Bug #87204 keyring_aws.so and variables are missing
Submitted: 26 Jul 2017 12:00 Modified: 10 Aug 2017 13:19
Reporter: Shinya Sugiyama Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Packaging Severity:S3 (Non-critical)
Version:5.7.19 OS:Any
Assigned to: CPU Architecture:Any

[26 Jul 2017 12:00] Shinya Sugiyama 
Description:
It seems MySQL5.7.19 doesn't contain keyring_aws related plugin and variables.

Confirmed Package: mysql-advanced-5.7.19-linux-glibc2.12-x86_64.tar.gz

Release note
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html#mysqld-5-7-19-security

MySQL Enterprise Edition now includes a keyring_aws plugin that communicates with the Amazon Web Services Key Management Service as a back end for key generation and uses a local file for key storage. For more information, see The MySQL Keyring. 

Online Manual
https://dev.mysql.com/doc/refman/5.7/en/keyring-installation.html

keyring_aws: A plugin that communicates with the Amazon Web Services Key Management Service as a back end for key generation and uses a local file for key storage. Available in MySQL Enterprise Edition distributions as of MySQL 5.7.19. 

https://dev.mysql.com/doc/refman/5.7/en/keyring-aws-plugin.html#keyring-aws-plugin-configu...

Related Variables

[mysqld]
early-plugin-load=keyring_aws.so
keyring_aws_conf_file=/usr/local/mysql/mysql-keyring/keyring_aws_conf
keyring_aws_data_file=/usr/local/mysql/mysql-keyring/keyring_aws_data

How to repeat:
[root@misc01 local]# ls -l /usr/local/mysql/lib/plugin/keyring*
-rwxr-xr-x. 1 root 31415  801520  6月 22 23:35 /usr/local/mysql/lib/plugin/keyring_file.so
-rwxr-xr-x. 1 root 31415 3965126  6月 22 23:34 /usr/local/mysql/lib/plugin/keyring_okv.so
-rwxr-xr-x. 1 root 31415  291286  6月 22 23:35 /usr/local/mysql/lib/plugin/keyring_udf.so
[root@misc01 local]# 

root@localhost [REPLI]> select @@version;
+-------------------------------------------+
| @@version                                 |
+-------------------------------------------+
| 5.7.19-enterprise-commercial-advanced-log |
+-------------------------------------------+
1 row in set (0.00 sec)

root@localhost [REPLI]> show variables like 'key%';
+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| key_buffer_size          | 8388608                    |
| key_cache_age_threshold  | 300                        |
| key_cache_block_size     | 1024                       |
| key_cache_division_limit | 100                        |
| keyring_file_data        | /usr/local/TDE_KEY/keyring |
+--------------------------+----------------------------+
5 rows in set (0.01 sec)

Suggested fix:
Please update the package.
[27 Jul 2017 7:26] MySQL Verification Team 
Hello Shinya Sugiyama,

Thank you for the report.

Thanks,
Umesh
[27 Jul 2017 8:07] MySQL Verification Team 
Related - Bug #87220
[10 Aug 2017 13:19] Paul DuBois 
Posted by developer:
 
Updated https://dev.mysql.com/doc/refman/5.7/en/keyring-aws-plugin.html