Bug #99903 MySQL shell upgrade checker not checking for sql_mode NO_AUTO_CREATE_USER flag
Submitted: 16 Jun 2020 21:54 Modified: 8 Jul 2020 15:02
Reporter: cPanel, LLC Senior Tech's Email Updates:
Status: Closed Impact on me:
None 
Category:Shell Upgrade Checker Severity:S3 (Non-critical)
Version:8.0.20, 8.0.18 OS:CentOS
Assigned to: CPU Architecture:x86

[16 Jun 2020 21:54] cPanel, LLC Senior Tech's
Description:
In https://bugs.mysql.com/bug.php?id=9635 it was mentioned that in MySQL shell upgrade checker version 8.0.18, this would check for NO_AUTO_CREATE_USER flag (not valid in MySQL 8 anymore) in sql_mode using MySQL Shell ChangeLog 8.0.18:

https://dev.mysql.com/doc/relnotes/mysql-shell/8.0/en/news-8-0-18.html

- The checks for obsolete sql_mode flags now check the global sql_mode setting.

The mysql-shell RPM ChangeLog shows the last version as 8.0.17-1:

===

[root@centos7 centos]# rpm -q --changelog mysql-shell
* Thu May 16 2019 Balasubramanian Kandasamy <balasubramanian.kandasamy@oracle.com> - 8.0.17-1
- Enable debug binaries for sles12 and opensuse15
* Mon Oct 08 2018 Rene Ramirez <j.rene.ramirez@oracle.com> - 8.0.14
- Update to use mysql server bundled protobuf if no specific is defined.
* Fri May 18 2018 Pawel Andruszkiewicz <pawel.andruszkiewicz@oracle.com> - 8.0.12
- Add login-path helper.
* Sun Dec 17 2017 Kent Boortz <kent.boortz@oracle.com> - 8.0.4-1
- License file is now always named "LICENSE"
* Wed Nov 01 2017 Alfredo Kojima <alfredo.kengi.kojima@oracle.com> - 8.0.4-1
- Remove Connector/Python dependency
* Thu May 04 2017 Alfredo Kojima <alfredo.kengi.kojima@oracle.com> - 1.0.8-1
- Remove libedit dependency, add sample prompt files
* Mon Mar 13 2017 Alfredo Kojima <alfredo.kengi.kojima@oracle.com> - 1.0.8-1
- Updated for mysqlprovision build change
* Thu Sep 01 2016 Balasubramanian Kandasamy <balasubramanian.kandasamy@oracle.com> - 1.0.5-0.1
- Updated for 1.0.5 labs release
* Wed Mar 23 2016 Alfredo Kojima <alfredo.kengi.kojima@oracle.com> - 1.0.3-1
- updated for 1.0.3, bug fixes
* Mon Mar 14 2016 Kent Boortz <kent.boortz@oracle.com> - 1.0.2.8-1
- initial package

===

Though the version of the RPM installed is 8.0.20:

===

[root@centos7 centos]# yum info mysql-shell
Loaded plugins: fastestmirror, universal-hooks
Determining fastest mirrors
 * EA4: 184.94.196.94
 * cpanel-addons-production-feed: 184.94.196.94
 * cpanel-plugins: 184.94.196.94
 * epel: pubmirror1.math.uh.edu
Installed Packages
Name        : mysql-shell
Arch        : x86_64
Version     : 8.0.20
Release     : 1.el7
Size        : 121 M
Repo        : installed
From repo   : mysql-tools-community
Summary     : Command line shell and scripting environment for MySQL
URL         : http://dev.mysql.com/
License     : GPLv2
Description : MySQL Shell (part of MySQL Server) 8.0
            : a query and administration shell client and framework.

===

I tried to install MySQL shell 8.0.20 on a server with MySQL 5.7 and had the same results:

===

[root@centos7 bin]# ./mysqlsh --socket=/tmp/mysql.sock -e "util.checkForServerUpgrade()"
Please provide the password for 'root@/tmp%2Fmysql.sock': *************************
Save password for 'root@/tmp%2Fmysql.sock'? [Y]es/[N]o/Ne[v]er (default No): n
The MySQL server at /tmp%2Fmysql.sock, version 5.7.30 - MySQL Community Server
(GPL), will now be checked for compatibility issues for upgrade to MySQL
8.0.20...
1) Usage of old temporal type
  No issues found
2) Usage of db objects with names conflicting with new reserved keywords
  No issues found
3) Usage of utf8mb3 charset
  No issues found
4) Table names in the mysql schema conflicting with new tables in 8.0
  No issues found
5) Partitioned tables using engines with non native partitioning
  No issues found
6) Foreign key constraint names longer than 64 characters
  No issues found
7) Usage of obsolete MAXDB sql_mode flag
  No issues found
8) Usage of obsolete sql_mode flags
  No issues found
9) ENUM/SET column definitions containing elements longer than 255 characters
  No issues found
10) Usage of partitioned tables in shared tablespaces
  No issues found
11) Circular directory references in tablespace data file paths
  No issues found
12) Usage of removed functions
  No issues found
13) Usage of removed GROUP BY ASC/DESC syntax
  No issues found
14) Removed system variables for error logging to the system log configuration
  To run this check requires full path to MySQL server configuration file to be specified at 'configPath' key of options dictionary
  More information:
    https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-13.html#mysqld-8-0-13-logging
15) Removed system variables
  To run this check requires full path to MySQL server configuration file to be specified at 'configPath' key of options dictionary
  More information:
    https://dev.mysql.com/doc/refman/8.0/en/added-deprecated-removed.html#optvars-removed
16) System variables with new default values
  To run this check requires full path to MySQL server configuration file to be specified at 'configPath' key of options dictionary
  More information:
    https://mysqlserverteam.com/new-defaults-in-mysql-8-0/
17) Zero Date, Datetime, and Timestamp values
  No issues found
18) Schema inconsistencies resulting from file removal or corruption
  No issues found
19) Tables recognized by InnoDB that belong to a different engine
  No issues found
20) Issues reported by 'check table x for upgrade' command
  No issues found
21) New default authentication plugin considerations
  Warning: The new default authentication plugin 'caching_sha2_password' offers
    more secure password hashing than previously used 'mysql_native_password'
    (and consequent improved client connection authentication). However, it also
    has compatibility implications that may affect existing MySQL installations.
    If your MySQL installation must serve pre-8.0 clients and you encounter
    compatibility issues after upgrading, the simplest way to address those
    issues is to reconfigure the server to revert to the previous default
    authentication plugin (mysql_native_password). For example, use these lines
    in the server option file:
    [mysqld]
    default_authentication_plugin=mysql_native_password
    However, the setting should be viewed as temporary, not as a long term or
    permanent solution, because it causes new accounts created with the setting
    in effect to forego the improved authentication security.
    If you are using replication please take time to understand how the
    authentication plugin changes may impact you.
  More information:
    https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-cachin...
    https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-cachin...
Errors:   0
Warnings: 1
Notices:  0
No fatal errors were found that would prevent an upgrade, but some potential issues were detected. Please ensure that the reported issues are not significant before upgrading.

===

How to repeat:
1) Install MySQL 5.7.
2) In /etc/my.cnf add:

sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

3) Restart MySQL.

Suggested fix:
MySQL checker should check for NO_AUTO_CREATE_USER in sql_mode.
[17 Jun 2020 6:11] MySQL Verification Team
Hello!

Thank you for the report and feedback.

regards,
Umesh
[17 Jun 2020 12:51] cPanel, LLC Senior Tech's
I can't figure out how to edit my original submission (the description part), but the older MySQL bug report I referenced was wrong. It should be:

https://bugs.mysql.com/bug.php?id=96351
[8 Jul 2020 15:02] Margaret Fisher
Posted by developer:
 
Changelog entry added for MySQL Shell 8.0.22:

MySQL Shell's upgrade checker utility checkForServerUpgrade() now checks for the obsolete NO_AUTO_CREATE_USER SQL mode.