Bug #79374 user `mysql.sys` is removed from docker deployment
Submitted: 21 Nov 2015 19:03 Modified: 22 Jan 2016 16:27
Reporter: Giuseppe Maxia (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Package Repos Severity:S2 (Serious)
Version:5.7.9 OS:Linux (docker)
Assigned to: Lars Tangvald CPU Architecture:Any
Tags: container, docker, installation

[21 Nov 2015 19:03] Giuseppe Maxia 
Description:
The docker image released by the mysql team comes with the user `mysql.sys` missing from the privileges table.

According to the documentation, this user is needed as the definer of the object in the sys schema:  https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html

However, the entrypoint script operates a full "delete from mysql.users;" which removes thie user that was created during initialization.
 https://github.com/mysql/mysql-docker/blob/mysql-server/5.7/docker-entrypoint.sh

How to repeat:
Run the image mysql/myasl-server in docker .
Check the users in mysql.user.

Suggested fix:
In the entrypoint script, change

DELETE FROM mysql.user ;

to

DELETE FROM mysql.user where user != 'mysql.sys';
[25 Nov 2015 10:05] Lars Tangvald 
Posted by developer:
 
mysql.sys user should be preserved during image init now.
[25 Nov 2015 20:56] Giuseppe Maxia 
whit image ID 0ca0ba9a21ac, the user is preserved:

mysql> select * from user where user != 'root'\G
*************************** 1. row ***************************
                  Host: localhost
                  User: mysql.sys
           Select_priv: N
           Insert_priv: N
           Update_priv: N
           Delete_priv: N
           Create_priv: N
             Drop_priv: N
           Reload_priv: N
         Shutdown_priv: N
          Process_priv: N
             File_priv: N
            Grant_priv: N
       References_priv: N
            Index_priv: N
            Alter_priv: N
          Show_db_priv: N
            Super_priv: N
 Create_tmp_table_priv: N
      Lock_tables_priv: N
          Execute_priv: N
       Repl_slave_priv: N
      Repl_client_priv: N
      Create_view_priv: N
        Show_view_priv: N
   Create_routine_priv: N
    Alter_routine_priv: N
      Create_user_priv: N
            Event_priv: N
          Trigger_priv: N
Create_tablespace_priv: N
              ssl_type:
            ssl_cipher:
           x509_issuer:
          x509_subject:
         max_questions: 0
           max_updates: 0
       max_connections: 0
  max_user_connections: 0
                plugin: mysql_native_password
 authentication_string: *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE
      password_expired: N
 password_last_changed: 2015-11-25 20:42:31
     password_lifetime: NULL
        account_locked: Y
1 row in set (0.00 sec)

mysql> select * from db\G
*************************** 1. row ***************************
                 Host: localhost
                   Db: sys
                 User: mysql.sys
          Select_priv: N
          Insert_priv: N
          Update_priv: N
          Delete_priv: N
          Create_priv: N
            Drop_priv: N
           Grant_priv: N
      References_priv: N
           Index_priv: N
           Alter_priv: N
Create_tmp_table_priv: N
     Lock_tables_priv: N
     Create_view_priv: N
       Show_view_priv: N
  Create_routine_priv: N
   Alter_routine_priv: N
         Execute_priv: N
           Event_priv: N
         Trigger_priv: Y
1 row in set (0.00 sec)

mysql> select * from tables_priv\G
*************************** 1. row ***************************
       Host: localhost
         Db: sys
       User: mysql.sys
 Table_name: sys_config
    Grantor: root@localhost
  Timestamp: 2015-11-25 20:42:31
 Table_priv: Select
Column_priv:
1 row in set (0.00 sec)
[25 Nov 2015 20:58] Giuseppe Maxia 
Thanks for the quick action. AFAIC, this bug can be closed.