Fixed that --open-files-limit works on Linux

Docs/manual.texi: Update of security and replication sections sql/ha_berkeley.cc: More documentation sql/sql_base.cc: Fixed overflow bug sql/sql_parse.cc: Variable name change
2001-01-14 12:25:30 +02:00 · 2001-01-14 12:25:30 +02:00 · f62c9ed1e3
commit f62c9ed1e3
parent 686faae582
6 changed files with 110 additions and 33 deletions
--- a/BitKeeper/etc/gone
+++ b/BitKeeper/etc/gone
@ -316,3 +316,4 @@ sasha@work.mysql.com|BitKeeper/etc/logging_ok|20001214015456|29919|32b6551b8288c
 serg@serg.mysql.com|mysql-test/r/3.23/mrg000001.dummy.result|20001206231604|05053|bf7e6d609f22b897
 serg@serg.mysql.com|mysql-test/r/3.23/mrg000001.result|20001206231609|46662|db2ef2e717ab8332
 mwagner@evoq.home.mwagner.org|mysql-test/chew_on_this/select.res|20001014084759|41327|1295456b9394876
+mwagner@evoq.home.mwagner.org|mysql-test/chew_on_this/select.res|20001014084759|41327|1295456b93948768
--- a/Docs/manual.texi
+++ b/Docs/manual.texi
@ -347,6 +347,7 @@ The MySQL Access Privilege System

 * General security::            General security
 * Security::                    How to make @strong{MySQL} secure against crackers
+* Privileges options::          
 * What Privileges::             What the privilege system does
 * User names::                  @strong{MySQL} user names and passwords
 * Connecting::                  Connecting to the @strong{MySQL} server
@ -615,7 +616,7 @@ MySQL Utilites
 * mysql::                       The command line tool
 * mysqladmin::                  Administering a @strong{MySQL} server
 * mysqldump::                   Dumping the structure and data from @strong{MySQL} databases and tables
-* mysqlhotcopy::                Copying @code{MySQL} Databases and Tables
+* mysqlhotcopy::                Copying @strong{MySQL} Databases and Tables
 * mysqlimport::                 Importing data from text files
 * perror::                      Displaying error messages
 * mysqlshow::                   Showing databases, tables and columns
@ -2030,25 +2031,25 @@ Big changes made in @strong{MySQL} Version 3.22.12.
@item @strong{MyODBC} (uses ODBC SDK 2.5) --- Gamma
 It seems to work well with some programs.

-@item Replication -- Alpha / Beta
+@item Replication -- Beta / Gamma
 We are still working on replication, so don't expect this to be rock
 solid yet.  On the other hand, some @strong{MySQL} users are already
 using this with good results.

-@item BDB Tables -- Alpha  / Beta
+@item BDB Tables -- Beta
 The Berkeley DB code is very stable, but we are still improving the interface
 between @strong{MySQL} and BDB tables, so it will take some time before this
 is as tested as the other table types.

-@item Automatic recovery of MyISAM tables - Alpha.
+@item Automatic recovery of MyISAM tables - Beta.
 This only affects the new code that checks if the table was closed properly
 on open and executes an automatic check/repair of the table if it wasn't.

-@item MERGE tables -- Alpha / Beta
+@item MERGE tables -- Beta / Gamma
 The usage of keys on @code{MERGE} tables is still not that tested.  The
 other part of the @code{MERGE} code is quite well tested.

-@item FULLTEXT -- Alpha / Beta
+@item FULLTEXT -- Beta
 Text search seams to work, but is still not widely used.

@end table
@ -8178,6 +8179,7 @@ On NT you can get the following service error messages:
@multitable @columnfractions .3 .7
@item Permission Denied @tab Means that it cannot find @code{mysqld-nt.exe}.
@item Cannot Register   @tab Means that the path is incorrect.
+@item Failed to install service. @tab Means that the service is already installed or that the Service Control Manager is in bad state.
@end multitable

 If you have problems installing @code{mysqld-nt} as a service, try starting
@ -10901,6 +10903,7 @@ system.  This section describes how it works.
@menu
 * General security::            General security
 * Security::                    How to make @strong{MySQL} secure against crackers
+* Privileges options::          
 * What Privileges::             What the privilege system does
 * User names::                  @strong{MySQL} user names and passwords
 * Connecting::                  Connecting to the @strong{MySQL} server
@ -11087,7 +11090,7 @@ actually mean that it is encrypted. If you need high security, you should
 consult with a security expert.
@end itemize

-@node Security, What Privileges, General security, Privilege system
+@node Security, Privileges options, General security, Privilege system
@section How to Make MySQL Secure Against Crackers
@cindex crackers, security against
@cindex security, against crackers
@ -11190,6 +11193,9 @@ careful about creating grant table entries using hostname values that
 contain wild cards!
@end itemize

+@node Privileges options, What Privileges, Security, Privilege system
+@section Startup options to mysqld which concerns security
+
 The following @code{mysqld} options affect networking security:

@table @code
@ -11218,15 +11224,22 @@ Don't allow TCP/IP connections over the network.  All connections to
@code{mysqld} must be made via Unix sockets. This option is unsuitable for
 systems that use MIT-pthreads, because the MIT-pthreads package doesn't
 support Unix sockets.
+
+@item --skip-show-database
+@code{SHOW DATABASE} command doesn't return anything.
+
+@item --safe-show-database
+@code{SHOW DATABASE} only returns databases for which the user have
+some kind of privilege.
+
@end table

-@node What Privileges, User names, Security, Privilege system
+@node What Privileges, User names, Privileges options, Privilege system
@section What the Privilege System Does
@cindex system, privilege
@cindex privilege system
@cindex passwords, security

-
 The primary function of the @strong{MySQL} privilege system is to
 authenticate a user connecting from a given host, and to associate that user
 with privileges on a database such as
@ -22898,6 +22911,8 @@ client.  We plan to partly fix this in 4.0.
 tables.
@item
 Optimize performance.
+@item
+Change to not use page locks at all when we are scanning tables.
@end itemize

@node BDB errors,  , BDB TODO, BDB
@ -25690,7 +25705,7 @@ connect to the master.
@cindex @code{my.cnf} file
@cindex files,@code{my.cnf}
@node Replication Features, Replication Options, Replication HOWTO, Replication
-@section Replication Features
+@section Replication Features and known problems

 Below is an explanation of what is supported and what is not:

@ -25703,7 +25718,16 @@ Replication will be done correctly with @code{AUTO_INCREMENT},
 still resides on the master server at the time of update
 propagation. @code{LOAD LOCAL DATA INFILE} will be skipped.
@item
-Update queries that use user variables are not replication-safe (yet).
+The master and slave is not synchronizing @code{RAND()}.  This means
+that you should not use @code{RAND()} with any statement that updates a
+table.  As fixing this will require a change in the protocol, we will
+delay fixing this until 4.0. A workaround is using @code{RAND(#)}, where
+# is a random integer genearated by your application or by first
+executing @code{LAST_INSERT_ID(RAND())} and then using
+@code{LAST_INSERT_ID()} in the next statement.
+@item
+Update queries that use user variables (@code{@@variable}) are not yet
+replication-safe.
@item
 Temporary tables starting in 3.23.29 are replicated properly with the
 exception of the case when you shut down slave server ( not just slave thread),
@ -25718,6 +25742,12 @@ In earlier versions temporary tables are not being replicated properly - we
 recommend that you either upgrade, or execute @code{SET SQL_LOG_BIN=0} on
 your clients before all queries with temp tables.
@item
+@strong{MySQL} only supports one master and many slaves. We will in 4.x
+add a voting algorithm to automaticly change master if something goes
+wrong with the current master. We will also introduce 'agent' processes
+to help doing load balancing by sending select queries to different
+slaves.
+@item
 Starting in Version 3.23.26, it is safe to connect servers in a circular
 master-slave relationship with @code{log-slave-updates} enabled.
 Note, however, that many queries will not work right in this kind of
@ -25728,9 +25758,10 @@ so that pre-3.23.26 slaves will not be able to read it.
@item
 If the query on the slave gets an error, the slave thread will
 terminate, and a message will appear in the @code{.err} file. You should
-then connect to the slave manually, fix the cause of the error
-(for example, non-existent table), and then run @code{SLAVE START} sql command (available starting in Version 3.23.16). In Version 3.23.15, you will have
-to restart the server.
+then connect to the slave manually, fix the cause of the error (for
+example, non-existent table), and then run @code{SLAVE START} sql
+command (available starting in Version 3.23.16). In Version 3.23.15, you
+will have to restart the server.
@item
 If connection to the master is lost, the slave will retry immediately,
 and then in case of failure every @code{master-connect-retry} (default
@ -28515,6 +28546,7 @@ Most of the options to @code{safe_mysqld} are the same as the options to
@table @code
@item --basedir=path
@item --core-file-size=#
+Size of the core file @code{mysqld} should be able to create. Passed to @code{ulimit -c}.
@item --datadir=path
@item --defaults-extra-file=path
@item --defaults-file=path
@ -28525,10 +28557,8 @@ Path to @code{mysqld}
@item --mysqld=mysqld-version
 Name of the mysqld version in the @code{ledir} directory you want to start.
@item --no-defaults
-@item --open-files=#
-Number of files @code{mysqld} should be able to open. Passed to @code{ulimit -n}.
-@item --open-files=#
-Size of the core file @code{mysqld} should be able to create. Passed to @code{ulimit -c}.
+@item --open-files-limit=#
+Number of files @code{mysqld} should be able to open. Passed to @code{ulimit -n}. Not that you need to start @code{safe_mysqld} as root for this to work properly!
@item --pid-file=path
@item --port=#
@item --socket=path
@ -33494,9 +33524,12 @@ number 256 to affect the number of file descriptors available to

@code{ulimit} (and @code{open-files-limit}) can increase the number of
 file descriptors, but only up to the limit imposed by the operating
-system.  If you need to increase the OS limit on the number of file
-descriptors available to each process, consult the documentation for
-your operating system.
+system. There is also a 'hard' limit that can only be overrided if you
+start @code{safe_mysqld} or @code{mysqld} as root (Just remember that
+you need to also use the @code{--user=..} option in this case).  If you
+need to increase the OS limit on the number of file descriptors
+available to each process, consult the documentation for your operating
+system.

 Note that if you run the @code{tcsh} shell, @code{ulimit} will not work!
@code{tcsh} will also report incorrect values when you ask for the current
@ -39376,8 +39409,8 @@ An open source client for exploring databases and executing SQL. Supports
 A query tool for @strong{MySQL} and PostgreSQL.
@item @uref{http://dbman.linux.cz/,dbMan}
 A query tool written in Perl. Uses DBI and Tk.
-@item @uref{http://www.mysql.com/Downloads/Win32/Msc18.exe, Mascon 2000.1.8}
-@item @uref{http://www.mysql.com/Downloads/Win32/FrMsc18.exe, Free Mascon 2000.1.8}
+@item @uref{http://www.mysql.com/Downloads/Win32/Msc110.exe, Mascon 2000.1.10.48}
+@item @uref{http://www.mysql.com/Downloads/Win32/FrMsc110.exe, Free Mascon 2000.1.10.48}
 Mascon is a powerful Win32 GUI for the administering MySQL server
 databases. Mascon's features include visual table design, connections to
 multiple servers, data and blob editing of tables, security setting, SQL
@ -40248,6 +40281,9 @@ Our TODO section contains what we plan to have in 4.0. @xref{TODO MySQL 4.0}.
@itemize @bullet
@item
 Added @code{ORDER BY} syntax to @code{UPDATE} and @code{DELETE}.
+@item
+Added @code{SELECT .. WITH UPDATE} and @code{SELECT ... IN SHARE MODE} to
+get more locking options.
@end itemize

@node News-3.23.x, News-3.22.x, News-4.0.x, News
@ -40305,6 +40341,14 @@ though, so Version 3.23 is not released as a stable version yet.
@appendixsubsec Changes in release 3.23.31
@itemize @bullet
@item
+Fixed security bug in something (please upgrade if you are using a earlier
+MySQL 3.23 version).
+@item
+Fixed buffer overflow bug when writing a certain error message.
+@item
+Added usage of @code{getrlimit()} on Linux to get @code{-O --open-files-limit=#}
+to work on Linux.
+@item
 Fixed bug when using expression of type
@code{SELECT ... FROM t1 left join t2 on (t1.a=t2.a) WHERE t1.a=t2.a}. In this
 case the test in the @code{WHERE} clause was wrongly optimized away.
@ -45121,8 +45165,7 @@ The @code{mysqld} will support all standard @strong{MySQL} features and
 one can use it in a threaded client to run different queries in each
 thread.
@item
-@code{SHOW DATABASES} should only show the database which you have some kind
-of access privilege to.
+Replication should work with @code{RAND()}.
@item
 Online backup with very low performance penalty.  The online backup will
 make it easy to add a new replication slave without taking down the
--- a/sql/ha_berkeley.cc
+++ b/sql/ha_berkeley.cc
@ -119,6 +119,8 @@ bool berkeley_init(void)
    berkeley_tmpdir=mysql_tmpdir;
  if (!berkeley_home)
    berkeley_home=mysql_real_data_home;
+  DBUG_PRINT("bdb",("berkeley_home: %s",mysql_real_data_home));
+
  /*
    If we don't set set_lg_bsize() we will get into trouble when
    trying to use many open BDB tables.
@ -1675,6 +1677,34 @@ int ha_berkeley::external_lock(THD *thd, int lock_type)
  DBUG_RETURN(error);
 }

+/*
+  The idea with handler::store_lock() is the following:
+
+  The statement decided which locks we should need for the table
+  for updates/deletes/inserts we get WRITE locks, for SELECT... we get
+  read locks.
+
+  Before adding the lock into the table lock handler (see thr_lock.c)
+  mysqld calls store lock with the requested locks.  Store lock can now
+  modify a write lock to a read lock (or some other lock), ignore the
+  lock (if we don't want to use MySQL table locks at all) or add locks
+  for many tables (like we do when we are using a MERGE handler).
+
+  Berkeley DB changes all WRITE locks to TL_WRITE_ALLOW_WRITE (which
+  signals that we are doing WRITES, but we are still allowing other
+  reader's and writer's.
+
+  When releasing locks, store_lock() are also called. In this case one
+  usually doesn't have to do anything.
+
+  In some exceptional cases MySQL may send a request for a TL_IGNORE;
+  This means that we are requesting the same lock as last time and this
+  should also be ignored. (This may happen when someone does a flush
+  table when we have opened a part of the tables, in which case mysqld
+  closes and reopens the tables and tries to get the same locks at last
+  time).  In the future we will probably try to remove this.
+*/
+

 THR_LOCK_DATA **ha_berkeley::store_lock(THD *thd, THR_LOCK_DATA **to,
 					enum thr_lock_type lock_type)
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@ -119,7 +119,7 @@ inline void reset_floating_point_exceptions()
 #else
 #include <my_pthread.h>			// For thr_setconcurency()
 #endif
-#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) && !defined(__linux__) && !defined(HAVE_mit_thread)
+#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) && !defined(HAVE_mit_thread)
 #define SET_RLIMIT_NOFILE
 #endif

--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@ -1610,7 +1610,7 @@ find_field_in_tables(THD *thd,Item_field *item,TABLE_LIST *tables)
      char buff[NAME_LEN*2+1];
      if (db)
      {
-	strxmov(buff,db,".",table_name,NullS);
+	strxnmov(buff,sizeof(buff)-1,db,".",table_name,NullS);
 	table_name=buff;
      }
      my_printf_error(ER_UNKNOWN_TABLE,ER(ER_UNKNOWN_TABLE),MYF(0),table_name,
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@ -1784,8 +1784,8 @@ mysql_execute_command(void)
    break;
  case SQLCOM_SHOW_GRANTS:
    res=0;
-    if ((thd->user && !strcmp(thd->user,lex->grant_user->user.str)) ||
-	!(check_access(thd, SELECT_ACL, "mysql")))
+    if ((thd->priv_user && !strcmp(thd->priv_user,lex->grant_user->user.str)) ||
+	!check_access(thd, SELECT_ACL, "mysql",0,1))
    {
      res = mysql_show_grants(thd,lex->grant_user);
    }
@ -1854,7 +1854,7 @@ error:

 bool
 check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
-	     bool no_grant)
+	     bool dont_check_global_grants)
 {
  uint db_access,dummy;
  if (save_priv)
@ -1862,7 +1862,7 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
  else
    save_priv= &dummy;

-  if (!db && !thd->db && !no_grant)
+  if (!db && !thd->db && !dont_check_global_grants)
  {
    send_error(&thd->net,ER_NO_DB_ERROR);	/* purecov: tested */
    return TRUE;				/* purecov: tested */
@ -1874,7 +1874,7 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
    return FALSE;
  }
  if ((want_access & ~thd->master_access) & ~(DB_ACLS | EXTRA_ACL) ||
-      ! db && no_grant)
+      ! db && dont_check_global_grants)
  {						// We can never grant this
    net_printf(&thd->net,ER_ACCESS_DENIED_ERROR,
 	       thd->priv_user,
@ -1892,8 +1892,11 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
    db_access=thd->db_access;
  want_access &= ~EXTRA_ACL;			// Remove SHOW attribute
  db_access= ((*save_priv=(db_access | thd->master_access)) & want_access);
+
+  /* grant_option is set if there exists a single table or column grant */
  if (db_access == want_access ||
-      ((grant_option && !no_grant) && !(want_access & ~TABLE_ACLS)))
+      ((grant_option && !dont_check_global_grants) &&
+       !(want_access & ~TABLE_ACLS)))
    return FALSE;				/* Ok */
  net_printf(&thd->net,ER_DBACCESS_DENIED_ERROR,
 	     thd->priv_user,