Bug #75408 | Audit log version not increased | ||
---|---|---|---|
Submitted: | 5 Jan 2015 9:07 | Modified: | 1 Apr 2015 4:16 |
Reporter: | Daniël van Eeden (OCA) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Security: Audit | Severity: | S3 (Non-critical) |
Version: | 5.6.21, 5.6.22, 5.7.6, 5.5.41 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | audit, audit_log, logging, Security, versioning |
[5 Jan 2015 9:07]
Daniël van Eeden
[5 Jan 2015 11:29]
MySQL Verification Team
Hello Daniël, Thank you for the report. Observed that "PLUGIN_VERSION" is constant in 5.5.41/5.6.10/5.622/5.7.6. But PLUGIN_LIBRARY_VERSION changed in major versions, and PLUGIN_TYPE_VERSION in minor versions. Thanks, Umesh
[5 Jan 2015 11:30]
MySQL Verification Team
// 5.6.10 mysql> install plugin audit_log soname 'audit_log.so'; Query OK, 0 rows affected (0.00 sec) mysql> select * from information_schema.plugins where plugin_name='audit_log'\G *************************** 1. row *************************** PLUGIN_NAME: audit_log PLUGIN_VERSION: 0.1 PLUGIN_STATUS: ACTIVE PLUGIN_TYPE: AUDIT PLUGIN_TYPE_VERSION: 3.0 PLUGIN_LIBRARY: audit_log.so PLUGIN_LIBRARY_VERSION: 1.4 PLUGIN_AUTHOR: Oracle PLUGIN_DESCRIPTION: Auditing events logger PLUGIN_LICENSE: PROPRIETARY LOAD_OPTION: ON 1 row in set (0.00 sec) mysql> show global variables like 'audit_log%'; +--------------------------+--------------+ | Variable_name | Value | +--------------------------+--------------+ | audit_log_buffer_size | 1048576 | | audit_log_file | audit.log | | audit_log_flush | OFF | | audit_log_policy | ALL | | audit_log_rotate_on_size | 0 | | audit_log_strategy | ASYNCHRONOUS | +--------------------------+--------------+ 6 rows in set (0.00 sec) // 5.6.22 mysql> install plugin audit_log soname 'audit_log.so'; Query OK, 0 rows affected (0.02 sec) mysql> select * from information_schema.plugins where plugin_name='audit_log'\G *************************** 1. row *************************** PLUGIN_NAME: audit_log PLUGIN_VERSION: 0.1 PLUGIN_STATUS: ACTIVE PLUGIN_TYPE: AUDIT PLUGIN_TYPE_VERSION: 3.1 PLUGIN_LIBRARY: audit_log.so PLUGIN_LIBRARY_VERSION: 1.4 PLUGIN_AUTHOR: Oracle PLUGIN_DESCRIPTION: Auditing events logger PLUGIN_LICENSE: PROPRIETARY LOAD_OPTION: ON 1 row in set (0.00 sec) mysql> show global variables like 'audit_log%'; +-----------------------------+--------------+ | Variable_name | Value | +-----------------------------+--------------+ | audit_log_buffer_size | 1048576 | | audit_log_connection_policy | ALL | | audit_log_current_session | OFF | | audit_log_exclude_accounts | | | audit_log_file | audit.log | | audit_log_flush | OFF | | audit_log_format | OLD | | audit_log_include_accounts | | | audit_log_policy | ALL | | audit_log_rotate_on_size | 0 | | audit_log_statement_policy | ALL | | audit_log_strategy | ASYNCHRONOUS | +-----------------------------+--------------+ 12 rows in set (0.00 sec)
[5 Jan 2015 11:30]
MySQL Verification Team
// 5.7.6 mysql> install plugin audit_log soname 'audit_log.so'; Query OK, 0 rows affected (0.02 sec) mysql> select * from information_schema.plugins where plugin_name='audit_log'\G *************************** 1. row *************************** PLUGIN_NAME: audit_log PLUGIN_VERSION: 0.1 PLUGIN_STATUS: ACTIVE PLUGIN_TYPE: AUDIT PLUGIN_TYPE_VERSION: 3.1 PLUGIN_LIBRARY: audit_log.so PLUGIN_LIBRARY_VERSION: 1.5 PLUGIN_AUTHOR: Oracle PLUGIN_DESCRIPTION: Auditing events logger PLUGIN_LICENSE: PROPRIETARY LOAD_OPTION: ON 1 row in set (0.00 sec) mysql> show global variables like 'audit_log%'; +-----------------------------+--------------+ | Variable_name | Value | +-----------------------------+--------------+ | audit_log_buffer_size | 1048576 | | audit_log_connection_policy | ALL | | audit_log_current_session | OFF | | audit_log_exclude_accounts | | | audit_log_file | audit.log | | audit_log_flush | OFF | | audit_log_format | NEW | | audit_log_include_accounts | | | audit_log_policy | ALL | | audit_log_rotate_on_size | 0 | | audit_log_statement_policy | ALL | | audit_log_strategy | ASYNCHRONOUS | +-----------------------------+--------------+ 12 rows in set (0.00 sec) // 5.5.41 mysql> install plugin audit_log soname 'audit_log.so'; Query OK, 0 rows affected (0.00 sec) mysql> select * from information_schema.plugins where plugin_name='audit_log'\G *************************** 1. row *************************** PLUGIN_NAME: audit_log PLUGIN_VERSION: 0.1 PLUGIN_STATUS: ACTIVE PLUGIN_TYPE: AUDIT PLUGIN_TYPE_VERSION: 3.1 PLUGIN_LIBRARY: audit_log.so PLUGIN_LIBRARY_VERSION: 1.3 PLUGIN_AUTHOR: Oracle PLUGIN_DESCRIPTION: Auditing events logger PLUGIN_LICENSE: PROPRIETARY LOAD_OPTION: ON 1 row in set (0.00 sec) mysql> show global variables like 'audit_log%'; +--------------------------+--------------+ | Variable_name | Value | +--------------------------+--------------+ | audit_log_buffer_size | 1048576 | | audit_log_file | audit.log | | audit_log_flush | OFF | | audit_log_format | OLD | | audit_log_policy | ALL | | audit_log_rotate_on_size | 0 | | audit_log_strategy | ASYNCHRONOUS | +--------------------------+--------------+ 7 rows in set (0.00 sec)
[10 Jan 2015 10:08]
Daniël van Eeden
From which bug would this be a duplicate?
[10 Jan 2015 13:03]
MySQL Verification Team
This is duplicate of internally reported Bug 19502900 - VERSION AUDIT PLUGIN APPROPRIATELY
[1 Apr 2015 4:16]
Erlend Dahl
[22 Feb 2015 18:41] Paul Dubois Noted in 5.6.24 changelog. Many new features were added to the audit log plugin in MySQL 5.6.20, but the version number was not increased. The version has been bumped to 1.1.
[27 Apr 2015 11:35]
Laurynas Biveinis
commit fc3adce401e1d4f4e2c629cbe70f858614572ad4 Author: Ramil Kalimullin <ramil.kalimullin@oracle.com> Date: Sun Feb 15 09:38:23 2015 +0400 Fix for: Bug #19509398 ACCOUNT FILTERING ISN'T APPLIED FOR CONNECTION EVENTS Bug #19509373 NON-ERROR COM_QUIT EVENTS RECORDED INCORRECTLY Bug #19509263 AUDIT_LOG_EVENTS_FILTERED DOESN'T INCLUDE EVENTS FILTERED BASED ON ACCOUNTS Bug #19509336 AUDIT LOG STATISTICS DON'T ADD UP Bug #19502900 VERSION AUDIT PLUGIN APPROPRIATELY Bug #14584292 AUDIT_LOG PLUGIN INITIALISATION FAILED ONCE SERVER CRASHED AND RESTARTED Audit_log code cleanups.