Commit 3b013646 authored by unknown's avatar unknown

Fix so that SET PASSWORD is not replicated by the slave if running with

replicate-*-table rules which exclude 'mysql' tables
(e.g. replicate-wild-ignore-table=mysql.%).
This was already the behaviour for GRANT/REVOKE, I'm extending it to
SET PASSWORD because it seems very logical (the contrary seems illogical).
2 new tests:
- one to test if GRANT and SET PASSWORD are replicated
- one to test if they are not replicated if replicate-wild-ignore-table=mysql.%
The 2nd is also a testcase for BUG#980.


sql/sql_acl.cc:
  Fix so that SET PASSWORD is not replicated by the slave if running with
  replicate-*-table rules which exclude 'mysql' tables
  (e.g. replicate-wild-ignore-table=mysql.%).
  This was already the behaviour for GRANT/REVOKE, I'm extending it to
  SET PASSWORD because it seems very logical (the contrary seems illogical).
parent b1c56d68
slave stop;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
reset master;
reset slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
slave start;
delete from mysql.user where user='rpl_do_grant';
delete from mysql.db where user='rpl_do_grant';
flush privileges;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
grant select on *.* to rpl_do_grant@localhost;
grant drop on test.* to rpl_do_grant@localhost;
show grants for rpl_do_grant@localhost;
Grants for rpl_do_grant@localhost
GRANT SELECT ON *.* TO 'rpl_do_grant'@'localhost'
GRANT DROP ON `test`.* TO 'rpl_do_grant'@'localhost'
set password for rpl_do_grant@localhost=password("does it work?");
select password<>'' from mysql.user where user='rpl_do_grant';
password<>''
1
delete from mysql.user where user='rpl_do_grant';
delete from mysql.db where user='rpl_do_grant';
flush privileges;
flush privileges;
slave stop;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
reset master;
reset slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
slave start;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
grant select on *.* to rpl_ignore_grant@localhost;
grant drop on test.* to rpl_ignore_grant@localhost;
show grants for rpl_ignore_grant@localhost;
Grants for rpl_ignore_grant@localhost
GRANT SELECT ON *.* TO 'rpl_ignore_grant'@'localhost'
GRANT DROP ON `test`.* TO 'rpl_ignore_grant'@'localhost'
show grants for rpl_ignore_grant@localhost;
There is no such grant defined for user 'rpl_ignore_grant' on host 'localhost'
select count(*) from mysql.user where user='rpl_ignore_grant';
count(*)
0
select count(*) from mysql.db where user='rpl_ignore_grant';
count(*)
0
grant select on *.* to rpl_ignore_grant@localhost;
set password for rpl_ignore_grant@localhost=password("does it work?");
select password<>'' from mysql.user where user='rpl_ignore_grant';
password<>''
0
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
# Test that GRANT and SET PASSWORD are replicated to the slave
source include/master-slave.inc;
# do not be influenced by other tests.
connection master;
delete from mysql.user where user='rpl_do_grant';
delete from mysql.db where user='rpl_do_grant';
flush privileges;
save_master_pos;
connection slave;
sync_with_master;
# if these DELETE did nothing on the master, we need to do them manually on the
# slave.
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
# test replication of GRANT
connection master;
grant select on *.* to rpl_do_grant@localhost;
grant drop on test.* to rpl_do_grant@localhost;
save_master_pos;
connection slave;
sync_with_master;
show grants for rpl_do_grant@localhost;
# test replication of SET PASSWORD
connection master;
set password for rpl_do_grant@localhost=password("does it work?");
save_master_pos;
connection slave;
sync_with_master;
select password<>'' from mysql.user where user='rpl_do_grant';
# clear what we have done, to not influence other tests.
connection master;
delete from mysql.user where user='rpl_do_grant';
delete from mysql.db where user='rpl_do_grant';
flush privileges;
save_master_pos;
connection slave;
sync_with_master;
# no need to delete manually, as the DELETEs must have done some real job on
# master (updated binlog)
flush privileges;
--replicate-wild-ignore-table=mysql.%
# Test that GRANT is not replicated to the slave
# when --replicate-wild-ignore-table=mysql.%
# In BUG#980, this test would _randomly_ fail.
source include/master-slave.inc;
# do not be influenced by other tests.
connection master;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
save_master_pos;
connection slave;
sync_with_master;
# as these DELETE were not replicated, we need to do them manually on the
# slave.
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
# test non-replication of GRANT
connection master;
grant select on *.* to rpl_ignore_grant@localhost;
grant drop on test.* to rpl_ignore_grant@localhost;
show grants for rpl_ignore_grant@localhost;
save_master_pos;
connection slave;
sync_with_master;
--error 1141 #("no such grant for user")
show grants for rpl_ignore_grant@localhost;
# check it another way
select count(*) from mysql.user where user='rpl_ignore_grant';
select count(*) from mysql.db where user='rpl_ignore_grant';
# test non-replication of SET PASSWORD
# first force creation of the user on slave (because as the user does not exist
# on slave, the SET PASSWORD may be replicated but silently do nothing; this is
# not what we want; we want it to be not-replicated).
grant select on *.* to rpl_ignore_grant@localhost;
connection master;
set password for rpl_ignore_grant@localhost=password("does it work?");
save_master_pos;
connection slave;
sync_with_master;
select password<>'' from mysql.user where user='rpl_ignore_grant';
# clear what we have done, to not influence other tests.
connection master;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
save_master_pos;
connection slave;
sync_with_master;
delete from mysql.user where user='rpl_ignore_grant';
delete from mysql.db where user='rpl_ignore_grant';
flush privileges;
...@@ -1233,6 +1233,25 @@ static bool update_user_table(THD *thd, const char *host, const char *user, ...@@ -1233,6 +1233,25 @@ static bool update_user_table(THD *thd, const char *host, const char *user,
bzero((char*) &tables,sizeof(tables)); bzero((char*) &tables,sizeof(tables));
tables.alias=tables.real_name=(char*) "user"; tables.alias=tables.real_name=(char*) "user";
tables.db=(char*) "mysql"; tables.db=(char*) "mysql";
#ifdef HAVE_REPLICATION
/*
GRANT and REVOKE are applied the slave in/exclusion rules as they are
some kind of updates to the mysql.% tables.
*/
if (thd->slave_thread && table_rules_on)
{
/*
The tables must be marked "updating" so that tables_ok() takes them into
account in tests.
*/
tables.updating=1;
/* Thanks to bzero, tables.next==0 */
if (!tables_ok(0, &tables))
DBUG_RETURN(0);
tables.updating=0;
}
#endif
if (!(table=open_ltable(thd,&tables,TL_WRITE))) if (!(table=open_ltable(thd,&tables,TL_WRITE)))
DBUG_RETURN(1); /* purecov: deadcode */ DBUG_RETURN(1); /* purecov: deadcode */
table->field[0]->store(host,(uint) strlen(host)); table->field[0]->store(host,(uint) strlen(host));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment