Skip to content

Grant different privilege on same user will cause saltstack state fail #54757

@qiuchengxuan

Description

@qiuchengxuan

Description of Issue

the first state with ALL PREVILEGES will result in

2019-09-26 14:46:36,370 [salt.loaded.int.module.mysql:1940][DEBUG   ][6621] grants mismatch '{'user': '`user1`', 'database': '*.*', 'host': '`localhost`', 'grant': ['REPLICAT
ION SLAVE', 'REPLICATION CLIENT']}'<>'{'user': 'user1', 'host': 'localhost', 'grant': ['ALTER', 'ALTER ROUTINE', 'BACKUP_ADMIN', 'BINLOG_ADMIN', 'CONNECTION_ADMIN', 'CREATE',
 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER', 'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'ENCRYPTION_KEY_ADMIN', 'EVENT'
, 'EXECUTE', 'FILE', 'GROUP_REPLICATION_ADMIN', 'INDEX', 'INSERT', 'LOCK TABLES', 'PERSIST_RO_VARIABLES_ADMIN', 'PROCESS', 'REFERENCES', 'RELOAD', 'REPLICATION CLIENT', 'REPL
ICATION SLAVE', 'REPLICATION_SLAVE_ADMIN', 'RESOURCE_GROUP_ADMIN', 'RESOURCE_GROUP_USER', 'ROLE_ADMIN', 'SELECT', 'SET_USER_ID', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'S
UPER', 'SYSTEM_VARIABLES_ADMIN', 'TRIGGER', 'UPDATE', 'XA_RECOVER_ADMIN'], 'database': '`db1`.*'}'

because two more grants REPLICATION SLAVE and REPLICATION CLIENT presents

Setup

user1@localhost:
  mysql_grants.present:
    - grant: ALL PRIVILEGES
    - database: db1.*
    - user: user1
    - host: localhost
    - run_verify: False
 
Replication for user1@localhost:
  mysql_grants.present:
    - grant: REPLICATION CLIENT, REPLICATION SLAVE
    - database: '*.*'
    - user: user1
    - host: localhost
    - run_verify: False

Steps to Reproduce Issue

Just state.apply

Versions Report

[root@nsp-controller ~]# salt --versions-report
Salt Version:
           Salt: 2019.2.1

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8.1
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: 0.33.0
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.5.6
   mysql-python: 1.3.12
      pycparser: Not Installed
       pycrypto: Not Installed
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 3.6.8 (default, Aug  7 2019, 17:28:10)
   python-gnupg: Not Installed
         PyYAML: 3.12
          PyZMQ: 15.3.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.4.2
            ZMQ: 4.1.4

System Versions:
           dist: centos 7.7.1908 Core
         locale: UTF-8
        machine: x86_64
        release: 3.10.0-327.el7.x86_64
         system: Linux
        version: CentOS Linux 7.7.1908 Core

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugbroken, incorrect, or confusing behaviorseverity-medium3rd level, incorrect or bad functionality, confusing and lacks a work around

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions