← Back to team overview

maria-discuss team mailing list archive

GRANT PROXY access denied with proxied User


At our enterprise we have a DBA-User proxied with "GRANT PROXY ON
'dba'@'%' TO ''@'%'" and backed by pam module (roughly according to [1])
to login from our ldap-accounts.

When logging in via pam into the DBA-Role I'm unable to grant the proxy
privileges to other users.

Following [2] (MySQL docs, because the MariaDB docs are lacking any
further information about this) I already tried to "GRANT PROXY ON
'dba'@'%' TO ''@'%' WITH GRANT OPTION" and "GRANT PROXY ON ''@'' TO
'dba'@'%' WITH GRANT OPTION" (as [2] is ambiguous about if the
"proxied_user" or the "proxy_user" should have the "WITH GRANT OPTION"),
but neither the first grant nor the second one showed any effect.

When I grant the proxy privilege with grant option to a local user, this
user is able to grant the proxy privileges to other users.
So my question is, if it's not possible to grant proxy privileges while
one's logged in with a proxy user?

Thanks in advance,

[2]: https://dev.mysql.com/doc/refman/5.5/en/proxy-users.html

Attachment: signature.asc
Description: OpenPGP digital signature

Follow ups