Bug #72896 | mysql_upgrade calls mysqlcheck again after flush privileges | ||
---|---|---|---|
Submitted: | 6 Jun 2014 7:32 | Modified: | 10 Jun 2014 9:02 |
Reporter: | Peiran Song | Email Updates: | |
Status: | Analyzing | Impact on me: | |
Category: | MySQL Server: Installing | Severity: | S3 (Non-critical) |
Version: | 5.6.17 | OS: | Any |
Assigned to: | CPU Architecture: | Any |
[6 Jun 2014 7:32]
Peiran Song
[9 Jun 2014 12:12]
MySQL Verification Team
Hello Peiran, Thank you for the report. I didn't see this issue when upgrading from 5.5.38 to 5.6.17 and to 5.6.20. Could you please tell me how you are starting 5.6? Also, pass on the conf file you are using for both 5.5.x and 5.6.17. // 5.5.38 -> 5.6.20 (1) Stopped, 5.5.38, 5.6.20's datadir pointed to the one used in 5.5.38, started with bin/mysqld_safe --defaults-file=/path/to/my.cnf --skip-grant-tables --user=<user_Name> & [root@cluster-repo mysql-advanced-5.6.20]# bin/mysql_upgrade --defaults-file=./my.cnf --verbose Looking for 'mysql' as: bin/mysql Looking for 'mysqlcheck' as: bin/mysqlcheck Running 'mysqlcheck with default connection arguments Running 'mysqlcheck with default connection arguments mysql.columns_priv OK mysql.db OK mysql.event OK mysql.func OK mysql.general_log OK mysql.help_category OK mysql.help_keyword OK mysql.help_relation OK mysql.help_topic OK mysql.host OK mysql.innodb_index_stats OK mysql.innodb_table_stats OK mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK mysql.proxies_priv OK mysql.servers OK mysql.slave_master_info OK mysql.slave_relay_log_info OK mysql.slave_worker_info OK mysql.slow_log OK mysql.tables_priv OK mysql.time_zone OK mysql.time_zone_leap_second OK mysql.time_zone_name OK mysql.time_zone_transition OK mysql.time_zone_transition_type OK mysql.user OK Running 'mysql_fix_privilege_tables'... Running 'mysqlcheck with default connection arguments Running 'mysqlcheck with default connection arguments test.t1 OK OK // 5.5.38 -> 5.6.17 [root@cluster-repo mysql-5.6.17]# bin/mysql_upgrade --defaults-file=./my.cnf --verbose Looking for 'mysql' as: bin/mysql Looking for 'mysqlcheck' as: bin/mysqlcheck Running 'mysqlcheck with default connection arguments Running 'mysqlcheck with default connection arguments mysql.columns_priv OK mysql.db OK mysql.event OK mysql.func OK mysql.general_log OK mysql.help_category OK mysql.help_keyword OK mysql.help_relation OK mysql.help_topic OK mysql.host OK mysql.innodb_index_stats OK mysql.innodb_table_stats OK mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK mysql.proxies_priv OK mysql.servers OK mysql.slave_master_info OK mysql.slave_relay_log_info OK mysql.slave_worker_info OK mysql.slow_log OK mysql.tables_priv OK mysql.time_zone OK mysql.time_zone_leap_second OK mysql.time_zone_name OK mysql.time_zone_transition OK mysql.time_zone_transition_type OK mysql.user OK Running 'mysql_fix_privilege_tables'... Running 'mysqlcheck with default connection arguments Running 'mysqlcheck with default connection arguments test.t1 OK OK ============ Thanks, Umesh
[10 Jun 2014 8:28]
Peiran Song
Hi Umesh, Thanks for testing. The reason that your command succeeded was that you likely have user/password stored in ./my.cnf file. Though grant table was back in effect, the mysqlcheck was still able to connect with the stored credential. If you don't specify defaults file, for example, run the program as "root", you will see the error. One note, your mysql "root" user's password must not be empty to be able to fail the connection. If you compare the mysql_upgrade output from 5.5 and 5.6, you will notice that with 5.5, mysqlcheck is only called at the beginning of mysql_upgrade, while with 5.6, it was called again after Running 'mysql_fix_privilege_tables'. The problem is that at that time, "flush privileges" has been issued and grant table is back in effect. It is ok if mysql_upgrade requires a defaults file to define user/password, but that would be a new thing in 5.6 and better to be specified in the manual, I think. Thanks, Peiran
[1 Dec 2014 15:13]
MySQL Verification Team
See also http://bugs.mysql.com/bug.php?id=40717 for similar behavior flush privs turns on grant checking with skip-grant-tables