317 lines
10 KiB
Plaintext
317 lines
10 KiB
Plaintext
# The include statement below is a temp one for tests that are yet to
|
|
#be ported to run with InnoDB,
|
|
#but needs to be kept for tests that would need MyISAM in future.
|
|
--source include/force_myisam_default.inc
|
|
|
|
--source include/not_embedded.inc
|
|
--source include/have_multi_ndb.inc
|
|
|
|
--source have_ndb_dist_priv.inc
|
|
|
|
let $load_sql_file = $NDB_DIST_PRIV_SQL;
|
|
|
|
connection server1;
|
|
--disable_query_log
|
|
--disable_result_log
|
|
--exec $MYSQL < $load_sql_file
|
|
call mysql.mysql_cluster_backup_privileges();
|
|
--enable_result_log
|
|
--enable_query_log
|
|
|
|
connection server2;
|
|
--disable_query_log
|
|
--disable_result_log
|
|
let $MYSQL2 = $EXE_MYSQL --defaults-file=$MYSQLTEST_VARDIR/my.cnf;
|
|
let $MYSQL2 = $MYSQL2 --defaults-group-suffix=.2.1;
|
|
--exec $MYSQL2 < $load_sql_file
|
|
call mysql.mysql_cluster_backup_privileges();
|
|
--enable_result_log
|
|
--enable_query_log
|
|
|
|
connection server1;
|
|
call mysql.mysql_cluster_move_privileges();
|
|
select mysql.mysql_cluster_privileges_are_distributed();
|
|
|
|
CREATE TABLE t1 (pk INT PRIMARY KEY, a INT) engine = ndb;
|
|
INSERT INTO t1 VALUES(0,0),(1,1),(2,2);
|
|
CREATE USER 'user'@'localhost' IDENTIFIED by 'mypass';
|
|
GRANT UPDATE ON t1 TO 'user'@'localhost';
|
|
SET PASSWORD FOR 'user'@'localhost'= 'newpass';
|
|
RENAME USER 'user'@'localhost' TO 'newuser'@'localhost';
|
|
GRANT SELECT ON test.* TO 'newuser'@'localhost' IDENTIFIED by 'mypass2';
|
|
CREATE USER 'user2'@'localhost' IDENTIFIED by 'mypass';
|
|
GRANT SELECT ON test.t1 TO 'user2'@'localhost';
|
|
select distinct User,Authentication_string from mysql.user order by User;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
CREATE USER 'user'@'localhost';
|
|
grant ALL PRIVILEGES on test.* to user@localhost with GRANT OPTION;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
GRANT SELECT ON test.t1 TO 'user'@'localhost';
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
|
|
connection server2;
|
|
FLUSH PRIVILEGES;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
REVOKE SELECT ON test.t1 FROM 'user'@'localhost';
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
CREATE USER 'user3'@'localhost' IDENTIFIED by 'mypass';
|
|
select distinct User,Authentication_string from mysql.user order by User;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
REVOKE UPDATE ON t1 FROM 'newuser'@'localhost';
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user'@'localhost';
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
GRANT SELECT (a) ON test.t1 TO 'user'@'localhost';
|
|
select User, Table_name, Column_name from mysql.columns_priv ORDER BY User;
|
|
|
|
connection server1;
|
|
FLUSH PRIVILEGES;
|
|
select distinct User,Authentication_string from mysql.user order by User;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
select User, Table_name, Column_name from mysql.columns_priv ORDER BY User;
|
|
|
|
connection server2;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user2'@'localhost';
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
|
|
connection server1;
|
|
select distinct User,Authentication_string from mysql.user order by User;
|
|
select User,Table_priv from mysql.tables_priv ORDER BY User;
|
|
|
|
#
|
|
# Test connecting with a user that does not exist
|
|
#
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (server1_should_fail,127.0.0.1,magnus,,test,$MASTER_MYPORT,);
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT1 MASTER_PORT1
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (server2_should_fail,127.0.0.1,magnus,,test,$MASTER_MYPORT1,);
|
|
|
|
#
|
|
# Create a new user with CREATE USER and check that it's possible
|
|
# to connect as that user on second mysqld
|
|
#
|
|
connection server1;
|
|
CREATE USER 'billy1'@'127.0.0.1' IDENTIFIED by 'mypass';
|
|
|
|
connect (server2_as_billy1,127.0.0.1,billy1,mypass,test,$MASTER_MYPORT1,);
|
|
connection server2_as_billy1;
|
|
SELECT USER();
|
|
SELECT * FROM t1 order by pk;
|
|
|
|
# Test connecting with blank password
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT1 MASTER_PORT1
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (server2_should_fail,127.0.0.1,billy1,,test,$MASTER_MYPORT1,);
|
|
|
|
# Test connecting with wrong password
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT1 MASTER_PORT1
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (server2_should_fail,127.0.0.1,billy1,wrongpass,test,$MASTER_MYPORT1,);
|
|
|
|
#
|
|
# Testing failed DDL transaction
|
|
#
|
|
connection server1;
|
|
BEGIN;
|
|
UPDATE mysql.user SET Authentication_string = ''
|
|
WHERE User = 'billy1';
|
|
|
|
connection server2;
|
|
# The SET PASSWORD query should fail when it tries to update the same row
|
|
# as the first connection.
|
|
--error ER_LOCK_WAIT_TIMEOUT
|
|
SET PASSWORD FOR 'billy1'@'127.0.0.1' = 'newpass';
|
|
SHOW WARNINGS;
|
|
|
|
connection server1;
|
|
ROLLBACK;
|
|
|
|
connection server2;
|
|
DROP USER 'billy1'@'127.0.0.1';
|
|
|
|
#
|
|
# Create a new user with GRANT ALL and check that it's possible
|
|
# to connect as that user on second mysqld
|
|
#
|
|
connection server1;
|
|
# Remove NO_AUTO_CREATE_USER sql mode since this part of the
|
|
# test is written to explcitly create a user with GRANT
|
|
set @orig_sql_mode= @@sql_mode;
|
|
set SESSION sql_mode= (select replace(@@sql_mode,'NO_AUTO_CREATE_USER',''));
|
|
GRANT ALL ON *.* TO 'billy2'@'127.0.0.1';
|
|
set SESSION sql_mode = @orig_sql_mode;
|
|
|
|
connect (server2_as_billy2,127.0.0.1,billy2,,test,$MASTER_MYPORT1,);
|
|
connection server2_as_billy2;
|
|
SELECT USER();
|
|
SELECT * FROM t1 order by pk;
|
|
|
|
connection server2;
|
|
DROP USER 'billy2'@'127.0.0.1';
|
|
|
|
--echo === making backup of new users ===
|
|
|
|
connection server1;
|
|
call mysql.mysql_cluster_backup_privileges();
|
|
|
|
--echo ==== clean up ====
|
|
connection server1;
|
|
DROP USER 'newuser'@'localhost';
|
|
DROP USER 'user2'@'localhost';
|
|
DROP USER 'user3'@'localhost';
|
|
|
|
DROP TABLE t1;
|
|
|
|
--echo === test restart of mysqld ===
|
|
connection server1;
|
|
--let $mysqld_name=mysqld.1.1
|
|
--source include/restart_mysqld.inc
|
|
--source include/ndb_wait_connected.inc
|
|
flush privileges;
|
|
|
|
--echo === test truncate ===
|
|
#
|
|
# bug#13346955
|
|
#
|
|
# a personal note is that I think that it should be disallowed
|
|
# to truncate one of these tables...
|
|
#
|
|
truncate mysql.proxies_priv;
|
|
flush privileges;
|
|
|
|
--echo === test mysql_upgrade ===
|
|
#
|
|
# BUG#16226274 MYSQL_UPGRADE FAILED WHEN USING DISTRIBUTED GRANTS
|
|
#
|
|
|
|
# Supress the warning which occurs on the other mysqld when
|
|
# mysql_upgrade tries to create the performance_schema database
|
|
# although it already exists(since the DROP DATABASE was not allowed
|
|
# due to local tables)
|
|
--disable_query_log
|
|
connection server2;
|
|
call mtr.add_suppression("Can\'t create database \'performance_schema\'; database exists");
|
|
connection server1;
|
|
call mtr.add_suppression("Can\'t create database \'performance_schema\'; database exists");
|
|
--enable_query_log
|
|
|
|
let $log_file = $MYSQLTEST_VARDIR/tmp/ndb_dist_priv_upgrade.log;
|
|
--echo mysql_upgrade first mysqld...
|
|
--exec $MYSQL_UPGRADE --skip-verbose --force > $log_file 2>&1
|
|
--echo mysql_upgrade second mysqld...
|
|
--exec $MYSQL_UPGRADE --defaults-group-suffix=.2.1 --skip-verbose --force >> $log_file 2>&1
|
|
--echo show that tables still are in NDB
|
|
--disable_query_log ONCE
|
|
SELECT table_name FROM information_schema.tables
|
|
WHERE table_schema = 'mysql' AND
|
|
table_type = 'BASE TABLE' AND
|
|
engine = 'NDBCLUSTER' AND
|
|
table_name IN ('user', 'db', 'tables_priv', 'columns_priv',
|
|
'procs_priv', 'proxies_priv', 'host')
|
|
ORDER BY table_name;
|
|
|
|
--echo === test mysql_upgrade of two mysqlds ===
|
|
#
|
|
# Bug #22875519: FAILING UPGRADE OF 2ND MYSQLD FOR 7.5.1 DUE TO 'SYS' SCHEMA
|
|
#
|
|
|
|
# Supress the warning which occurs on the other mysqld when
|
|
# mysql_upgrade tries to create the performance_schema database
|
|
# although it already exists(since the DROP DATABASE was not allowed
|
|
# due to local tables)
|
|
--disable_query_log
|
|
connection server2;
|
|
call mtr.add_suppression("Can\'t create database \'performance_schema\'; database exists");
|
|
connection server1;
|
|
call mtr.add_suppression("Can\'t create database \'performance_schema\'; database exists");
|
|
--enable_query_log
|
|
|
|
# Drop 'sys' database in both the mysqlds, so that sys schema gets
|
|
# created when mysql_upgrade is executed.
|
|
|
|
DROP DATABASE sys;
|
|
|
|
connection server2;
|
|
DROP DATABASE sys;
|
|
|
|
let $log_file = $MYSQLTEST_VARDIR/tmp/ndb_dist_priv_upgrade.log;
|
|
|
|
# Upgrading the first mysqld causes sys schema to be created with the necessary views/tables.
|
|
# Due to schema distribution, an empty sys schema is created in the second mysqld as well.
|
|
--echo mysql_upgrade first mysqld...
|
|
--exec $MYSQL_UPGRADE --skip-verbose --force > $log_file 2>&1
|
|
|
|
# Upgrading the second mysqld should succeed since sys schema is empty.
|
|
--echo mysql_upgrade second mysqld...
|
|
--exec $MYSQL_UPGRADE --defaults-group-suffix=.2.1 --skip-verbose --force >> $log_file 2>&1
|
|
|
|
# Restore local privileges
|
|
connection server1;
|
|
call mysql.mysql_cluster_backup_privileges();
|
|
connection server2;
|
|
call mysql.mysql_cluster_backup_privileges();
|
|
connection server1;
|
|
call mysql.mysql_cluster_restore_local_privileges();
|
|
connection server2;
|
|
call mysql.mysql_cluster_restore_local_privileges();
|
|
|
|
|
|
--disable_query_log
|
|
--disable_result_log
|
|
|
|
connection server1;
|
|
|
|
# Drop the local backup tables
|
|
drop table mysql.user_backup;
|
|
drop table mysql.db_backup;
|
|
drop table mysql.tables_priv_backup;
|
|
drop table mysql.columns_priv_backup;
|
|
drop table mysql.procs_priv_backup;
|
|
|
|
# Drop the distributed backup tables
|
|
drop table mysql.ndb_user_backup;
|
|
drop table mysql.ndb_db_backup;
|
|
drop table mysql.ndb_tables_priv_backup;
|
|
drop table mysql.ndb_columns_priv_backup;
|
|
drop table mysql.ndb_procs_priv_backup;
|
|
|
|
# Drop the function and sprocs
|
|
drop function mysql.mysql_cluster_privileges_are_distributed;
|
|
drop procedure mysql.mysql_cluster_backup_privileges;
|
|
drop procedure mysql.mysql_cluster_move_grant_tables;
|
|
drop procedure mysql.mysql_cluster_restore_local_privileges;
|
|
drop procedure mysql.mysql_cluster_restore_privileges;
|
|
drop procedure mysql.mysql_cluster_restore_privileges_from_local;
|
|
drop procedure mysql.mysql_cluster_move_privileges;
|
|
|
|
connection server2;
|
|
|
|
# Drop the local backup tables
|
|
drop table mysql.user_backup;
|
|
drop table mysql.db_backup;
|
|
drop table mysql.tables_priv_backup;
|
|
drop table mysql.columns_priv_backup;
|
|
drop table mysql.procs_priv_backup;
|
|
|
|
# The distributed backup tables should already have been dropped
|
|
--error ER_NO_SUCH_TABLE
|
|
select * from mysql.ndb_user_backup;
|
|
|
|
# Drop the function and sprocs
|
|
drop function mysql.mysql_cluster_privileges_are_distributed;
|
|
drop procedure mysql.mysql_cluster_backup_privileges;
|
|
drop procedure mysql.mysql_cluster_move_grant_tables;
|
|
drop procedure mysql.mysql_cluster_restore_local_privileges;
|
|
drop procedure mysql.mysql_cluster_restore_privileges;
|
|
drop procedure mysql.mysql_cluster_restore_privileges_from_local;
|
|
drop procedure mysql.mysql_cluster_move_privileges;
|
|
|
|
# Force restart since other tests depend on the _exact_
|
|
# order of rows in for example mysql.user
|
|
--source include/force_restart.inc
|
|
|
|
--enable_result_log
|
|
--enable_query_log
|
|
|