Skip to content

Commit 47dccac

Browse files
committed
MDEV-29596 Separate SUPER and READ ONLY ADMIN privileges
The benefit of this is that one can remove the READ ONLY ADMIN privilege from all users and this way ensure that no one can do any changes on any non-temporary tables. This is good option to use on slaves when one wants to ensure that the slave is kept identical to the master.
1 parent 49cee4e commit 47dccac

File tree

5 files changed

+19
-6
lines changed

5 files changed

+19
-6
lines changed

mysql-test/main/grant_read_only.result

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ SET @@GLOBAL.read_only=0;
4646
DROP USER user1@localhost;
4747
DROP TABLE t1;
4848
#
49-
# Test that @@read_only is ignored with SUPER
49+
# Test that @@read_only is not ignored with SUPER
5050
#
5151
CREATE TABLE t1 (a INT);
5252
CREATE USER user1@localhost IDENTIFIED BY '';
@@ -61,7 +61,13 @@ SELECT @@read_only;
6161
@@read_only
6262
1
6363
UPDATE t1 SET a=11 WHERE a=10;
64+
ERROR HY000: The MariaDB server is running with the --read-only option so it cannot execute this statement
6465
DELETE FROM t1 WHERE a=11;
66+
ERROR HY000: The MariaDB server is running with the --read-only option so it cannot execute this statement
67+
connection default;
68+
grant read only admin on *.* to user1@localhost;
69+
disconnect con1;
70+
connect con1,localhost,user1,,;
6571
INSERT INTO t1 VALUES (20);
6672
disconnect con1;
6773
connection default;

mysql-test/main/grant_read_only.test

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ DROP TABLE t1;
5555

5656

5757
--echo #
58-
--echo # Test that @@read_only is ignored with SUPER
58+
--echo # Test that @@read_only is not ignored with SUPER
5959
--echo #
6060

6161
CREATE TABLE t1 (a INT);
@@ -68,8 +68,14 @@ SET @@GLOBAL.read_only=1;
6868
connect (con1,localhost,user1,,);
6969
connection con1;
7070
SELECT @@read_only;
71+
--error ER_OPTION_PREVENTS_STATEMENT
7172
UPDATE t1 SET a=11 WHERE a=10;
73+
--error ER_OPTION_PREVENTS_STATEMENT
7274
DELETE FROM t1 WHERE a=11;
75+
connection default;
76+
grant read only admin on *.* to user1@localhost;
77+
disconnect con1;
78+
connect (con1,localhost,user1,,);
7379
INSERT INTO t1 VALUES (20);
7480
disconnect con1;
7581

mysql-test/main/mysqld--help.result

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1003,7 +1003,7 @@ The following specify which files/extra groups are read (specified before remain
10031003
value
10041004
--read-only Make all non-temporary tables read-only, with the
10051005
exception for replication (slave) threads and users with
1006-
the SUPER privilege
1006+
the 'READ ONLY ADMIN' privilege
10071007
--read-rnd-buffer-size=#
10081008
When reading rows in sorted order after a sort, the rows
10091009
are read through this buffer to avoid a disk seeks

sql/privilege.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -390,10 +390,10 @@ constexpr privilege_t PRIV_SET_SYSTEM_GLOBAL_VAR_SYNC_BINLOG=
390390

391391
/* Privileges related to --read-only */
392392
// Was super prior to 10.5.2
393-
constexpr privilege_t PRIV_IGNORE_READ_ONLY= READ_ONLY_ADMIN_ACL | SUPER_ACL;
393+
constexpr privilege_t PRIV_IGNORE_READ_ONLY= READ_ONLY_ADMIN_ACL;
394394
// Was super prior to 10.5.2
395395
constexpr privilege_t PRIV_SET_SYSTEM_GLOBAL_VAR_READ_ONLY=
396-
READ_ONLY_ADMIN_ACL | SUPER_ACL;
396+
READ_ONLY_ADMIN_ACL;
397397

398398
/*
399399
Privileges related to connection handling.

sql/sys_vars.cc

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3030,7 +3030,8 @@ static Sys_var_on_access_global<Sys_var_mybool,
30303030
Sys_readonly(
30313031
"read_only",
30323032
"Make all non-temporary tables read-only, with the exception for "
3033-
"replication (slave) threads and users with the SUPER privilege",
3033+
"replication (slave) threads and users with the 'READ ONLY ADMIN' "
3034+
"privilege",
30343035
GLOBAL_VAR(read_only), CMD_LINE(OPT_ARG), DEFAULT(FALSE),
30353036
NO_MUTEX_GUARD, NOT_IN_BINLOG,
30363037
ON_CHECK(check_read_only), ON_UPDATE(fix_read_only));

0 commit comments

Comments
 (0)