Blame History

--source include/have_plugin_auth.inc
--source include/not_embedded.inc
--source include/have_ssl_communication.inc
--source include/no_view_protocol.inc
if (!$SERVER_AUDIT_SO) {
skip No SERVER_AUDIT plugin;
}
--disable_ps2_protocol
# An unfortunate wait for check-testcase.inc to complete disconnect.
let count_sessions= 1;
source include/wait_until_count_sessions.inc;
let $MYSQLD_DATADIR= `SELECT @@datadir`;
let SEARCH_FILE= $MYSQLD_DATADIR/server_audit.log;
install plugin server_audit soname 'server_audit';
show variables like 'server_audit%';
set global server_audit_file_path=null;
set global server_audit_incl_users=null;
set global server_audit_file_path='server_audit.log';
set global server_audit_output_type=file;
--replace_regex /[1-9][0-9][0-9]+/FN_LEN/
set global server_audit_file_path=REPEAT(REPEAT('new_file_name', 50), 50);
set global server_audit_logging=on;
--error ER_WRONG_VALUE_FOR_VAR
set global server_audit_incl_users= repeat("'root',", 10000);
show variables like 'server_audit_incl_users';
--error ER_WRONG_VALUE_FOR_VAR
set global server_audit_excl_users= repeat("'root',", 10000);
show variables like 'server_audit_excl_users';
let SEARCH_COUNT= 5;
source include/wait_for_line_count_in_file.inc;
connect (con1,localhost,root,,mysql);
disconnect con1;
let SEARCH_COUNT= 7;
source include/wait_for_line_count_in_file.inc;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
connect (con1,localhost,no_such_user,,mysql);
let SEARCH_COUNT= 9;
source include/wait_for_line_count_in_file.inc;
connection default;
set global server_audit_incl_users='odin, dva, tri';
create table t1 (id int);
set global server_audit_incl_users='odin, root, dva, tri';
create table t2 (id int);
set global server_audit_excl_users='odin, dva, tri';
insert into t1 values (1), (2);
select * from t1;
set global server_audit_incl_users='odin, root, dva, tri';
insert into t2 values (1), (2);
select * from t2;
alter table t1 rename renamed_t1;
set global server_audit_events='connect,query';
select 1,
2,
# comment
3;
insert into t2 values (1), (2);
select * from t2;
--disable_ps_protocol
--error ER_NO_SUCH_TABLE
select * from t_doesnt_exist;
--enable_ps_protocol
--error 1064
syntax_error_query;
drop table renamed_t1, t2;
show variables like 'server_audit%';
set global server_audit_mode=1;
set global server_audit_events='';
create database sa_db;
let SEARCH_COUNT= 47;
source include/wait_for_line_count_in_file.inc;
connect (con1,localhost,root,,test);
create table t1 (id2 int);
insert into t1 values (1), (2);
select * from t1;
drop table t1;
use sa_db;
create table sa_t1(id int);
insert into sa_t1 values (1), (2);
drop table sa_t1;
drop database sa_db;
disconnect con1;
let SEARCH_COUNT= 80;
source include/wait_for_line_count_in_file.inc;
connection default;
create database sa_db;
use sa_db;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098');
CREATE USER u3 IDENTIFIED BY '';
ALTER USER u3 IDENTIFIED BY 'pwd-456';
drop user u1, u2, u3;
set global server_audit_events='query_ddl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='query_ddl,query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
drop table t1;
set global server_audit_events='query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_dcl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD
# comment
FOR u1 = PASSWORD('pwd 098');
--error 1064
SET PASSWORD FOR u1=<secret>;
CREATE USER u3 IDENTIFIED BY '';
drop user u1, u2, u3;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_dml_no_select';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='table';
set global server_audit_incl_users='user1';
create user user1@localhost;
grant all on sa_db.* to user1@localhost;
connect (cn1,127.0.0.1,user1,,sa_db,$MASTER_MYPORT);
create table t1(id int) engine=myisam;
insert delayed into t1 values (1);
connection default;
--echo # Waiting until INSERT DELAYED thread does the insert.
let $wait_condition= SELECT COUNT(*) = 1 FROM t1;
--source include/wait_condition.inc
drop table t1;
set global server_audit_logging= off;
set global server_audit_incl_users='root';
set global server_audit_logging= on;
disconnect cn1;
let SEARCH_COUNT= 140;
source include/wait_for_line_count_in_file.inc;
drop user user1@localhost;
set global server_audit_events='';
set global server_audit_incl_users='root, plug_dest, ssl_user1';
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
--sleep 2
--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
connect(plug_con,localhost,plug,plug_dest);
--sleep 2
GRANT PROXY ON plug_dest TO plug;
--sleep 2
connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*");
select USER(),CURRENT_USER();
connection default;
disconnect plug_con;
let SEARCH_COUNT= 174;
source include/wait_for_line_count_in_file.inc;
DROP USER plug;
DROP USER plug_dest;
CREATE USER ssl_user1@localhost require SSL;
GRANT ALL ON sa_db TO ssl_user1@localhost;
connect (conssl1,localhost,ssl_user1,,sa_db,,,SSL);
--let $ssl_version = query_get_value(SHOW STATUS LIKE 'Ssl_version', Value, 1)
select variable_value > '' as 'have_ssl' from information_schema.session_status where variable_name='ssl_cipher';
disconnect conssl1;
let SEARCH_COUNT= 205;
source include/wait_for_line_count_in_file.inc;
connection default;
DROP USER ssl_user1@localhost;
set global server_audit_query_log_limit= 15;
select (1), (2), (3), (4);
select 'A', 'B', 'C', 'D';
set global server_audit_query_log_limit= 1024;
drop database sa_db;
select length('01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789');
CREATE TABLE test.t1 (a char(4));
set sql_mode="";
insert into test.t1 value("12345");
set sql_mode=default;
drop table test.t1;
set global server_audit_file_path='.';
--replace_regex /\.[\\\/]/HOME_DIR\//
show status like 'server_audit_current_log';
set global server_audit_file_path='';
show status like 'server_audit_current_log';
set global server_audit_file_path=' ';
show status like 'server_audit_current_log';
set global server_audit_file_path='nonexisting_dir/';
show status like 'server_audit_current_log';
show variables like 'server_audit%';
uninstall plugin server_audit;
# replace stored SSL verison with constant string "TLS_VERSION"
--replace_result $ssl_version TLS_VERSION
# replace the timestamp and the hostname with constant values
--replace_regex /\d* \d\d:\d\d:\d\d\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9]\d*\,/,1,/ /\,[1-9]\d*/,ID/ /:\d+,/:PORT,/
cat_file $MYSQLD_DATADIR/server_audit.log;
remove_file $MYSQLD_DATADIR/server_audit.log;
--enable_ps2_protocol
--echo #
--echo # MDEV-27631 Assertion `global_status_var.global_memory_used == 0' failed in mysqld_exit
--echo #
install plugin server_audit soname 'server_audit';
uninstall plugin server_audit;
Reference in a new issue View git blame Copy permalink