diff options
| author | Alexey Botchkov <holyfoot@askmonty.org> | 2021-03-27 22:54:18 +0400 |
|---|---|---|
| committer | Alexey Botchkov <holyfoot@askmonty.org> | 2021-03-29 16:59:34 +0400 |
| commit | 94dea8ef5b9805fe368972c812183ec365084b87 (patch) | |
| tree | 6ad8173c610c72591a0984f4adeb49830109dbd4 | |
| parent | c0ca3c4ffa45042d608e55326036443e8c4f600d (diff) | |
| download | mariadb-git-94dea8ef5b9805fe368972c812183ec365084b87.tar.gz | |
MDEV-25457 CREATE / DROP PROCEDURE not logged with audit plugin.
CREATE/DROP PROCEDIRE/FUNCTION is now treated as DDL.
| -rw-r--r-- | mysql-test/suite/plugins/r/server_audit.result | 15 | ||||
| -rw-r--r-- | mysql-test/suite/plugins/t/server_audit.test | 10 | ||||
| -rw-r--r-- | plugin/server_audit/server_audit.c | 6 |
3 files changed, 26 insertions, 5 deletions
diff --git a/mysql-test/suite/plugins/r/server_audit.result b/mysql-test/suite/plugins/r/server_audit.result index 3fce3346f29..b82b38f4f0a 100644 --- a/mysql-test/suite/plugins/r/server_audit.result +++ b/mysql-test/suite/plugins/r/server_audit.result @@ -118,6 +118,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123'; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; SET PASSWORD FOR u1 = PASSWORD('pwd 098'); CREATE USER u3 IDENTIFIED BY ''; +ALTER USER u3 IDENTIFIED BY 'pwd-456'; drop user u1, u2, u3; set global server_audit_events='query_ddl'; create table t1(id int); @@ -139,6 +140,10 @@ select 2; 2 2 drop table t1; +create procedure pr1() insert into test.t1 values ("foo", 42); +create function fn1(i int) returns int deterministic return i+1; +drop procedure pr1; +drop function fn1; set global server_audit_events='query_ddl,query_dml'; create table t1(id int); insert into t1 values (1), (2); @@ -210,6 +215,10 @@ select 2; 2 2 drop table t1; +create procedure pr1() insert into test.t1 values ("foo", 42); +create function fn1(i int) returns int deterministic return i+1; +drop procedure pr1; +drop function fn1; set global server_audit_events='table'; set global server_audit_incl_users='user1'; create user user1@localhost; @@ -382,6 +391,8 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping, TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0 TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,user, +TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'ALTER USER u3 IDENTIFIED BY \'pwd-456\'',0 +TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,user, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv, @@ -391,6 +402,10 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping, TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop table t1',0 +TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create procedure pr1() insert into test.t1 values ("foo", 42)',0 +TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create function fn1(i int) returns int deterministic return i+1',0 +TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop procedure pr1',0 +TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop function fn1',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'insert into t1 values (1), (2)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select * from t1',0 diff --git a/mysql-test/suite/plugins/t/server_audit.test b/mysql-test/suite/plugins/t/server_audit.test index fa5bd7e1349..eba3e5d6770 100644 --- a/mysql-test/suite/plugins/t/server_audit.test +++ b/mysql-test/suite/plugins/t/server_audit.test @@ -95,6 +95,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123'; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; SET PASSWORD FOR u1 = PASSWORD('pwd 098'); CREATE USER u3 IDENTIFIED BY ''; +ALTER USER u3 IDENTIFIED BY 'pwd-456'; drop user u1, u2, u3; set global server_audit_events='query_ddl'; @@ -106,6 +107,11 @@ select 2; /*! select 2*/; /*comment*/ select 2; drop table t1; +create procedure pr1() insert into test.t1 values ("foo", 42); +create function fn1(i int) returns int deterministic return i+1; +drop procedure pr1; +drop function fn1; + set global server_audit_events='query_ddl,query_dml'; create table t1(id int); insert into t1 values (1), (2); @@ -145,6 +151,10 @@ insert into t1 values (1), (2); select * from t1; select 2; drop table t1; +create procedure pr1() insert into test.t1 values ("foo", 42); +create function fn1(i int) returns int deterministic return i+1; +drop procedure pr1; +drop function fn1; set global server_audit_events='table'; set global server_audit_incl_users='user1'; diff --git a/plugin/server_audit/server_audit.c b/plugin/server_audit/server_audit.c index 47878e2e667..666c928d7cc 100644 --- a/plugin/server_audit/server_audit.c +++ b/plugin/server_audit/server_audit.c @@ -15,7 +15,7 @@ #define PLUGIN_VERSION 0x104 -#define PLUGIN_STR_VERSION "1.4.9" +#define PLUGIN_STR_VERSION "1.4.12" #define _my_thread_var loc_thread_var @@ -854,12 +854,8 @@ struct sa_keyword keywords_to_skip[]= struct sa_keyword not_ddl_keywords[]= { - {4, "DROP", &function_word, SQLCOM_QUERY_ADMIN}, - {4, "DROP", &procedure_word, SQLCOM_QUERY_ADMIN}, {4, "DROP", &user_word, SQLCOM_DCL}, {6, "CREATE", &user_word, SQLCOM_DCL}, - {6, "CREATE", &function_word, SQLCOM_QUERY_ADMIN}, - {6, "CREATE", &procedure_word, SQLCOM_QUERY_ADMIN}, {6, "RENAME", &user_word, SQLCOM_DCL}, {0, NULL, 0, SQLCOM_DDL} }; |