MySQL Bugs: #27606: GRANT statement should be replicated with DEFINER information

Bug #27606	GRANT statement should be replicated with DEFINER information
Submitted:	3 Apr 2007 6:00	Modified:	15 Nov 2010 11:51
Reporter:	Magnus Blåudd	Email Updates:
Status:	Closed	Impact on me:	None
Category:	MySQL Server: Replication	Severity:	S1 (Critical)
Version:	all	OS:	Any
Assigned to:	Libing Song	CPU Architecture:	Any

Description:
"Grantor" columns' data is lost when replicating mysql.tables_priv.

The GRANT statment is replicated to the slave and when executed the "Grantor" column is replaced with new data calculated on the slave -> becomes ""

How to repeat:
source include/master-slave.inc;

create table test.t4(a int);

# Add a GRANT that will insert record into mysql.tables_priv
GRANT INSERT ON test.t4 TO mysqltest2@localhost;

select * from mysql.tables_priv;
sync_slave_with_master;
select * from mysql.tables_priv;

Suggested fix:
Replicate Grantor column. Maybe just an "if (slave_thread)" around the new assignment of grantor.

Pushed into 5.1.18-beta

For clarity:  this bug is not fixed; what was pushed is a simple workaround for a test case failure caused by this bug.  There is no server code change, and nothing to document at this time.

Hi!

The problem with the grantor is similar to how the definer for stored 
routines and triggers is replicated, i.e., by using an explicit field. 
The proper solution is to add such a field to the privileges statements 
that need it, but that is a significant amount of work.

The workaround is to connect to the slaves, setting the privileges using 
the GRANT statement and avoid replicating DML statements that manipulate 
tables in the mysql.* tables.

Since there is a workaround, which is not very taxing on the user, I am 
tempted to discard of this bug or at least move it to post-5.1.

Just my few cents,
Mats Kindahl

This problem will be fixed in a version after 5.1.

Reopening this bug since we need to make replication work for this statement. The idea for solving this bug is to add a GRANTOR field in a similar fashion to how the DEFINER field was added to the definition of stored routines and triggers.

Grantor column is there for future features, mostly for cascaded actions.

It should be replicated within the WL# for those features.

Indeed, this is not repeatable with current mysql-5.1 tree:

openxs@ubuntu:/home2/openxs/dbs/5.1/mysql-test$ ./mtr bug27606
Logging: ./mtr  bug27606
...
TEST                                      RESULT   TIME (ms)
------------------------------------------------------------

worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 13000..13009
stop slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
reset master;
reset slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
start slave;
create table test.t4(a int);
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
select * from mysql.tables_priv;
Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv
localhost	test	mysqltest2	t4	root@localhost	2010-09-13 11:03:04	Insert	
select * from mysql.tables_priv;
Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv
localhost	test	mysqltest2	t4		2010-09-13 11:03:04	Insert

My previous comment was wrong. It was 5.1.50 and grantor is NOT replicated.

Problem is still repeatable with recent 5.1.51 (mysql-5.1 tree) from bzr:

openxs@ubuntu:/home2/openxs/dbs/5.1/mysql-test$ ./mtr bug27606
Logging: ./mtr  bug27606
100913 11:49:38 [Note] Plugin 'FEDERATED' is disabled.
100913 11:49:38 [Note] Plugin 'ndbcluster' is disabled.
MySQL Version 5.1.51
Checking supported features...
 - using ndbcluster when necessary, mysqld supports it
 - SSL connections supported
 - binaries are debug compiled
Collecting tests...
vardir: /home2/openxs/dbs/5.1/mysql-test/var
Checking leftover processes...
Removing old var directory...
Creating var directory '/home2/openxs/dbs/5.1/mysql-test/var'...
Installing system database...
Using server port 59794

==============================================================================

TEST                                      RESULT   TIME (ms)
------------------------------------------------------------

worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 13000..13009
stop slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
reset master;
reset slave;
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
start slave;
create table test.t4(a int);
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
select * from mysql.tables_priv;
Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv
localhost	test	mysqltest2	t4	root@localhost	2010-09-13 11:49:42	Insert	
select * from mysql.tables_priv;
Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv
localhost	test	mysqltest2	t4		2010-09-13 11:49:42	Insert

I've used the following revno:

openxs@ubuntu:/home2/openxs/bzr2/mysql-5.1$ bzr log --show-ids -l1
------------------------------------------------------------
revno: 3468 [merge]
revision-id: build@mysql.com-20100819151858-muaaor6jojb5ouzj
parent: build@mysql.com-20100819150329-wbfsgrz9hfs73gon
parent: alfranio.correia@sun.com-20100803115202-djw53teru56ls7nd
author: karen.langford@oracle.com
committer: MySQL Build Team <build@mysql.com>
branch nick: mysql-5.1
timestamp: Thu 2010-08-19 17:18:58 +0200
message:
  Merge from mysql-5.1.50-release

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/121431

3530 Li-Bing.Song@sun.com	2010-10-21
      Bug#27606  GRANT statement should be replicated with DEFINER information
      
      "Grantor" columns' data is lost when replicating mysql.tables_priv.
      Slave SQL thread used its default user ''@'' as the grantor of GRANT|REVOKE
      statements executing on it.
      
      In this patch, current user is put in query log event for all GRANT and REVOKE
      statement, SQL thread uses the user in query log event as grantor.
     @ mysql-test/suite/rpl/r/rpl_do_grant.result
        Add test for this bug.
     @ mysql-test/suite/rpl/t/rpl_do_grant.test
        Add test for this bug.
     @ sql/log_event.cc
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_class.cc
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_class.h
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_parse.cc
        Call binlog_invoker() for GRANT and REVOKE statements.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/121734

3545 Li-Bing.Song@sun.com	2010-10-23
      Bug#27606  GRANT statement should be replicated with DEFINER information
      
      "Grantor" columns' data is lost when replicating mysql.tables_priv.
      Slave SQL thread used its default user ''@'' as the grantor of GRANT|REVOKE
      statements executing on it.
      
      In this patch, current user is put in query log event for all GRANT and REVOKE
      statement, SQL thread uses the user in query log event as grantor.
     @ mysql-test/suite/rpl/r/rpl_do_grant.result
        Add test for this bug.
     @ mysql-test/suite/rpl/t/rpl_do_grant.test
        Add test for this bug.
     @ sql/log_event.cc
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_class.cc
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_class.h
        Refactoring THD::current_user_used and related functions.
        current_user_used is used to judge if current user should be
        binlogged in query log event. So it is better to call it m_binlog_invoker.
        The related functions are renamed too.
     @ sql/sql_parse.cc
        Call binlog_invoker() for GRANT and REVOKE statements.

Pushed into mysql-5.1-bugteam and merged into mysql-5.5-bugteam and mysql-trunk-merge.

Documented bugfix in the 5.1.53 and 5.5.8 changelogs as follows:

      When replicating mysql.tables_priv, the Grantor column was not
      replicated and thus left empty on the slave.

Waiting for merge to next-mr.

Still waiting for merge to -trunk.

Pushed into mysql-trunk 5.6.99-m5 (revid:alexander.nozdrin@oracle.com-20101113155825-czmva9kg4n31anmu) (version source revid:alexander.nozdrin@oracle.com-20101113152450-2zzcm50e7i4j35v7) (merge vers: 5.6.1-m4) (pib:21)

Pushed into mysql-next-mr (revid:alexander.nozdrin@oracle.com-20101113160336-atmtmfb3mzm4pz4i) (version source revid:vasil.dimov@oracle.com-20100629074804-359l9m9gniauxr94) (pib:21)

Bug does not appear in a 5.6 release, no additional changelog entries required.

Closed.

Pushed into mysql-5.1 5.1.54 (revid:build@mysql.com-20101118153531-693taxtxyxpt037i) (version source revid:build@mysql.com-20101118153531-693taxtxyxpt037i) (merge vers: 5.1.54) (pib:21)

Pushed into mysql-5.5 5.5.9 (revid:jonathan.perkin@oracle.com-20101216101358-fyzr1epq95a3yett) (version source revid:jonathan.perkin@oracle.com-20101216101358-fyzr1epq95a3yett) (merge vers: 5.5.9) (pib:24)