maria-developers team mailing list archive
-
maria-developers team
-
Mailing list archive
-
Message #12361
41d807dfc8c: MENT-731:Setting of SHUTDOWN_WAIT_FOR_SLAVES should require special privilege, not generic SUPER
revision-id: 41d807dfc8c5f640ccbbac5838cf572b2b1712c1 (mariadb-10.4.4-1804-g41d807dfc8c)
parent(s): 38cbb0915eb4a0c43f1a83afa37c7de5e481a718
author: Sujatha
committer: Sujatha
timestamp: 2020-08-31 22:30:38 +0530
message:
MENT-731:Setting of SHUTDOWN_WAIT_FOR_SLAVES should require special privilege, not generic SUPER
Fix:
===
'shutdown_wait_for_slaves' variable can be set either by having SUPER or
SHUTDOWN privilege.
---
mysql-test/suite/binlog/r/binlog_grant.result | 34 +++++++++++++++++++++++
mysql-test/suite/binlog/t/binlog_grant.test | 40 +++++++++++++++++++++++++++
sql/privilege.h | 3 ++
sql/sys_vars.cc | 5 +++-
4 files changed, 81 insertions(+), 1 deletion(-)
diff --git a/mysql-test/suite/binlog/r/binlog_grant.result b/mysql-test/suite/binlog/r/binlog_grant.result
index af4c02411d5..aee0730c0ab 100644
--- a/mysql-test/suite/binlog/r/binlog_grant.result
+++ b/mysql-test/suite/binlog/r/binlog_grant.result
@@ -124,6 +124,40 @@ disconnect user1;
connection default;
DROP USER user1@localhost;
#
+# MENT-731: Setting of SHUTDOWN_WAIT_FOR_SLAVES should require special
+# privilege, not generic SUPER
+#
+# Test that 'shutdown_wait_for_slaves' variable cannot be set without
+# SHUTDOWN or SUPER
+CREATE USER user1@localhost;
+GRANT ALL PRIVILEGES ON *.* TO user1@localhost;
+REVOKE SHUTDOWN, SUPER ON *.* FROM user1@localhost;
+connect user1,localhost,user1,,;
+connection user1;
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=ON;
+ERROR 42000: Access denied; you need (at least one of) the SHUTDOWN, SUPER privilege(s) for this operation
+disconnect user1;
+connection default;
+DROP USER user1@localhost;
+# Test that 'shutdown_wait_for_slaves' variable can be set with SHUTDOWN
+CREATE USER user1@localhost;
+GRANT SHUTDOWN ON *.* TO user1@localhost;
+connect user1,localhost,user1,,;
+connection user1;
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=ON;
+disconnect user1;
+connection default;
+DROP USER user1@localhost;
+# Test that 'shutdown_wait_for_slaves' variable can be set with SUPER
+CREATE USER user1@localhost;
+GRANT SUPER ON *.* TO user1@localhost;
+connect user1,localhost,user1,,;
+connection user1;
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=OFF;
+disconnect user1;
+connection default;
+DROP USER user1@localhost;
+#
# MDEV-21975 Add BINLOG REPLAY privilege and bind new privileges to
# gtid_seq_no, preudo_thread_id, server_id, gtid_domain_id
#
diff --git a/mysql-test/suite/binlog/t/binlog_grant.test b/mysql-test/suite/binlog/t/binlog_grant.test
index ec8d2aeccd2..ca0e40299a9 100644
--- a/mysql-test/suite/binlog/t/binlog_grant.test
+++ b/mysql-test/suite/binlog/t/binlog_grant.test
@@ -172,6 +172,46 @@ SHOW BINLOG EVENTS;
connection default;
DROP USER user1@localhost;
+--echo #
+--echo # MENT-731: Setting of SHUTDOWN_WAIT_FOR_SLAVES should require special
+--echo # privilege, not generic SUPER
+--echo #
+
+--echo # Test that 'shutdown_wait_for_slaves' variable cannot be set without
+--echo # SHUTDOWN or SUPER
+CREATE USER user1@localhost;
+GRANT ALL PRIVILEGES ON *.* TO user1@localhost;
+REVOKE SHUTDOWN, SUPER ON *.* FROM user1@localhost;
+--connect(user1,localhost,user1,,)
+--connection user1
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=ON;
+--disconnect user1
+--connection default
+DROP USER user1@localhost;
+
+
+--echo # Test that 'shutdown_wait_for_slaves' variable can be set with SHUTDOWN
+CREATE USER user1@localhost;
+GRANT SHUTDOWN ON *.* TO user1@localhost;
+--connect(user1,localhost,user1,,)
+--connection user1
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=ON;
+--disconnect user1
+connection default;
+DROP USER user1@localhost;
+
+
+--echo # Test that 'shutdown_wait_for_slaves' variable can be set with SUPER
+CREATE USER user1@localhost;
+GRANT SUPER ON *.* TO user1@localhost;
+--connect(user1,localhost,user1,,)
+--connection user1
+SET GLOBAL SHUTDOWN_WAIT_FOR_SLAVES=OFF;
+--disconnect user1
+connection default;
+DROP USER user1@localhost;
+
--echo #
--echo # MDEV-21975 Add BINLOG REPLAY privilege and bind new privileges to
--echo # gtid_seq_no, preudo_thread_id, server_id, gtid_domain_id
diff --git a/sql/privilege.h b/sql/privilege.h
index 37cdf4da01a..f4bfd835013 100644
--- a/sql/privilege.h
+++ b/sql/privilege.h
@@ -433,6 +433,9 @@ constexpr privilege_t PRIV_SET_SYSTEM_GLOBAL_VAR_SLOW_LAUNCH_TIME=
constexpr privilege_t PRIV_SET_SYSTEM_GLOBAL_VAR_THREAD_POOL=
CONNECTION_ADMIN_ACL | SUPER_ACL;
+// Was SUPER_ACL prior to 10.5.5
+constexpr privilege_t PRIV_SET_SYSTEM_VAR_SHUTDOWN_WAIT_FOR_SLAVES=
+ SHUTDOWN_ACL | SUPER_ACL;
/*
Binary log related privileges that are checked regardless
diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
index 1577457a5d7..396c0570215 100644
--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -4573,7 +4573,10 @@ static Sys_var_ulong Sys_profiling_history_size(
VALID_RANGE(0, 100), DEFAULT(15), BLOCK_SIZE(1));
#endif
-static Sys_var_mybool Sys_shutdown_wait_for_slaves(
+static Sys_var_on_access_global<Sys_var_mybool,
+ PRIV_SET_SYSTEM_VAR_SHUTDOWN_WAIT_FOR_SLAVES>
+
+Sys_shutdown_wait_for_slaves(
"shutdown_wait_for_slaves",
"when ON, SHUTDOWN command runs with implicit WAIT FOR ALL SLAVES option.",
GLOBAL_VAR(opt_shutdown_wait_for_slaves), CMD_LINE(OPT_ARG),