mirror of
https://github.com/MariaDB/server.git
synced 2025-01-30 18:41:56 +01:00
b3df1ec97a
Make two existing command line options "allow-suspicious-udfs" and
"skip-grant-tables" visible as global system variables.
Both options have security implications, but users were not able to check
their states in the server prior to this change. This was a security
issue, as the user may not be aware if the options are enabled. By adding
them into system variables, it increases users’ visibility into their
security configurations.
Create new MTR tests to verify that the system variables align with the
command line options. Minor adjustments to the existing MTR due to the new
members in system variables.
Before:
mysql> SHOW VARIABLES WHERE
Variable_Name LIKE 'allow_suspicious_udfs' OR
Variable_Name LIKE 'skip_grant_tables';
Empty set (0.000 sec)
After:
mysql> SHOW VARIABLES WHERE
Variable_Name LIKE 'allow_suspicious_udfs' OR
Variable_Name LIKE 'skip_grant_tables';
+-----------------------+-------+
| Variable_name | Value |
+-----------------------+-------+
| allow_suspicious_udfs | OFF |
| skip_grant_tables | OFF |
+-----------------------+-------+
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.
32 lines
1.2 KiB
Text
32 lines
1.2 KiB
Text
#
|
|
# MDEV-6984 Can't migrate from MySQL 5.6.21 to MariaDB 10
|
|
#
|
|
--source include/not_embedded.inc
|
|
--source include/have_perfschema.inc
|
|
|
|
#
|
|
# When 'root' account is password protected and MYSQL_UPGRADE doesn't
|
|
# know the password (meaning, MYSQL_UPGRADE is run automatically
|
|
# on upgrade), MYSQLD has to be started with --skip-grant-tables.
|
|
#
|
|
# In this setup MYSQL_UPGRADE cannot continue after issuing FLUSH PRIVILEGES
|
|
#
|
|
|
|
update mysql.global_priv set priv=json_set(priv, '$.plugin', 'mysql_native_password', '$.authentication_string', password('foo')) where user='root';
|
|
|
|
--replace_regex /[^ ]*mysql_upgrade_info/...mysql_upgrade_info/
|
|
--exec $MYSQL_UPGRADE
|
|
|
|
connect(con1,localhost,root,foo,,,);
|
|
|
|
update mysql.global_priv set priv=json_compact(json_remove(priv, '$.plugin', '$.authentication_string')) where user='root';
|
|
flush privileges;
|
|
# Load event table
|
|
set global event_scheduler=OFF;
|
|
|
|
let MYSQLD_DATADIR= `select @@datadir`;
|
|
--remove_file $MYSQLD_DATADIR/mysql_upgrade_info
|
|
|
|
# --skip-grant-tables state may changed during the test. Need to restart the server
|
|
# to restore the --skip-grant-tables state. Otherwise MTR's internal check will fail
|
|
--source include/restart_mysqld.inc
|