List:Commits« Previous MessageNext Message »
From:Rafal Somla Date:February 25 2009 10:05am
Subject:Re: bzr commit into mysql-6.0 branch (ingo.struewing:2781) Bug#41578
View as plain text  
STATUS
------
Extension requested.

REQUEST
-------
1. In si_objects, set sql_mode to NO_AUTO_CREATE_USER so that users are not 
implicitly created when restoring privileges. Add necessary checks in tests to 
verify that it is not the case (I think backup_db_grants_extra test contains a 
scenario where grantees are dropped before restore).

2. Answer question [1] below.

SUGGESTIONS
-----------
None.


DETAILS
-------
Ingo Struewing wrote:
> #At file:///home2/mydev/bzrroot/mysql-6.0-bug41578-3/ based on
> revid:rafal.somla@stripped
> 
>  2781 Ingo Struewing	2009-02-24
>       Bug#41578 - Drop column/table with grants followed by restore fails.
>       
>       When a database object like a table or column is dropped,
>       privileges for these objects are not dropped.
>       
>       BACKUP includes all privileges that belong to the saved databases.
>       So it includes privileges for objects that do not exist.
>       
>       On RESTORE the saved objects are re-created, followed by the
>       privileges. RESTORE failed when trying to grant a privilege
>       for a non-existent object.
>       
>       To be able to restore the same objects and privileges as they existed
>       at backup time, we do now omit checks for object existence when
>       granting privileges during RESTORE.
...
> === modified file 'sql/sql_acl.cc'
> --- a/sql/sql_acl.cc	2009-02-18 10:23:38 +0000
> +++ b/sql/sql_acl.cc	2009-02-24 19:45:05 +0000
> @@ -2972,7 +2972,12 @@ int mysql_table_grant(THD *thd, TABLE_LI
>                                           column->column.ptr(), NULL, NULL,
>                                           NULL, TRUE, FALSE,
>                                           &unused_field_idx, FALSE, &dummy);
> -        if (f == (Field*)0)
> +        /*
> +          During RESTORE, we want to restore all privileges that existed
> +          at backup time. This includes privileges for non-existing
> +          colums.
> +        */
> +        if ((f == (Field*)0) && (thd->backup_in_progress !=
> SQLCOM_RESTORE))
>          {
>            my_error(ER_BAD_FIELD_ERROR, MYF(0),
>                     column->column.c_ptr(), table_list->alias);
> @@ -2984,7 +2989,12 @@ int mysql_table_grant(THD *thd, TABLE_LI
>        }
>        close_thread_tables(thd);
>      }
> -    else
> +    /*
> +      During RESTORE, we want to restore all privileges that existed
> +      at backup time. This includes privileges for non-existing
> +      tables.
> +    */
> +    else if ((thd->backup_in_progress != SQLCOM_RESTORE))
>      {
>        if (!(rights & CREATE_ACL))
>        {
> 

[1] This means that the check for table_list->grant.want_privilege (few lines 
below) will be skipped during RESTORE. Is it correct to skip this check?

Rafal
Thread
bzr commit into mysql-6.0 branch (ingo.struewing:2781) Bug#41578Ingo Struewing24 Feb 2009
  • Re: bzr commit into mysql-6.0 branch (ingo.struewing:2781) Bug#41578Rafal Somla25 Feb 2009
    • Re: bzr commit into mysql-6.0 branch (ingo.struewing:2781) Bug#41578Ingo Strüwing25 Feb 2009