Bug #72655 | mysqluserclone creates user on destination host, even after error | ||
---|---|---|---|
Submitted: | 15 May 2014 9:49 | Modified: | 16 Jul 2014 0:57 |
Reporter: | Shahriyar Rzayev | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Utilities | Severity: | S1 (Critical) |
Version: | 1.4.2 | OS: | Linux (CentOS 6.5) |
Assigned to: | CPU Architecture: | Any |
[15 May 2014 9:49]
Shahriyar Rzayev
[15 May 2014 10:59]
MySQL Verification Team
Hello Shahriyar, Thank you for the bug report. Verified as described. Thanks, Umesh
[15 May 2014 11:01]
MySQL Verification Team
Before cloning //Source mysql> select user,host,`password` from mysql.user; +---------------+--------------+-------------------------------------------+ | user | host | password | +---------------+--------------+-------------------------------------------+ | root | localhost | | | ushastry | % | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | ushastry | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | //Destination user privileges mysql> show grants for bug@localhost; +---------------------------------------------------------------------------------------------------------------------+ | Grants for bug@localhost | +---------------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'bug'@'localhost' IDENTIFIED BY PASSWORD '*23AE809DDACAF96AF0FD78ED04B6A265E05AA257' | +---------------------------------------------------------------------------------------------------------------------+ 1 row in set (0.00 sec) // Try to clone mysql-utilities-1.4.2]# scripts/mysqluserclone --source=root@localhost --destination=bug:123@localhost ushastry@localhost ShudNotBThere@localhost --force # Source on localhost: ... connected. # Destination on localhost: ... connected. # Cloning 1 users... # Cloning ushastry@localhost to user ShudNotBThere@localhost ERROR: Query failed. 1045 (28000): Access denied for user 'bug'@'localhost' (using password: YES) After failed attempt(interestingly, destination user doesn't have GRANT OPTION, and that's the reason for error) user is cloned | root | localhost | | | bug | localhost | *23AE809DDACAF96AF0FD78ED04B6A265E05AA257 | | ShudNotBThere | localhost | | Imho - It should not create user on destination host at all considering the fact that user used for connecting remote server doesn't have GRANT option And/Or the error should be more meaningful than just access denied...
[16 Jul 2014 0:57]
Philip Olson
Fixed as of the upcoming MySQL Utilities/Fabric 1.4.4 release, and here's the changelog entry: When cloning a user, the "mysqluserclone" utility did not check if the user of the destination server had the required privileges for a successful operation. Thank you for the bug report.