Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql: fill in required privileges at Validate time. #24390

Merged
merged 1 commit into from
Apr 1, 2018
Merged

sql: fill in required privileges at Validate time. #24390

merged 1 commit into from
Apr 1, 2018

Conversation

mberhault
Copy link
Contributor

Fixes #24382

We now call MaybeFixPrivileges directly in Validate to avoid any cases
of missed descriptors (occurring in mixed-versions settings).
This can be removed once 2.1 has a repeated migration to fix privileges,
in which case mixed-version will be 2.0 and generate good descriptors
anyway.

We may even want to wait until 2.2 if we want guarantees that noone can
fail validation while migrations are running.

This needs to be cherry-picked into 2.0 as this affects rolling
upgrades.

Release note: sql change: always fill in minimum required privileges.

@mberhault mberhault requested review from a team March 31, 2018 20:23
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@mberhault mberhault requested a review from benesch March 31, 2018 20:23
sql: fill in required privileges at Validate time.
1c6b558 
Fixes cockroachdb#24382

We now call MaybeFixPrivileges directly in Validate to avoid any cases
of missed descriptors (occurring in mixed-versions settings).
This can be removed once 2.1 has a repeated migration to fix privileges,
in which case mixed-version will be 2.0 and generate good descriptors
anyway.

We may even want to wait until 2.2 if we want guarantees that noone can
fail validation while migrations are running.

This needs to be cherry-picked into 2.0 as this affects rolling
upgrades.

Release note: sql change: always fill in minimum required privileges.
@mberhault mberhault force-pushed the marc/fix_privileges_in_validate branch from 9f07f29 to 1c6b558 Compare March 31, 2018 20:59
@benesch
Copy link
Contributor

benesch commented Mar 31, 2018

:lgtm:

Reviewed 4 of 4 files at r1.
Review status: :shipit: all files reviewed at latest revision, all discussions resolved, all commit checks successful.

Comments from Reviewable

@mberhault
Copy link
Contributor Author

TFTR! cherry-pick coming soon.

@mberhault mberhault merged commit 0dec51d into cockroachdb:master Apr 1, 2018
@mberhault mberhault deleted the marc/fix_privileges_in_validate branch April 1, 2018 02:52
@mberhault mberhault mentioned this pull request Apr 1, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benesch benesch Awaiting requested review from benesch

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Root user can't access database after upgrading to 2.0-release due to privilege problem.
3 participants
@mberhault @cockroach-teamcity @benesch