Fix so that SET PASSWORD is not replicated by the slave if running with
replicate-*-table rules which exclude 'mysql' tables (e.g. replicate-wild-ignore-table=mysql.%). This was already the behaviour for GRANT/REVOKE, I'm extending it to SET PASSWORD because it seems very logical (the contrary seems illogical). 2 new tests: - one to test if GRANT and SET PASSWORD are replicated - one to test if they are not replicated if replicate-wild-ignore-table=mysql.% The 2nd is also a testcase for BUG#980. sql/sql_acl.cc: Fix so that SET PASSWORD is not replicated by the slave if running with replicate-*-table rules which exclude 'mysql' tables (e.g. replicate-wild-ignore-table=mysql.%). This was already the behaviour for GRANT/REVOKE, I'm extending it to SET PASSWORD because it seems very logical (the contrary seems illogical).
This commit is contained in:
parent
b1c56d68e9
commit
3b013646e1
26
mysql-test/r/rpl_do_grant.result
Normal file
26
mysql-test/r/rpl_do_grant.result
Normal file
@ -0,0 +1,26 @@
|
||||
slave stop;
|
||||
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
||||
reset master;
|
||||
reset slave;
|
||||
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
||||
slave start;
|
||||
delete from mysql.user where user='rpl_do_grant';
|
||||
delete from mysql.db where user='rpl_do_grant';
|
||||
flush privileges;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
grant select on *.* to rpl_do_grant@localhost;
|
||||
grant drop on test.* to rpl_do_grant@localhost;
|
||||
show grants for rpl_do_grant@localhost;
|
||||
Grants for rpl_do_grant@localhost
|
||||
GRANT SELECT ON *.* TO 'rpl_do_grant'@'localhost'
|
||||
GRANT DROP ON `test`.* TO 'rpl_do_grant'@'localhost'
|
||||
set password for rpl_do_grant@localhost=password("does it work?");
|
||||
select password<>'' from mysql.user where user='rpl_do_grant';
|
||||
password<>''
|
||||
1
|
||||
delete from mysql.user where user='rpl_do_grant';
|
||||
delete from mysql.db where user='rpl_do_grant';
|
||||
flush privileges;
|
||||
flush privileges;
|
37
mysql-test/r/rpl_ignore_grant.result
Normal file
37
mysql-test/r/rpl_ignore_grant.result
Normal file
@ -0,0 +1,37 @@
|
||||
slave stop;
|
||||
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
||||
reset master;
|
||||
reset slave;
|
||||
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
||||
slave start;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
grant select on *.* to rpl_ignore_grant@localhost;
|
||||
grant drop on test.* to rpl_ignore_grant@localhost;
|
||||
show grants for rpl_ignore_grant@localhost;
|
||||
Grants for rpl_ignore_grant@localhost
|
||||
GRANT SELECT ON *.* TO 'rpl_ignore_grant'@'localhost'
|
||||
GRANT DROP ON `test`.* TO 'rpl_ignore_grant'@'localhost'
|
||||
show grants for rpl_ignore_grant@localhost;
|
||||
There is no such grant defined for user 'rpl_ignore_grant' on host 'localhost'
|
||||
select count(*) from mysql.user where user='rpl_ignore_grant';
|
||||
count(*)
|
||||
0
|
||||
select count(*) from mysql.db where user='rpl_ignore_grant';
|
||||
count(*)
|
||||
0
|
||||
grant select on *.* to rpl_ignore_grant@localhost;
|
||||
set password for rpl_ignore_grant@localhost=password("does it work?");
|
||||
select password<>'' from mysql.user where user='rpl_ignore_grant';
|
||||
password<>''
|
||||
0
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
46
mysql-test/t/rpl_do_grant.test
Normal file
46
mysql-test/t/rpl_do_grant.test
Normal file
@ -0,0 +1,46 @@
|
||||
# Test that GRANT and SET PASSWORD are replicated to the slave
|
||||
|
||||
source include/master-slave.inc;
|
||||
|
||||
# do not be influenced by other tests.
|
||||
connection master;
|
||||
delete from mysql.user where user='rpl_do_grant';
|
||||
delete from mysql.db where user='rpl_do_grant';
|
||||
flush privileges;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
# if these DELETE did nothing on the master, we need to do them manually on the
|
||||
# slave.
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
|
||||
# test replication of GRANT
|
||||
connection master;
|
||||
grant select on *.* to rpl_do_grant@localhost;
|
||||
grant drop on test.* to rpl_do_grant@localhost;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
show grants for rpl_do_grant@localhost;
|
||||
|
||||
# test replication of SET PASSWORD
|
||||
connection master;
|
||||
set password for rpl_do_grant@localhost=password("does it work?");
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
select password<>'' from mysql.user where user='rpl_do_grant';
|
||||
|
||||
# clear what we have done, to not influence other tests.
|
||||
connection master;
|
||||
delete from mysql.user where user='rpl_do_grant';
|
||||
delete from mysql.db where user='rpl_do_grant';
|
||||
flush privileges;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
# no need to delete manually, as the DELETEs must have done some real job on
|
||||
# master (updated binlog)
|
||||
flush privileges;
|
1
mysql-test/t/rpl_ignore_grant-slave.opt
Normal file
1
mysql-test/t/rpl_ignore_grant-slave.opt
Normal file
@ -0,0 +1 @@
|
||||
--replicate-wild-ignore-table=mysql.%
|
57
mysql-test/t/rpl_ignore_grant.test
Normal file
57
mysql-test/t/rpl_ignore_grant.test
Normal file
@ -0,0 +1,57 @@
|
||||
# Test that GRANT is not replicated to the slave
|
||||
# when --replicate-wild-ignore-table=mysql.%
|
||||
# In BUG#980, this test would _randomly_ fail.
|
||||
|
||||
source include/master-slave.inc;
|
||||
|
||||
# do not be influenced by other tests.
|
||||
connection master;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
# as these DELETE were not replicated, we need to do them manually on the
|
||||
# slave.
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
|
||||
# test non-replication of GRANT
|
||||
connection master;
|
||||
grant select on *.* to rpl_ignore_grant@localhost;
|
||||
grant drop on test.* to rpl_ignore_grant@localhost;
|
||||
show grants for rpl_ignore_grant@localhost;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
--error 1141 #("no such grant for user")
|
||||
show grants for rpl_ignore_grant@localhost;
|
||||
# check it another way
|
||||
select count(*) from mysql.user where user='rpl_ignore_grant';
|
||||
select count(*) from mysql.db where user='rpl_ignore_grant';
|
||||
|
||||
# test non-replication of SET PASSWORD
|
||||
# first force creation of the user on slave (because as the user does not exist
|
||||
# on slave, the SET PASSWORD may be replicated but silently do nothing; this is
|
||||
# not what we want; we want it to be not-replicated).
|
||||
grant select on *.* to rpl_ignore_grant@localhost;
|
||||
connection master;
|
||||
set password for rpl_ignore_grant@localhost=password("does it work?");
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
select password<>'' from mysql.user where user='rpl_ignore_grant';
|
||||
|
||||
# clear what we have done, to not influence other tests.
|
||||
connection master;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
||||
save_master_pos;
|
||||
connection slave;
|
||||
sync_with_master;
|
||||
delete from mysql.user where user='rpl_ignore_grant';
|
||||
delete from mysql.db where user='rpl_ignore_grant';
|
||||
flush privileges;
|
@ -1233,6 +1233,25 @@ static bool update_user_table(THD *thd, const char *host, const char *user,
|
||||
bzero((char*) &tables,sizeof(tables));
|
||||
tables.alias=tables.real_name=(char*) "user";
|
||||
tables.db=(char*) "mysql";
|
||||
#ifdef HAVE_REPLICATION
|
||||
/*
|
||||
GRANT and REVOKE are applied the slave in/exclusion rules as they are
|
||||
some kind of updates to the mysql.% tables.
|
||||
*/
|
||||
if (thd->slave_thread && table_rules_on)
|
||||
{
|
||||
/*
|
||||
The tables must be marked "updating" so that tables_ok() takes them into
|
||||
account in tests.
|
||||
*/
|
||||
tables.updating=1;
|
||||
/* Thanks to bzero, tables.next==0 */
|
||||
if (!tables_ok(0, &tables))
|
||||
DBUG_RETURN(0);
|
||||
tables.updating=0;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!(table=open_ltable(thd,&tables,TL_WRITE)))
|
||||
DBUG_RETURN(1); /* purecov: deadcode */
|
||||
table->field[0]->store(host,(uint) strlen(host));
|
||||
|
Loading…
x
Reference in New Issue
Block a user