Bug #93252 Default role is not logged into the binary log
Submitted: 20 Nov 2018 2:20 Modified: 30 Jul 2019 14:11
Reporter: JianBing Pan Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Security: Roles Severity:S2 (Serious)
Version:8.0.13,8.0.11 OS:CentOS (CentOS Linux release 7.5.1804 (Core))
Assigned to: CPU Architecture:x86 (Intel(R) Xeon(R) CPU E5-2660 v2 @ 2.20GHz)

[20 Nov 2018 2:20] JianBing Pan 
Description:
MGR info:
+---------------------------+--------------------------------------+--------------+-------------+--------------+-------------+----------------+
| CHANNEL_NAME              | MEMBER_ID                            | MEMBER_HOST  | MEMBER_PORT | MEMBER_STATE | MEMBER_ROLE | MEMBER_VERSION |
+---------------------------+--------------------------------------+--------------+-------------+--------------+-------------+----------------+
| group_replication_applier | 467ce377-7dde-11e8-a16e-005056a928af | 10.1.116.122 |        3306 | ONLINE       | SECONDARY   | 8.0.13         |
| group_replication_applier | 4980ec5d-7dde-11e8-92cc-005056a95e1d | 10.1.116.123 |        3306 | ONLINE       | PRIMARY     | 8.0.13         |
| group_replication_applier | 8f47d045-7ddc-11e8-9c46-005056a963a3 | 10.1.116.121 |        3306 | ONLINE       | SECONDARY   | 8.0.13         |
+---------------------------+--------------------------------------+--------------+-------------+--------------+-------------+----------------+

create user JianBing identified with mysql_native_password by 'mysql' default role role_read;
primary:
mysql> show grants for JianBing;
+-----------------------------------------+
| Grants for JianBing@%                   |
+-----------------------------------------+
| GRANT USAGE ON *.* TO `JianBing`@`%`    |
| GRANT `role_read`@`%` TO `JianBing`@`%` |
+-----------------------------------------+

SECONDARY:
mysql> show grants for JianBing;
+--------------------------------------+
| Grants for JianBing@%                |
+--------------------------------------+
| GRANT USAGE ON *.* TO `JianBing`@`%` |
+--------------------------------------+

How to repeat:
mail: JianBing.Pan@hotmail.com
[20 Nov 2018 10:20] MySQL Verification Team 
Hello JianBing Pan,

Thank you for the report!

regards,
Umesh
[30 Jul 2019 14:11] Paul DuBois 
Posted by developer:
 
Fixed in 8.0.18.

The DEFAULT ROLE option for CREATE USER statements was not written to
the binary log.