diff options
| author | Georgi Kodinov <Georgi.Kodinov@Oracle.com> | 2010-08-09 11:32:50 +0300 |
|---|---|---|
| committer | Georgi Kodinov <Georgi.Kodinov@Oracle.com> | 2010-08-09 11:32:50 +0300 |
| commit | 97057115962d9dfbe989c799cff089aec5cbcc60 (patch) | |
| tree | 55fa1ceccae107e55c0295dfe2174d04d41583fb /mysql-test | |
| parent | 81906cdf3805fe5fcea47fef11945f9adbcef4d8 (diff) | |
| download | mariadb-git-97057115962d9dfbe989c799cff089aec5cbcc60.tar.gz | |
WL#1054: Pluggable authentication support
Merged the implementation to a new base tree.
Diffstat (limited to 'mysql-test')
51 files changed, 2484 insertions, 131 deletions
diff --git a/mysql-test/include/have_plugin_auth.inc b/mysql-test/include/have_plugin_auth.inc new file mode 100644 index 00000000000..41f11419c64 --- /dev/null +++ b/mysql-test/include/have_plugin_auth.inc @@ -0,0 +1,4 @@ +disable_query_log; +--require r/true.require +select (PLUGIN_LIBRARY LIKE 'auth_test_plugin%') as `TRUE` FROM INFORMATION_SCHEMA.PLUGINS + WHERE PLUGIN_NAME='test_plugin_server'; diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl index 1a574fe6e6b..a23a8ee7261 100755 --- a/mysql-test/mysql-test-run.pl +++ b/mysql-test/mysql-test-run.pl @@ -126,6 +126,9 @@ my $path_vardir_trace; # unix formatted opt_vardir for trace files my $opt_tmpdir; # Path to use for tmp/ dir my $opt_tmpdir_pid; +my $auth_filename; # the name of the authentication test plugin +my $auth_plugin; # the path to the authentication test plugin + END { if ( defined $opt_tmpdir_pid and $opt_tmpdir_pid == $$ ) { @@ -1025,6 +1028,22 @@ sub command_line_setup { "$basedir/sql/share/charsets", "$basedir/share/charsets"); + # Look for client test plugin + if (IS_WINDOWS) + { + $auth_filename = "auth_test_plugin.dll"; + } + else + { + $auth_filename = "auth_test_plugin.so"; + } + $auth_plugin= + mtr_file_exists(vs_config_dirs('plugin/auth/',$auth_filename), + "$basedir/plugin/auth/.libs/" . $auth_filename, + "$basedir/lib/mysql/plugin/" . $auth_filename, + "$basedir/lib/plugin/" . $auth_filename); + + if (using_extern()) { # Connect to the running mysqld and find out what it supports @@ -1897,6 +1916,24 @@ sub environment_setup { ($lib_udf_example ? dirname($lib_udf_example) : ""); # -------------------------------------------------------------------------- + # Add the path where mysqld will find the auth test plugin (dialog.so/dll) + # -------------------------------------------------------------------------- + if ($auth_plugin) + { + $ENV{'PLUGIN_AUTH'}= basename($auth_plugin); + $ENV{'PLUGIN_AUTH_OPT'}= "--plugin-dir=".dirname($auth_plugin); + + $ENV{'PLUGIN_AUTH_LOAD'}="--plugin_load=test_plugin_server=".$auth_filename; + } + else + { + $ENV{'PLUGIN_AUTH'}= ""; + $ENV{'PLUGIN_AUTH_OPT'}="--plugin-dir="; + $ENV{'PLUGIN_AUTH_LOAD'}=""; + } + + + # -------------------------------------------------------------------------- # Add the path where mysqld will find ha_example.so # -------------------------------------------------------------------------- if ($mysql_version_id >= 50100) { @@ -4918,6 +4955,10 @@ sub start_mysqltest ($) { mtr_add_arg($args, "--tmpdir=%s", $opt_tmpdir); mtr_add_arg($args, "--character-sets-dir=%s", $path_charsetsdir); mtr_add_arg($args, "--logdir=%s/log", $opt_vardir); + if ($auth_plugin) + { + mtr_add_arg($args, "--plugin_dir=%s", dirname($auth_plugin)); + } # Log line number and time for each line in .test file mtr_add_arg($args, "--mark-progress") diff --git a/mysql-test/r/1st.result b/mysql-test/r/1st.result index ae9989ce563..e8562662bfd 100644 --- a/mysql-test/r/1st.result +++ b/mysql-test/r/1st.result @@ -21,6 +21,7 @@ ndb_binlog_index plugin proc procs_priv +proxy_priv servers slow_log tables_priv diff --git a/mysql-test/r/change_user.result b/mysql-test/r/change_user.result index 1ed7fcbb8fa..3021b5472bf 100644 --- a/mysql-test/r/change_user.result +++ b/mysql-test/r/change_user.result @@ -1,3 +1,39 @@ +grant select on test.* to test_nopw; +grant select on test.* to test_oldpw identified by password "09301740536db389"; +grant select on test.* to test_newpw identified by "newpw"; +select user(), current_user(), database(); +user() current_user() database() +root@localhost root@localhost test +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<root@localhost> <root@localhost> test +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_nopw@localhost> <test_nopw@%> NULL +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_oldpw@localhost> <test_oldpw@%> NULL +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_newpw@localhost> <test_newpw@%> NULL +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<root@localhost> <root@localhost> NULL +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_nopw@localhost> <test_nopw@%> test +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_oldpw@localhost> <test_oldpw@%> test +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<test_newpw@localhost> <test_newpw@%> test +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +concat('<', user(), '>') concat('<', current_user(), '>') database() +<root@localhost> <root@localhost> test +drop user test_nopw; +drop user test_oldpw; +drop user test_newpw; Bug#20023 SELECT @@session.sql_big_selects; @@session.sql_big_selects diff --git a/mysql-test/r/connect.result b/mysql-test/r/connect.result index 5e6c013bb38..bbd0273c1c6 100644 --- a/mysql-test/r/connect.result +++ b/mysql-test/r/connect.result @@ -15,6 +15,7 @@ ndb_binlog_index plugin proc procs_priv +proxy_priv servers slow_log tables_priv @@ -48,6 +49,7 @@ ndb_binlog_index plugin proc procs_priv +proxy_priv servers slow_log tables_priv @@ -89,6 +91,7 @@ ndb_binlog_index plugin proc procs_priv +proxy_priv servers slow_log tables_priv diff --git a/mysql-test/r/events_bugs.result b/mysql-test/r/events_bugs.result index a5003c936e8..a27c7dc18ee 100644 --- a/mysql-test/r/events_bugs.result +++ b/mysql-test/r/events_bugs.result @@ -568,6 +568,7 @@ USE test; SHOW GRANTS FOR CURRENT_USER; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION SET GLOBAL event_scheduler = ON; CREATE TABLE events_test.event_log (id int KEY AUTO_INCREMENT, ev_nm char(40), ev_cnt int, ev_tm timestamp) diff --git a/mysql-test/r/grant.result b/mysql-test/r/grant.result index 65ebbd71c39..84cac386b57 100644 --- a/mysql-test/r/grant.result +++ b/mysql-test/r/grant.result @@ -13,8 +13,48 @@ GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost' grant delete on mysqltest.* to mysqltest_1@localhost; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED EDH-RSA-DES-CBC3-SHA 0 0 0 0 +Host localhost +User mysqltest_1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type SPECIFIED +ssl_cipher EDH-RSA-DES-CBC3-SHA +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA' @@ -44,15 +84,95 @@ delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 0 0 0 +Host localhost +User mysqltest_1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 10 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 0 +Host localhost +User mysqltest_1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 10 +max_updates 20 +max_connections 30 +max_user_connections 0 +plugin +authentication_string show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 @@ -164,6 +284,7 @@ Warnings: Warning 1364 Field 'ssl_cipher' doesn't have a default value Warning 1364 Field 'x509_issuer' doesn't have a default value Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value insert into mysql.db (host, db, user, select_priv) values ('localhost', 'a%', 'test11', 'Y'), ('localhost', 'ab%', 'test11', 'Y'); alter table mysql.db order by db asc; @@ -625,16 +746,19 @@ show grants for root@localhost; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION GRANT SELECT ON `ÂÄ`.* TO 'root'@'localhost' +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION flush privileges; show grants for root@localhost; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION GRANT SELECT ON `ÂÄ`.* TO 'root'@'localhost' +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop database ÂÄ; revoke all privileges on ÂÄ.* from root@localhost; show grants for root@localhost; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION set names latin1; create user mysqltest_7@; set password for mysqltest_7@ = password('systpass'); diff --git a/mysql-test/r/grant2.result b/mysql-test/r/grant2.result index 3032ca854bd..b5e82794658 100644 --- a/mysql-test/r/grant2.result +++ b/mysql-test/r/grant2.result @@ -11,7 +11,7 @@ grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; -ERROR 42000: You must have privileges to update tables in the mysql database to be able to change passwords for others +ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql' grant update on mysql.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; @@ -287,6 +287,7 @@ Warnings: Warning 1364 Field 'ssl_cipher' doesn't have a default value Warning 1364 Field 'x509_issuer' doesn't have a default value Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value create user mysqltest_A@'%'; rename user mysqltest_B@'%' to mysqltest_C@'%'; drop user mysqltest_C@'%'; @@ -334,7 +335,7 @@ delete from mysql.user where user like 'mysqltest\_1'; flush privileges; drop database mysqltest_1; set password = password("changed"); -ERROR 42000: Access denied for user ''@'localhost' to database 'mysql' +ERROR 42000: Can't find any matching row in the user table lock table mysql.user write; flush privileges; grant all on *.* to 'mysqltest_1'@'localhost'; @@ -354,6 +355,7 @@ Warnings: Warning 1364 Field 'ssl_cipher' doesn't have a default value Warning 1364 Field 'x509_issuer' doesn't have a default value Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value INSERT INTO mysql.db (host, db, user, select_priv) VALUES ('%','TESTDB','mysqltest_1','Y'); FLUSH PRIVILEGES; diff --git a/mysql-test/r/grant_cache_no_prot.result b/mysql-test/r/grant_cache_no_prot.result index 32bb9cce90e..019edb72086 100644 --- a/mysql-test/r/grant_cache_no_prot.result +++ b/mysql-test/r/grant_cache_no_prot.result @@ -7,9 +7,11 @@ flush status; show grants for current_user; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION create database if not exists mysqltest; create table mysqltest.t1 (a int,b int,c int); create table mysqltest.t2 (a int,b int,c int); diff --git a/mysql-test/r/grant_cache_ps_prot.result b/mysql-test/r/grant_cache_ps_prot.result index 281468ee2e1..e95a858fd9a 100644 --- a/mysql-test/r/grant_cache_ps_prot.result +++ b/mysql-test/r/grant_cache_ps_prot.result @@ -7,9 +7,11 @@ flush status; show grants for current_user; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION create database if not exists mysqltest; create table mysqltest.t1 (a int,b int,c int); create table mysqltest.t2 (a int,b int,c int); diff --git a/mysql-test/r/information_schema.result b/mysql-test/r/information_schema.result index 21b42577a11..aa47b8c437e 100644 --- a/mysql-test/r/information_schema.result +++ b/mysql-test/r/information_schema.result @@ -88,6 +88,7 @@ host plugin proc procs_priv +proxy_priv servers slow_log tables_priv @@ -684,6 +685,7 @@ Alter_routine_priv select,insert,update,references max_questions select,insert,update,references max_connections select,insert,update,references max_user_connections select,insert,update,references +authentication_string select,insert,update,references use test; create function sub1(i int) returns int return i+1; @@ -870,7 +872,7 @@ AND table_name not like 'ndb%' AND table_name not like 'innodb_%' GROUP BY TABLE_SCHEMA; table_schema count(*) information_schema 30 -mysql 22 +mysql 23 create table t1 (i int, j int); create trigger trg1 before insert on t1 for each row begin diff --git a/mysql-test/r/log_tables_upgrade.result b/mysql-test/r/log_tables_upgrade.result index 5d9be85a48a..10cc6d71eae 100644 --- a/mysql-test/r/log_tables_upgrade.result +++ b/mysql-test/r/log_tables_upgrade.result @@ -29,6 +29,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.renamed_general_log OK mysql.servers OK mysql.slow_log diff --git a/mysql-test/r/mysql_upgrade.result b/mysql-test/r/mysql_upgrade.result index 58f6ffd4040..3d5a6cfebdb 100644 --- a/mysql-test/r/mysql_upgrade.result +++ b/mysql-test/r/mysql_upgrade.result @@ -17,6 +17,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. @@ -49,6 +50,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. @@ -81,6 +83,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. @@ -115,6 +118,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. @@ -153,6 +157,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. @@ -194,6 +199,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log Error : You can't use locks with log tables. diff --git a/mysql-test/r/mysqlcheck.result b/mysql-test/r/mysqlcheck.result index 06175955d7f..c51d71510f4 100644 --- a/mysql-test/r/mysqlcheck.result +++ b/mysql-test/r/mysqlcheck.result @@ -18,6 +18,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log note : The storage engine for the table doesn't support optimize @@ -43,6 +44,7 @@ mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK +mysql.proxy_priv OK mysql.servers OK mysql.slow_log note : The storage engine for the table doesn't support optimize diff --git a/mysql-test/r/plugin_auth.result b/mysql-test/r/plugin_auth.result new file mode 100644 index 00000000000..8a851af0ecb --- /dev/null +++ b/mysql-test/r/plugin_auth.result @@ -0,0 +1,212 @@ +SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION +FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server'; +PLUGIN_STATUS ACTIVE +PLUGIN_TYPE AUTHENTICATION +PLUGIN_DESCRIPTION plugin API test plugin +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; +SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; +plugin authentication_string +test_plugin_server plug_dest +## test plugin auth +ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) +GRANT PROXY ON plug_dest TO plug; +select USER(),CURRENT_USER(); +USER() CURRENT_USER() +plug@localhost plug_dest@% +## test SET PASSWORD +SET PASSWORD = PASSWORD('plug_dest'); +Warnings: +Note 1698 SET PASSWORD has no significance for users authenticating via plugins +## test bad credentials +ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) +## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD +## test correct default plugin +select USER(),CURRENT_USER(); +USER() CURRENT_USER() +plug@localhost plug@% +## test no_auto_create_user sql mode with plugin users +SET @@sql_mode=no_auto_create_user; +GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server'; +SET @@sql_mode=default; +DROP USER grant_user; +## test utf-8 user name +CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +GRANT PROXY ON plug_dest TO `Ÿ`; +select USER(),CURRENT_USER(); +USER() CURRENT_USER() +Ÿ@localhost plug_dest@% +DROP USER `Ÿ`; +## test GRANT ... IDENTIFIED WITH/BY ... +CREATE DATABASE test_grant_db; +# create new user via GRANT WITH +GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user +IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +GRANT PROXY ON plug_dest TO new_grant_user; +select USER(),CURRENT_USER(); +USER() CURRENT_USER() +new_grant_user@localhost plug_dest@% +USE test_grant_db; +CREATE TABLE t1 (a INT); +DROP TABLE t1; +REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user; +# try re-create existing user via GRANT IDENTIFIED BY +GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user +IDENTIFIED BY 'unused_password'; +# make sure password doesn't take precendence +ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES) +#make sure plugin auth still available +select USER(),CURRENT_USER(); +USER() CURRENT_USER() +new_grant_user@localhost plug_dest@% +USE test_grant_db; +CREATE TABLE t1 (a INT); +DROP TABLE t1; +DROP USER new_grant_user; +# try re-create existing user via GRANT IDENTIFIED WITH +GRANT ALL PRIVILEGES ON test_grant_db.* TO plug +IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug already exists +GRANT ALL PRIVILEGES ON test_grant_db.* TO plug_dest +IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug_dest already exists +REVOKE SELECT on test_grant_db.* FROM joro +INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2 +REVOKE SELECT on test_grant_db.* FROM joro +INDENTIFIED BY 'plug_dest_passwd'; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY 'plug_dest_passwd'' at line 2 +REVOKE SELECT on test_grant_db.* FROM joro +INDENTIFIED BY PASSWORD 'plug_dest_passwd'; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY PASSWORD 'plug_dest_passwd'' at line 2 +DROP DATABASE test_grant_db; +## GRANT PROXY tests +CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' +AS 'grant_plug_dest'; +CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd'; +CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2'; +# ALL PRIVILEGES doesn't include PROXY +GRANT ALL PRIVILEGES ON *.* TO grant_plug; +ERROR 28000: Access denied for user 'grant_plug'@'localhost' (using password: YES) +GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PROXY ON grant_plug_dest TO grant_plug' at line 1 +this should fail : can't combine PROXY +GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT,PROXY ON grant_plug_dest TO grant_plug' at line 1 +# this should fail : no such grant +REVOKE PROXY ON grant_plug_dest FROM grant_plug; +ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%' +in grant_plug_dest_con +## testing what an ordinary user can grant +this should fail : no rights to grant all +GRANT PROXY ON ''@'' TO grant_plug; +ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' +this should fail : not the same user +GRANT PROXY ON grant_plug TO grant_plug_dest; +ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' +this should fail : same user, but on a different host +GRANT PROXY ON grant_plug_dest TO grant_plug; +ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' +this should work : same user +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug_dest2; +REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug_dest2; +this should work : same user +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION; +REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug; +this should fail : can't create users +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug@localhost; +ERROR 42000: You are not allowed to create a user with GRANT +in default connection +# test what root can grant +should work : root has PROXY to all users +GRANT PROXY ON ''@'' TO grant_plug; +REVOKE PROXY ON ''@'' FROM grant_plug; +should work : root has PROXY to all users +GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test' +WITH GRANT OPTION; +need USAGE : PROXY doesn't contain it. +GRANT USAGE on *.* TO proxy_admin; +in proxy_admin_con; +should work : proxy_admin has proxy to ''@'' +GRANT PROXY ON future_user TO grant_plug; +in default connection +SHOW GRANTS FOR grant_plug; +Grants for grant_plug@% +GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' WITH GRANT OPTION +GRANT PROXY ON 'future_user'@'%' TO 'grant_plug'@'%' +REVOKE PROXY ON future_user FROM grant_plug; +SHOW GRANTS FOR grant_plug; +Grants for grant_plug@% +GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' WITH GRANT OPTION +## testing drop user +CREATE USER test_drop@localhost; +GRANT PROXY ON future_user TO test_drop@localhost; +SHOW GRANTS FOR test_drop@localhost; +Grants for test_drop@localhost +GRANT USAGE ON *.* TO 'test_drop'@'localhost' +GRANT PROXY ON 'future_user'@'%' TO 'test_drop'@'localhost' +DROP USER test_drop@localhost; +SELECT * FROM mysql.proxy_priv WHERE Host = 'test_drop' AND User = 'localhost'; +Host User Proxied_Host Proxied_User With_Grant +DROP USER proxy_admin; +DROP USER grant_plug,grant_plug_dest,grant_plug_dest2; +## END GRANT PROXY tests +## cleanup +DROP USER plug; +DROP USER plug_dest; +## @@proxy_user tests +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; +GRANT PROXY ON plug_dest TO plug; +SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user; +USER() CURRENT_USER() @@LOCAL.proxy_user +root@localhost root@localhost NULL +SELECT @@GLOBAL.proxy_user; +ERROR HY000: Variable 'proxy_user' is a SESSION variable +SELECT @@LOCAL.proxy_user; +@@LOCAL.proxy_user +NULL +SET GLOBAL proxy_user = 'test'; +ERROR HY000: Variable 'proxy_user' is a read only variable +SET LOCAL proxy_user = 'test'; +ERROR HY000: Variable 'proxy_user' is a read only variable +SELECT @@LOCAL.proxy_user; +@@LOCAL.proxy_user +NULL +# in connection plug_con +SELECT @@LOCAL.proxy_user; +@@LOCAL.proxy_user +'plug'@'%' +# in connection default +## cleanup +DROP USER plug; +DROP USER plug_dest; +## END @@proxy_user tests +## @@external_user tests +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; +GRANT PROXY ON plug_dest TO plug; +SELECT USER(),CURRENT_USER(),@@LOCAL.external_user; +USER() CURRENT_USER() @@LOCAL.external_user +root@localhost root@localhost NULL +SELECT @@GLOBAL.external_user; +ERROR HY000: Variable 'external_user' is a SESSION variable +SELECT @@LOCAL.external_user; +@@LOCAL.external_user +NULL +SET GLOBAL external_user = 'test'; +ERROR HY000: Variable 'external_user' is a read only variable +SET LOCAL external_user = 'test'; +ERROR HY000: Variable 'external_user' is a read only variable +SELECT @@LOCAL.external_user; +@@LOCAL.external_user +NULL +# in connection plug_con +SELECT @@LOCAL.external_user; +@@LOCAL.external_user +'plug'@'%' +# in connection default +## cleanup +DROP USER plug; +DROP USER plug_dest; +## END @@external_user tests diff --git a/mysql-test/r/ps.result b/mysql-test/r/ps.result index 0e75ebd57ec..cf3594f32a8 100644 --- a/mysql-test/r/ps.result +++ b/mysql-test/r/ps.result @@ -1194,13 +1194,13 @@ SET @aux= "SELECT COUNT(*) prepare my_stmt from @aux; execute my_stmt; COUNT(*) -40 +42 execute my_stmt; COUNT(*) -40 +42 execute my_stmt; COUNT(*) -40 +42 deallocate prepare my_stmt; drop procedure if exists p1| drop table if exists t1| diff --git a/mysql-test/r/sp_notembedded.result b/mysql-test/r/sp_notembedded.result index e4170cc3a49..7da95416e29 100644 --- a/mysql-test/r/sp_notembedded.result +++ b/mysql-test/r/sp_notembedded.result @@ -9,9 +9,11 @@ end| call bug4902()| Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION call bug4902()| Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop procedure bug4902| drop procedure if exists bug4902_2| create procedure bug4902_2() @@ -206,9 +208,11 @@ create procedure 15298_2 () sql security definer show grants; call 15298_1(); Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION call 15298_2(); Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop user mysqltest_1@localhost; drop procedure 15298_1; drop procedure 15298_2; @@ -245,6 +249,8 @@ max_updates, max_connections, max_user_connections) VALUES('%', 'mysqltest_1', password(''), 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', '', '', '', '', '0', '0', '0', '0'); +Warnings: +Warning 1364 Field 'authentication_string' doesn't have a default value FLUSH PRIVILEGES; CREATE PROCEDURE p1(i INT) BEGIN END; DROP PROCEDURE p1; diff --git a/mysql-test/r/system_mysql_db.result b/mysql-test/r/system_mysql_db.result index 679e50fcad9..e82cf229912 100644 --- a/mysql-test/r/system_mysql_db.result +++ b/mysql-test/r/system_mysql_db.result @@ -14,6 +14,7 @@ ndb_binlog_index plugin proc procs_priv +proxy_priv servers slow_log tables_priv @@ -119,6 +120,8 @@ user CREATE TABLE `user` ( `max_updates` int(11) unsigned NOT NULL DEFAULT '0', `max_connections` int(11) unsigned NOT NULL DEFAULT '0', `max_user_connections` int(11) unsigned NOT NULL DEFAULT '0', + `plugin` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', + `authentication_string` text COLLATE utf8_bin NOT NULL, PRIMARY KEY (`Host`,`User`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Users and global privileges' show create table func; diff --git a/mysql-test/suite/federated/federated.result b/mysql-test/suite/federated/federated.result index db4ffc38213..4cd7b416621 100644 --- a/mysql-test/suite/federated/federated.result +++ b/mysql-test/suite/federated/federated.result @@ -60,7 +60,7 @@ CREATE TABLE federated.t1 ( ENGINE="FEDERATED" DEFAULT CHARSET=latin1 CONNECTION='mysql://user:pass@127.0.0.1:SLAVE_PORT/federated/t1'; SELECT * FROM federated.t1; -ERROR HY000: Unable to connect to foreign data source: Access denied for user 'user'@'localhost' (using password: YES) +ERROR HY000: Unable to connect to foreign data source: Access denied for user 'user'@'localhost' (using password: NO) DROP TABLE federated.t1; CREATE TABLE federated.t1 ( `id` int(20) NOT NULL, diff --git a/mysql-test/suite/funcs_1/r/innodb_trig_03e.result b/mysql-test/suite/funcs_1/r/innodb_trig_03e.result index bc3f7daf5bc..3c77ca3dedc 100644 --- a/mysql-test/suite/funcs_1/r/innodb_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/innodb_trig_03e.result @@ -580,6 +580,7 @@ root@localhost show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop trigger trg1_1; use priv_db; diff --git a/mysql-test/suite/funcs_1/r/is_columns_mysql.result b/mysql-test/suite/funcs_1/r/is_columns_mysql.result index 1ab2b3513f0..767f9e47f13 100644 --- a/mysql-test/suite/funcs_1/r/is_columns_mysql.result +++ b/mysql-test/suite/funcs_1/r/is_columns_mysql.result @@ -134,6 +134,11 @@ def mysql procs_priv Routine_name 4 NO char 64 192 NULL NULL utf8 utf8_general_ def mysql procs_priv Routine_type 5 NULL NO enum 9 27 NULL NULL utf8 utf8_bin enum('FUNCTION','PROCEDURE') PRI select,insert,update,references def mysql procs_priv Timestamp 8 CURRENT_TIMESTAMP NO timestamp NULL NULL NULL NULL NULL NULL timestamp on update CURRENT_TIMESTAMP select,insert,update,references def mysql procs_priv User 3 NO char 16 48 NULL NULL utf8 utf8_bin char(16) PRI select,insert,update,references +def mysql proxy_priv Host 1 NO char 60 180 NULL NULL utf8 utf8_bin char(60) PRI select,insert,update,references +def mysql proxy_priv Proxied_Host 3 NO char 16 48 NULL NULL utf8 utf8_bin char(16) PRI select,insert,update,references +def mysql proxy_priv Proxied_User 4 NO char 60 180 NULL NULL utf8 utf8_bin char(60) PRI select,insert,update,references +def mysql proxy_priv User 2 NO char 16 48 NULL NULL utf8 utf8_bin char(16) PRI select,insert,update,references +def mysql proxy_priv With_Grant 5 0 NO tinyint NULL NULL 3 0 NULL NULL tinyint(1) select,insert,update,references def mysql servers Db 3 NO char 64 192 NULL NULL utf8 utf8_general_ci char(64) select,insert,update,references def mysql servers Host 2 NO char 64 192 NULL NULL utf8 utf8_general_ci char(64) select,insert,update,references def mysql servers Owner 9 NO char 64 192 NULL NULL utf8 utf8_general_ci char(64) select,insert,update,references @@ -178,6 +183,7 @@ def mysql time_zone_transition_type Time_zone_id 1 NULL NO int NULL NULL 10 0 NU def mysql time_zone_transition_type Transition_type_id 2 NULL NO int NULL NULL 10 0 NULL NULL int(10) unsigned PRI select,insert,update,references def mysql user Alter_priv 17 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references def mysql user Alter_routine_priv 28 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references +def mysql user authentication_string 42 NULL NO text 65535 65535 NULL NULL utf8 utf8_bin text select,insert,update,references def mysql user Create_priv 8 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references def mysql user Create_routine_priv 27 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references def mysql user Create_tablespace_priv 32 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references @@ -199,6 +205,7 @@ def mysql user max_questions 37 0 NO int NULL NULL 10 0 NULL NULL int(11) unsign def mysql user max_updates 38 0 NO int NULL NULL 10 0 NULL NULL int(11) unsigned select,insert,update,references def mysql user max_user_connections 40 0 NO int NULL NULL 10 0 NULL NULL int(11) unsigned select,insert,update,references def mysql user Password 3 NO char 41 41 NULL NULL latin1 latin1_bin char(41) select,insert,update,references +def mysql user plugin 41 NO char 60 180 NULL NULL utf8 utf8_bin char(60) select,insert,update,references def mysql user Process_priv 12 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references def mysql user References_priv 15 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references def mysql user Reload_priv 10 N NO enum 1 3 NULL NULL utf8 utf8_general_ci enum('N','Y') select,insert,update,references @@ -418,6 +425,11 @@ NULL mysql proc modified timestamp NULL NULL NULL NULL timestamp 3.0000 mysql procs_priv Grantor char 77 231 utf8 utf8_bin char(77) 3.0000 mysql procs_priv Proc_priv set 27 81 utf8 utf8_general_ci set('Execute','Alter Routine','Grant') NULL mysql procs_priv Timestamp timestamp NULL NULL NULL NULL timestamp +3.0000 mysql proxy_priv Host char 60 180 utf8 utf8_bin char(60) +3.0000 mysql proxy_priv User char 16 48 utf8 utf8_bin char(16) +3.0000 mysql proxy_priv Proxied_Host char 16 48 utf8 utf8_bin char(16) +3.0000 mysql proxy_priv Proxied_User char 60 180 utf8 utf8_bin char(60) +NULL mysql proxy_priv With_Grant tinyint NULL NULL NULL NULL tinyint(1) 3.0000 mysql servers Server_name char 64 192 utf8 utf8_general_ci char(64) 3.0000 mysql servers Host char 64 192 utf8 utf8_general_ci char(64) 3.0000 mysql servers Db char 64 192 utf8 utf8_general_ci char(64) @@ -500,3 +512,5 @@ NULL mysql user max_questions int NULL NULL NULL NULL int(11) unsigned NULL mysql user max_updates int NULL NULL NULL NULL int(11) unsigned NULL mysql user max_connections int NULL NULL NULL NULL int(11) unsigned NULL mysql user max_user_connections int NULL NULL NULL NULL int(11) unsigned +3.0000 mysql user plugin char 60 180 utf8 utf8_bin char(60) +1.0000 mysql user authentication_string text 65535 65535 utf8 utf8_bin text diff --git a/mysql-test/suite/funcs_1/r/is_key_column_usage.result b/mysql-test/suite/funcs_1/r/is_key_column_usage.result index a81452b7927..2e50a0c36bf 100644 --- a/mysql-test/suite/funcs_1/r/is_key_column_usage.result +++ b/mysql-test/suite/funcs_1/r/is_key_column_usage.result @@ -106,6 +106,10 @@ def mysql PRIMARY def mysql procs_priv Db def mysql PRIMARY def mysql procs_priv User def mysql PRIMARY def mysql procs_priv Routine_name def mysql PRIMARY def mysql procs_priv Routine_type +def mysql PRIMARY def mysql proxy_priv Host +def mysql PRIMARY def mysql proxy_priv User +def mysql PRIMARY def mysql proxy_priv Proxied_Host +def mysql PRIMARY def mysql proxy_priv Proxied_User def mysql PRIMARY def mysql servers Server_name def mysql PRIMARY def mysql tables_priv Host def mysql PRIMARY def mysql tables_priv Db diff --git a/mysql-test/suite/funcs_1/r/is_statistics.result b/mysql-test/suite/funcs_1/r/is_statistics.result index 873b328dc2d..0c43883789b 100644 --- a/mysql-test/suite/funcs_1/r/is_statistics.result +++ b/mysql-test/suite/funcs_1/r/is_statistics.result @@ -118,6 +118,10 @@ def mysql procs_priv mysql PRIMARY def mysql procs_priv mysql PRIMARY def mysql procs_priv mysql PRIMARY def mysql procs_priv mysql Grantor +def mysql proxy_priv mysql PRIMARY +def mysql proxy_priv mysql PRIMARY +def mysql proxy_priv mysql PRIMARY +def mysql proxy_priv mysql PRIMARY def mysql servers mysql PRIMARY def mysql tables_priv mysql PRIMARY def mysql tables_priv mysql PRIMARY diff --git a/mysql-test/suite/funcs_1/r/is_statistics_mysql.result b/mysql-test/suite/funcs_1/r/is_statistics_mysql.result index a1fa0cac9f2..584bbeb7af5 100644 --- a/mysql-test/suite/funcs_1/r/is_statistics_mysql.result +++ b/mysql-test/suite/funcs_1/r/is_statistics_mysql.result @@ -40,6 +40,10 @@ def mysql procs_priv 0 mysql PRIMARY 2 Db A #CARD# NULL NULL BTREE def mysql procs_priv 0 mysql PRIMARY 3 User A #CARD# NULL NULL BTREE def mysql procs_priv 0 mysql PRIMARY 4 Routine_name A #CARD# NULL NULL BTREE def mysql procs_priv 0 mysql PRIMARY 5 Routine_type A #CARD# NULL NULL BTREE +def mysql proxy_priv 0 mysql PRIMARY 1 Host A #CARD# NULL NULL BTREE +def mysql proxy_priv 0 mysql PRIMARY 2 User A #CARD# NULL NULL BTREE +def mysql proxy_priv 0 mysql PRIMARY 3 Proxied_Host A #CARD# NULL NULL BTREE +def mysql proxy_priv 0 mysql PRIMARY 4 Proxied_User A #CARD# NULL NULL BTREE def mysql servers 0 mysql PRIMARY 1 Server_name A #CARD# NULL NULL BTREE def mysql tables_priv 1 mysql Grantor 1 Grantor A #CARD# NULL NULL BTREE def mysql tables_priv 0 mysql PRIMARY 1 Host A #CARD# NULL NULL BTREE diff --git a/mysql-test/suite/funcs_1/r/is_table_constraints.result b/mysql-test/suite/funcs_1/r/is_table_constraints.result index 7f1c83a8ea5..d4d2c38c9ba 100644 --- a/mysql-test/suite/funcs_1/r/is_table_constraints.result +++ b/mysql-test/suite/funcs_1/r/is_table_constraints.result @@ -73,6 +73,7 @@ def mysql PRIMARY mysql ndb_binlog_index def mysql PRIMARY mysql plugin def mysql PRIMARY mysql proc def mysql PRIMARY mysql procs_priv +def mysql PRIMARY mysql proxy_priv def mysql PRIMARY mysql servers def mysql PRIMARY mysql tables_priv def mysql PRIMARY mysql time_zone diff --git a/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result b/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result index 8b7ac6994c1..38e9c9034c9 100644 --- a/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result +++ b/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result @@ -23,6 +23,7 @@ def mysql PRIMARY mysql ndb_binlog_index PRIMARY KEY def mysql PRIMARY mysql plugin PRIMARY KEY def mysql PRIMARY mysql proc PRIMARY KEY def mysql PRIMARY mysql procs_priv PRIMARY KEY +def mysql PRIMARY mysql proxy_priv PRIMARY KEY def mysql PRIMARY mysql servers PRIMARY KEY def mysql PRIMARY mysql tables_priv PRIMARY KEY def mysql PRIMARY mysql time_zone PRIMARY KEY diff --git a/mysql-test/suite/funcs_1/r/is_tables_mysql.result b/mysql-test/suite/funcs_1/r/is_tables_mysql.result index 0945401ba43..ae512327807 100644 --- a/mysql-test/suite/funcs_1/r/is_tables_mysql.result +++ b/mysql-test/suite/funcs_1/r/is_tables_mysql.result @@ -336,6 +336,29 @@ user_comment Procedure privileges Separator ----------------------------------------------------- TABLE_CATALOG def TABLE_SCHEMA mysql +TABLE_NAME proxy_priv +TABLE_TYPE BASE TABLE +ENGINE MyISAM +VERSION 10 +ROW_FORMAT Fixed +TABLE_ROWS #TBLR# +AVG_ROW_LENGTH #ARL# +DATA_LENGTH #DL# +MAX_DATA_LENGTH #MDL# +INDEX_LENGTH #IL# +DATA_FREE #DF# +AUTO_INCREMENT NULL +CREATE_TIME #CRT# +UPDATE_TIME #UT# +CHECK_TIME #CT# +TABLE_COLLATION utf8_bin +CHECKSUM NULL +CREATE_OPTIONS #CO# +TABLE_COMMENT #TC# +user_comment User proxy privileges +Separator ----------------------------------------------------- +TABLE_CATALOG def +TABLE_SCHEMA mysql TABLE_NAME servers TABLE_TYPE BASE TABLE ENGINE MyISAM diff --git a/mysql-test/suite/funcs_1/r/is_user_privileges.result b/mysql-test/suite/funcs_1/r/is_user_privileges.result index 8f68f8c802d..1ec1ffc4ce1 100644 --- a/mysql-test/suite/funcs_1/r/is_user_privileges.result +++ b/mysql-test/suite/funcs_1/r/is_user_privileges.result @@ -69,46 +69,436 @@ GRANT UPDATE ON *.* TO 'testuser2'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # # Add GRANT OPTION db_datadict.* to testuser1; GRANT UPDATE ON db_datadict.* TO 'testuser1'@'localhost' WITH GRANT OPTION; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # Establish connection testuser1 (user=testuser1) SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string SHOW GRANTS; Grants for testuser1@localhost GRANT USAGE ON *.* TO 'testuser1'@'localhost' @@ -123,46 +513,436 @@ GRANT SELECT ON *.* TO 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def SELECT NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE SELECT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 Y N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv Y +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string GRANT SELECT ON *.* TO 'testuser1'@'localhost' WITH GRANT OPTION; # # Here <SELECT YES> is shown correctly for testuser1; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def SELECT YES -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE SELECT +IS_GRANTABLE YES +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 Y N N N N N N N N N Y N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv Y +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv Y +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # Switch to connection testuser1 SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def SELECT YES +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE SELECT +IS_GRANTABLE YES SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 Y N N N N N N N N N Y N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv Y +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv Y +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string SHOW GRANTS; Grants for testuser1@localhost GRANT SELECT ON *.* TO 'testuser1'@'localhost' WITH GRANT OPTION @@ -172,9 +952,14 @@ GRANT SELECT ON `mysql`.`user` TO 'testuser1'@'localhost' SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; ERROR 42000: SELECT command denied to user 'testuser2'@'localhost' for table 'user' @@ -185,8 +970,10 @@ GRANT INSERT, UPDATE ON *.* TO 'testuser2'@'localhost' SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; ERROR 42000: SELECT command denied to user 'testuser3'@'localhost' for table 'user' @@ -200,23 +987,158 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # Switch to connection testuser1 SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; ERROR 42000: SELECT command denied to user 'testuser1'@'localhost' for table 'user' @@ -228,8 +1150,10 @@ ERROR 42000: CREATE command denied to user 'testuser1'@'localhost' for table 'tb SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; ERROR 42000: SELECT command denied to user 'testuser1'@'localhost' for table 'user' @@ -246,29 +1170,286 @@ GRANT SELECT ON mysql.user TO 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # Switch to connection testuser1 SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string SHOW GRANTS; Grants for testuser1@localhost GRANT USAGE ON *.* TO 'testuser1'@'localhost' @@ -280,14 +1461,138 @@ USE db_datadict; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string SHOW GRANTS; Grants for testuser1@localhost GRANT USAGE ON *.* TO 'testuser1'@'localhost' @@ -302,23 +1607,158 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO -'testuser2'@'localhost' def INSERT NO -'testuser2'@'localhost' def UPDATE NO -'testuser3'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE INSERT +IS_GRANTABLE NO +GRANTEE 'testuser2'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE UPDATE +IS_GRANTABLE NO +GRANTEE 'testuser3'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost testuser1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser2 N Y Y N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 -localhost testuser3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 +Host localhost +User testuser1 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser2 +Password +Select_priv N +Insert_priv Y +Update_priv Y +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string +Host localhost +User testuser3 +Password +Select_priv N +Insert_priv N +Update_priv N +Delete_priv N +Create_priv N +Drop_priv N +Reload_priv N +Shutdown_priv N +Process_priv N +File_priv N +Grant_priv N +References_priv N +Index_priv N +Alter_priv N +Show_db_priv N +Super_priv N +Create_tmp_table_priv N +Lock_tables_priv N +Execute_priv N +Repl_slave_priv N +Repl_client_priv N +Create_view_priv N +Show_view_priv N +Create_routine_priv N +Alter_routine_priv N +Create_user_priv N +Event_priv N +Trigger_priv N +Create_tablespace_priv N +ssl_type +ssl_cipher +x509_issuer +x509_subject +max_questions 0 +max_updates 0 +max_connections 0 +max_user_connections 0 +plugin +authentication_string # Switch to connection testuser1 SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; ERROR 42000: SELECT command denied to user 'testuser1'@'localhost' for table 'user' @@ -341,31 +1781,36 @@ DROP DATABASE IF EXISTS db_datadict; ######################################################################################## SELECT * FROM information_schema.user_privileges WHERE grantee = '''testuser1''@''localhost'''; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE SHOW GRANTS FOR 'testuser1'@'localhost'; ERROR 42000: There is no such grant defined for user 'testuser1' on host 'localhost' DROP USER 'testuser1'@'localhost'; CREATE USER 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee = '''testuser1''@''localhost'''; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def USAGE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE USAGE +IS_GRANTABLE NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO 'testuser1'@'localhost' GRANT SELECT, FILE ON *.* TO 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee = '''testuser1''@''localhost'''; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE -'testuser1'@'localhost' def SELECT NO -'testuser1'@'localhost' def FILE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE SELECT +IS_GRANTABLE NO +GRANTEE 'testuser1'@'localhost' +TABLE_CATALOG def +PRIVILEGE_TYPE FILE +IS_GRANTABLE NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT SELECT, FILE ON *.* TO 'testuser1'@'localhost' DROP USER 'testuser1'@'localhost'; SELECT * FROM information_schema.user_privileges WHERE grantee = '''testuser1''@''localhost'''; -GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE SHOW GRANTS FOR 'testuser1'@'localhost'; ERROR 42000: There is no such grant defined for user 'testuser1' on host 'localhost' ######################################################################## diff --git a/mysql-test/suite/funcs_1/r/memory_trig_03e.result b/mysql-test/suite/funcs_1/r/memory_trig_03e.result index cfbee5f27b7..e8261c93238 100644 --- a/mysql-test/suite/funcs_1/r/memory_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/memory_trig_03e.result @@ -581,6 +581,7 @@ root@localhost show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop trigger trg1_1; use priv_db; diff --git a/mysql-test/suite/funcs_1/r/myisam_trig_03e.result b/mysql-test/suite/funcs_1/r/myisam_trig_03e.result index d21bd176810..8f9b5e6c174 100644 --- a/mysql-test/suite/funcs_1/r/myisam_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/myisam_trig_03e.result @@ -581,6 +581,7 @@ root@localhost show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION drop trigger trg1_1; use priv_db; diff --git a/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result b/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result index ed9e9cce054..ce22b9ca8e0 100644 --- a/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result +++ b/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result @@ -65,6 +65,7 @@ ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_ SHOW GRANTS; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION CREATE INDEX i_processlist ON processlist (user); ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' DROP TABLE processlist; diff --git a/mysql-test/suite/funcs_1/r/processlist_priv_ps.result b/mysql-test/suite/funcs_1/r/processlist_priv_ps.result index db1b385513c..891071269f9 100644 --- a/mysql-test/suite/funcs_1/r/processlist_priv_ps.result +++ b/mysql-test/suite/funcs_1/r/processlist_priv_ps.result @@ -65,6 +65,7 @@ ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_ SHOW GRANTS; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION CREATE INDEX i_processlist ON processlist (user); ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' DROP TABLE processlist; diff --git a/mysql-test/suite/funcs_1/t/is_user_privileges.test b/mysql-test/suite/funcs_1/t/is_user_privileges.test index 253323af9a7..0f0e398d75b 100644 --- a/mysql-test/suite/funcs_1/t/is_user_privileges.test +++ b/mysql-test/suite/funcs_1/t/is_user_privileges.test @@ -104,20 +104,26 @@ ORDER BY grantee, table_catalog, privilege_type; let $my_select2= SELECT * FROM mysql.user WHERE user LIKE 'testuser%' ORDER BY host, user; let $my_show= SHOW GRANTS; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # --echo # Add GRANT OPTION db_datadict.* to testuser1; GRANT UPDATE ON db_datadict.* TO 'testuser1'@'localhost' WITH GRANT OPTION; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # Establish connection testuser1 (user=testuser1) --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (testuser1, localhost, testuser1, , db_datadict); +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results eval $my_show; --echo @@ -128,36 +134,46 @@ connection default; GRANT SELECT ON *.* TO 'testuser1'@'localhost'; --echo # --echo # Here <SELECT NO> is shown correctly for testuser1; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results GRANT SELECT ON *.* TO 'testuser1'@'localhost' WITH GRANT OPTION; --echo # --echo # Here <SELECT YES> is shown correctly for testuser1; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # Switch to connection testuser1 # check that this appears connection testuser1; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results eval $my_show; --echo # Establish connection testuser2 (user=testuser2) --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (testuser2, localhost, testuser2, , db_datadict); +--vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR eval $my_select2; +--horizontal_results eval $my_show; --echo # Establish connection testuser3 (user=testuser3) --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (testuser3, localhost, testuser3, , test); +--vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR eval $my_select2; +--horizontal_results eval $my_show; --echo @@ -165,23 +181,29 @@ eval $my_show; --echo # Switch to connection default connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost'; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # Switch to connection testuser1 # check for changes connection testuser1; +--vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR eval $my_select2; +--horizontal_results eval $my_show; # OK, testuser1 has no privs here --error ER_TABLEACCESS_DENIED_ERROR CREATE TABLE db_datadict.tb_55 ( c1 TEXT ); +--vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR eval $my_select2; +--horizontal_results eval $my_show; # OK, testuser1 has no privs here --error ER_TABLEACCESS_DENIED_ERROR @@ -193,13 +215,17 @@ CREATE TABLE db_datadict.tb_66 ( c1 TEXT ); connection default; GRANT ALL ON db_datadict.* TO 'testuser1'@'localhost' WITH GRANT OPTION; GRANT SELECT ON mysql.user TO 'testuser1'@'localhost'; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # Switch to connection testuser1 connection testuser1; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results eval $my_show; # OK, testuser1 has no privs here @@ -208,8 +234,10 @@ CREATE TABLE db_datadict.tb_56 ( c1 TEXT ); # using 'USE' lets the server read the privileges new, so now the CREATE works USE db_datadict; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results eval $my_show; --replace_result $other_engine_type <other_engine_type> eval @@ -221,15 +249,19 @@ ENGINE = $other_engine_type; --echo # Switch to connection default connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost'; +--vertical_results eval $my_select1; eval $my_select2; +--horizontal_results --echo # Switch to connection testuser1 # check for changes connection testuser1; +--vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR eval $my_select2; +--horizontal_results eval $my_show; # WORKS, as the existing old privileges are used! --replace_result $other_engine_type <other_engine_type> @@ -273,19 +305,27 @@ DROP DATABASE IF EXISTS db_datadict; let $my_select = SELECT * FROM information_schema.user_privileges WHERE grantee = '''testuser1''@''localhost'''; let $my_show = SHOW GRANTS FOR 'testuser1'@'localhost'; +--vertical_results eval $my_select; +--horizontal_results --error ER_NONEXISTING_GRANT eval $my_show; --error 0,ER_CANNOT_USER DROP USER 'testuser1'@'localhost'; CREATE USER 'testuser1'@'localhost'; +--vertical_results eval $my_select; +--horizontal_results eval $my_show; GRANT SELECT, FILE ON *.* TO 'testuser1'@'localhost'; +--vertical_results eval $my_select; +--horizontal_results eval $my_show; DROP USER 'testuser1'@'localhost'; +--vertical_results eval $my_select; +--horizontal_results --error ER_NONEXISTING_GRANT eval $my_show; diff --git a/mysql-test/suite/perfschema/r/column_privilege.result b/mysql-test/suite/perfschema/r/column_privilege.result index 7bbc59ac452..ac6030690dd 100644 --- a/mysql-test/suite/perfschema/r/column_privilege.result +++ b/mysql-test/suite/perfschema/r/column_privilege.result @@ -1,6 +1,7 @@ show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION grant usage on *.* to 'pfs_user_5'@localhost with GRANT OPTION; grant SELECT(thread_id, event_id) on performance_schema.EVENTS_WAITS_CURRENT to 'pfs_user_5'@localhost; diff --git a/mysql-test/suite/perfschema/r/pfs_upgrade.result b/mysql-test/suite/perfschema/r/pfs_upgrade.result index 2d0d82ef19c..9e2018f5c11 100644 --- a/mysql-test/suite/perfschema/r/pfs_upgrade.result +++ b/mysql-test/suite/perfschema/r/pfs_upgrade.result @@ -26,7 +26,7 @@ ERROR 1050 (42S01) at line 445: Table 'SETUP_CONSUMERS' already exists ERROR 1050 (42S01) at line 462: Table 'SETUP_INSTRUMENTS' already exists ERROR 1050 (42S01) at line 482: Table 'SETUP_OBJECTS' already exists ERROR 1050 (42S01) at line 498: Table 'SETUP_TIMERS' already exists -ERROR 1644 (HY000) at line 1138: Unexpected content found in the performance_schema database. +ERROR 1644 (HY000) at line 1142: Unexpected content found in the performance_schema database. FATAL ERROR: Upgrade failed show tables like "user_table"; Tables_in_performance_schema (user_table) @@ -57,7 +57,7 @@ ERROR 1050 (42S01) at line 445: Table 'SETUP_CONSUMERS' already exists ERROR 1050 (42S01) at line 462: Table 'SETUP_INSTRUMENTS' already exists ERROR 1050 (42S01) at line 482: Table 'SETUP_OBJECTS' already exists ERROR 1050 (42S01) at line 498: Table 'SETUP_TIMERS' already exists -ERROR 1644 (HY000) at line 1138: Unexpected content found in the performance_schema database. +ERROR 1644 (HY000) at line 1142: Unexpected content found in the performance_schema database. FATAL ERROR: Upgrade failed show tables like "user_view"; Tables_in_performance_schema (user_view) @@ -86,7 +86,7 @@ ERROR 1050 (42S01) at line 445: Table 'SETUP_CONSUMERS' already exists ERROR 1050 (42S01) at line 462: Table 'SETUP_INSTRUMENTS' already exists ERROR 1050 (42S01) at line 482: Table 'SETUP_OBJECTS' already exists ERROR 1050 (42S01) at line 498: Table 'SETUP_TIMERS' already exists -ERROR 1644 (HY000) at line 1138: Unexpected content found in the performance_schema database. +ERROR 1644 (HY000) at line 1142: Unexpected content found in the performance_schema database. FATAL ERROR: Upgrade failed select name from mysql.proc where db='performance_schema'; name @@ -115,7 +115,7 @@ ERROR 1050 (42S01) at line 445: Table 'SETUP_CONSUMERS' already exists ERROR 1050 (42S01) at line 462: Table 'SETUP_INSTRUMENTS' already exists ERROR 1050 (42S01) at line 482: Table 'SETUP_OBJECTS' already exists ERROR 1050 (42S01) at line 498: Table 'SETUP_TIMERS' already exists -ERROR 1644 (HY000) at line 1138: Unexpected content found in the performance_schema database. +ERROR 1644 (HY000) at line 1142: Unexpected content found in the performance_schema database. FATAL ERROR: Upgrade failed select name from mysql.proc where db='performance_schema'; name @@ -144,7 +144,7 @@ ERROR 1050 (42S01) at line 445: Table 'SETUP_CONSUMERS' already exists ERROR 1050 (42S01) at line 462: Table 'SETUP_INSTRUMENTS' already exists ERROR 1050 (42S01) at line 482: Table 'SETUP_OBJECTS' already exists ERROR 1050 (42S01) at line 498: Table 'SETUP_TIMERS' already exists -ERROR 1644 (HY000) at line 1138: Unexpected content found in the performance_schema database. +ERROR 1644 (HY000) at line 1142: Unexpected content found in the performance_schema database. FATAL ERROR: Upgrade failed select name from mysql.event where db='performance_schema'; name diff --git a/mysql-test/suite/perfschema/r/privilege.result b/mysql-test/suite/perfschema/r/privilege.result index ddbc150a72a..4283b250cee 100644 --- a/mysql-test/suite/perfschema/r/privilege.result +++ b/mysql-test/suite/perfschema/r/privilege.result @@ -1,6 +1,7 @@ show grants; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION grant ALL on *.* to 'pfs_user_1'@localhost with GRANT OPTION; grant ALL on performance_schema.* to 'pfs_user_2'@localhost with GRANT OPTION; diff --git a/mysql-test/suite/rpl/r/rpl_do_grant.result b/mysql-test/suite/rpl/r/rpl_do_grant.result index 1cea2cfa9ad..ce0417cce07 100644 --- a/mysql-test/suite/rpl/r/rpl_do_grant.result +++ b/mysql-test/suite/rpl/r/rpl_do_grant.result @@ -207,6 +207,7 @@ GRANT EXECUTE ON PROCEDURE `test`.`p1` TO 'user49119'@'localhost' SHOW GRANTS FOR CURRENT_USER; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION ############################################################## ############################################################## ### Showing grants for both users: root and user49119 (master) @@ -217,6 +218,7 @@ GRANT EXECUTE ON PROCEDURE `test`.`p1` TO 'user49119'@'localhost' SHOW GRANTS FOR CURRENT_USER; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION ############################################################## ## This statement will make the revoke fail because root has no ## execute grant. However, it will still revoke the grant for @@ -232,6 +234,7 @@ GRANT USAGE ON *.* TO 'user49119'@'localhost' SHOW GRANTS FOR CURRENT_USER; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION ############################################################## ############################################################# ### Showing grants for both users: root and user49119 (slave) @@ -242,6 +245,7 @@ GRANT USAGE ON *.* TO 'user49119'@'localhost' SHOW GRANTS FOR CURRENT_USER; Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION +GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION ############################################################## DROP TABLE t1; DROP PROCEDURE p1; diff --git a/mysql-test/suite/rpl/r/rpl_ignore_table.result b/mysql-test/suite/rpl/r/rpl_ignore_table.result index e77be425270..a6c59918b93 100644 --- a/mysql-test/suite/rpl/r/rpl_ignore_table.result +++ b/mysql-test/suite/rpl/r/rpl_ignore_table.result @@ -34,6 +34,7 @@ Warnings: Warning 1364 Field 'ssl_cipher' doesn't have a default value Warning 1364 Field 'x509_issuer' doesn't have a default value Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value GRANT SELECT ON *.* TO mysqltest6@localhost; GRANT INSERT ON *.* TO mysqltest6@localhost; GRANT INSERT ON test.* TO mysqltest6@localhost; diff --git a/mysql-test/suite/rpl/r/rpl_stm_000001.result b/mysql-test/suite/rpl/r/rpl_stm_000001.result index ba05d114a60..e1761da2338 100644 --- a/mysql-test/suite/rpl/r/rpl_stm_000001.result +++ b/mysql-test/suite/rpl/r/rpl_stm_000001.result @@ -66,6 +66,7 @@ Warnings: Warning 1364 Field 'ssl_cipher' doesn't have a default value Warning 1364 Field 'x509_issuer' doesn't have a default value Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value select select_priv,user from mysql.user where user = _binary'blafasel2'; select_priv user N blafasel2 diff --git a/mysql-test/suite/sys_vars/r/external_user_basic.result b/mysql-test/suite/sys_vars/r/external_user_basic.result new file mode 100644 index 00000000000..7cb85fb612d --- /dev/null +++ b/mysql-test/suite/sys_vars/r/external_user_basic.result @@ -0,0 +1,3 @@ +SELECT @@SESSION.EXTERNAL_USER FROM DUAL; +@@SESSION.EXTERNAL_USER +NULL diff --git a/mysql-test/suite/sys_vars/r/proxy_user_basic.result b/mysql-test/suite/sys_vars/r/proxy_user_basic.result new file mode 100644 index 00000000000..7cc62bd9665 --- /dev/null +++ b/mysql-test/suite/sys_vars/r/proxy_user_basic.result @@ -0,0 +1,3 @@ +SELECT @@SESSION.PROXY_USER FROM DUAL; +@@SESSION.PROXY_USER +NULL diff --git a/mysql-test/suite/sys_vars/t/external_user_basic.test b/mysql-test/suite/sys_vars/t/external_user_basic.test new file mode 100644 index 00000000000..3ba4c2d65a3 --- /dev/null +++ b/mysql-test/suite/sys_vars/t/external_user_basic.test @@ -0,0 +1 @@ +SELECT @@SESSION.EXTERNAL_USER FROM DUAL; diff --git a/mysql-test/suite/sys_vars/t/proxy_user_basic.test b/mysql-test/suite/sys_vars/t/proxy_user_basic.test new file mode 100644 index 00000000000..8c7e2d0d8a3 --- /dev/null +++ b/mysql-test/suite/sys_vars/t/proxy_user_basic.test @@ -0,0 +1 @@ +SELECT @@SESSION.PROXY_USER FROM DUAL; diff --git a/mysql-test/t/change_user.test b/mysql-test/t/change_user.test index 3ed798e8d36..ed2e1d05f86 100644 --- a/mysql-test/t/change_user.test +++ b/mysql-test/t/change_user.test @@ -1,4 +1,52 @@ # +# functional change user tests +# + +grant select on test.* to test_nopw; +grant select on test.* to test_oldpw identified by password "09301740536db389"; +grant select on test.* to test_newpw identified by "newpw"; + +select user(), current_user(), database(); +# +# massaging the data for tests to pass in the embedded server, +# that has authentication completely disabled. +# + +--replace_result <@> <test_nopw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); + + +change_user test_nopw; +--replace_result <@> <test_nopw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user test_oldpw, oldpw; +--replace_result <@> <test_oldpw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user test_newpw, newpw; +--replace_result <@> <test_newpw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user root; +--replace_result <@> <root@localhost> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); + +change_user test_nopw,,test; +--replace_result <@> <test_nopw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user test_oldpw,oldpw,test; +--replace_result <@> <test_oldpw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user test_newpw,newpw,test; +--replace_result <@> <test_newpw@%> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); +change_user root,,test; +--replace_result <@> <root@localhost> @> @localhost> +select concat('<', user(), '>'), concat('<', current_user(), '>'), database(); + +drop user test_nopw; +drop user test_oldpw; +drop user test_newpw; + +# # Bug#20023 mysql_change_user() resets the value of SQL_BIG_SELECTS # diff --git a/mysql-test/t/grant.test b/mysql-test/t/grant.test index de43d6a74b4..e73f45a6c53 100644 --- a/mysql-test/t/grant.test +++ b/mysql-test/t/grant.test @@ -29,7 +29,7 @@ flush privileges; grant select on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA"; show grants for mysqltest_1@localhost; grant delete on mysqltest.* to mysqltest_1@localhost; -select * from mysql.user where user="mysqltest_1"; +query_vertical select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; revoke delete on mysqltest.* from mysqltest_1@localhost; show grants for mysqltest_1@localhost; @@ -48,10 +48,10 @@ flush privileges; delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; -select * from mysql.user where user="mysqltest_1"; +query_vertical select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; -select * from mysql.user where user="mysqltest_1"; +query_vertical select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; # This is just to double check that one won't ignore results of selects flush privileges; diff --git a/mysql-test/t/grant2.test b/mysql-test/t/grant2.test index 447848013f9..6c2ba0dd6fc 100644 --- a/mysql-test/t/grant2.test +++ b/mysql-test/t/grant2.test @@ -31,7 +31,7 @@ create user mysqltest_2@localhost; connect (user_a,localhost,mysqltest_1,,); connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; ---error ER_PASSWORD_NOT_ALLOWED +--error ER_DBACCESS_DENIED_ERROR grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; disconnect user_a; connection default; @@ -405,7 +405,7 @@ drop database mysqltest_1; # But anonymous users can't change their password connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK); connection n5; ---error ER_DBACCESS_DENIED_ERROR +--error ER_PASSWORD_NO_MATCH set password = password("changed"); disconnect n5; connection default; diff --git a/mysql-test/t/plugin_auth-master.opt b/mysql-test/t/plugin_auth-master.opt new file mode 100644 index 00000000000..3536d102387 --- /dev/null +++ b/mysql-test/t/plugin_auth-master.opt @@ -0,0 +1,2 @@ +$PLUGIN_AUTH_OPT +$PLUGIN_AUTH_LOAD diff --git a/mysql-test/t/plugin_auth.test b/mysql-test/t/plugin_auth.test new file mode 100644 index 00000000000..f5a8bd416a0 --- /dev/null +++ b/mysql-test/t/plugin_auth.test @@ -0,0 +1,298 @@ +--source include/have_plugin_auth.inc +--source include/not_embedded.inc + +query_vertical SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION + FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server'; + +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; + +SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; + +--echo ## test plugin auth +--disable_query_log +--error ER_ACCESS_DENIED_ERROR : this should fail : no grant +connect(plug_con,localhost,plug,plug_dest); +--enable_query_log + +GRANT PROXY ON plug_dest TO plug; + +connect(plug_con,localhost,plug,plug_dest); + +connection plug_con; +select USER(),CURRENT_USER(); + +--echo ## test SET PASSWORD +#--error ER_SET_PASSWORD_AUTH_PLUGIN +SET PASSWORD = PASSWORD('plug_dest'); + +connection default; +disconnect plug_con; + +--echo ## test bad credentials +--disable_query_log +--error ER_ACCESS_DENIED_ERROR +connect(plug_con,localhost,plug,bad_credentials); +--enable_query_log + +--echo ## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD +--disable_result_log +--disable_query_log +--error 2059 +connect(plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name); +--enable_query_log +--enable_result_log + +--echo ## test correct default plugin +connect(plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin); +connection plug_con_rightp; +select USER(),CURRENT_USER(); +connection default; +disconnect plug_con_rightp; + +--echo ## test no_auto_create_user sql mode with plugin users +SET @@sql_mode=no_auto_create_user; +GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server'; +SET @@sql_mode=default; +DROP USER grant_user; + +--echo ## test utf-8 user name +CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; + +GRANT PROXY ON plug_dest TO `Ÿ`; + +connect(non_ascii,localhost,Ÿ,plug_dest); +connection non_ascii; +select USER(),CURRENT_USER(); + +connection default; +disconnect non_ascii; +DROP USER `Ÿ`; + +--echo ## test GRANT ... IDENTIFIED WITH/BY ... + +CREATE DATABASE test_grant_db; + +--echo # create new user via GRANT WITH +GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user + IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; + +GRANT PROXY ON plug_dest TO new_grant_user; + +connect(plug_con_grant,localhost,new_grant_user,plug_dest); +connection plug_con_grant; +select USER(),CURRENT_USER(); +USE test_grant_db; +CREATE TABLE t1 (a INT); +DROP TABLE t1; +connection default; +disconnect plug_con_grant; +REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user; + +--echo # try re-create existing user via GRANT IDENTIFIED BY +GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user + IDENTIFIED BY 'unused_password'; + +--echo # make sure password doesn't take precendence +--disable_query_log +--error ER_ACCESS_DENIED_ERROR +connect(plug_con_grant_deny,localhost,new_grant_user,unused_password); +--enable_query_log + +--echo #make sure plugin auth still available +connect(plug_con_grant,localhost,new_grant_user,plug_dest); +connection plug_con_grant; +select USER(),CURRENT_USER(); +USE test_grant_db; +CREATE TABLE t1 (a INT); +DROP TABLE t1; +connection default; +disconnect plug_con_grant; + +DROP USER new_grant_user; + +--echo # try re-create existing user via GRANT IDENTIFIED WITH + +--error ER_GRANT_PLUGIN_USER_EXISTS +GRANT ALL PRIVILEGES ON test_grant_db.* TO plug + IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; + +--error ER_GRANT_PLUGIN_USER_EXISTS +GRANT ALL PRIVILEGES ON test_grant_db.* TO plug_dest + IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; + +--error ER_PARSE_ERROR +REVOKE SELECT on test_grant_db.* FROM joro + INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; + +--error ER_PARSE_ERROR +REVOKE SELECT on test_grant_db.* FROM joro + INDENTIFIED BY 'plug_dest_passwd'; + +--error ER_PARSE_ERROR +REVOKE SELECT on test_grant_db.* FROM joro + INDENTIFIED BY PASSWORD 'plug_dest_passwd'; + +DROP DATABASE test_grant_db; + +--echo ## GRANT PROXY tests + +CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' + AS 'grant_plug_dest'; +CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd'; +CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2'; + +--echo # ALL PRIVILEGES doesn't include PROXY +GRANT ALL PRIVILEGES ON *.* TO grant_plug; +--disable_query_log +--error ER_ACCESS_DENIED_ERROR : this should fail : no grant +connect(grant_plug_con,localhost,grant_plug,grant_plug_dest); +--enable_query_log + +--error ER_PARSE_ERROR : this should fail : can't combine PROXY +GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug; + +--echo this should fail : can't combine PROXY +--error ER_PARSE_ERROR +GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; + +--echo # this should fail : no such grant +--error ER_NONEXISTING_GRANT +REVOKE PROXY ON grant_plug_dest FROM grant_plug; + +connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd); +connection grant_plug_dest_con; +--echo in grant_plug_dest_con + +--echo ## testing what an ordinary user can grant +--echo this should fail : no rights to grant all +--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR +GRANT PROXY ON ''@'' TO grant_plug; + +--echo this should fail : not the same user +--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR +GRANT PROXY ON grant_plug TO grant_plug_dest; + +--echo this should fail : same user, but on a different host +--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR +GRANT PROXY ON grant_plug_dest TO grant_plug; + +--echo this should work : same user +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug_dest2; +REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug_dest2; + +--echo this should work : same user +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION; +REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug; + +--echo this should fail : can't create users +--error ER_CANT_CREATE_USER_WITH_GRANT +GRANT PROXY ON grant_plug_dest@localhost TO grant_plug@localhost; + +connection default; +--echo in default connection +disconnect grant_plug_dest_con; + +--echo # test what root can grant + +--echo should work : root has PROXY to all users +GRANT PROXY ON ''@'' TO grant_plug; +REVOKE PROXY ON ''@'' FROM grant_plug; + +--echo should work : root has PROXY to all users +GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test' + WITH GRANT OPTION; + +--echo need USAGE : PROXY doesn't contain it. +GRANT USAGE on *.* TO proxy_admin; + +connect (proxy_admin_con,localhost,proxy_admin,test); +connection proxy_admin_con; +--echo in proxy_admin_con; + +--echo should work : proxy_admin has proxy to ''@'' +GRANT PROXY ON future_user TO grant_plug; + +connection default; +--echo in default connection +disconnect proxy_admin_con; + +SHOW GRANTS FOR grant_plug; +REVOKE PROXY ON future_user FROM grant_plug; +SHOW GRANTS FOR grant_plug; + +--echo ## testing drop user +CREATE USER test_drop@localhost; +GRANT PROXY ON future_user TO test_drop@localhost; +SHOW GRANTS FOR test_drop@localhost; +DROP USER test_drop@localhost; +SELECT * FROM mysql.proxy_priv WHERE Host = 'test_drop' AND User = 'localhost'; + +DROP USER proxy_admin; + +DROP USER grant_plug,grant_plug_dest,grant_plug_dest2; + +--echo ## END GRANT PROXY tests + +--echo ## cleanup +DROP USER plug; +DROP USER plug_dest; + +--echo ## @@proxy_user tests +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; +GRANT PROXY ON plug_dest TO plug; + +SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user; + +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SELECT @@GLOBAL.proxy_user; +SELECT @@LOCAL.proxy_user; + +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SET GLOBAL proxy_user = 'test'; +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SET LOCAL proxy_user = 'test'; +SELECT @@LOCAL.proxy_user; + +connect(plug_con,localhost,plug,plug_dest); +connection plug_con; +--echo # in connection plug_con +SELECT @@LOCAL.proxy_user; +connection default; +--echo # in connection default +disconnect plug_con; + +--echo ## cleanup +DROP USER plug; +DROP USER plug_dest; +--echo ## END @@proxy_user tests + +--echo ## @@external_user tests +CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; +CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; +GRANT PROXY ON plug_dest TO plug; +SELECT USER(),CURRENT_USER(),@@LOCAL.external_user; + +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SELECT @@GLOBAL.external_user; +SELECT @@LOCAL.external_user; + +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SET GLOBAL external_user = 'test'; +--error ER_INCORRECT_GLOBAL_LOCAL_VAR +SET LOCAL external_user = 'test'; +SELECT @@LOCAL.external_user; + +connect(plug_con,localhost,plug,plug_dest); +connection plug_con; +--echo # in connection plug_con +SELECT @@LOCAL.external_user; +connection default; +--echo # in connection default +disconnect plug_con; + +--echo ## cleanup +DROP USER plug; +DROP USER plug_dest; +--echo ## END @@external_user tests diff --git a/mysql-test/t/system_mysql_db_fix40123.test b/mysql-test/t/system_mysql_db_fix40123.test index 818993e5f27..d069271a02e 100644 --- a/mysql-test/t/system_mysql_db_fix40123.test +++ b/mysql-test/t/system_mysql_db_fix40123.test @@ -72,7 +72,7 @@ CREATE TABLE time_zone_leap_second ( Transition_time bigint signed NOT NULL, -- disable_query_log # Drop all tables created by this test -DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index; +DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv; -- enable_query_log diff --git a/mysql-test/t/system_mysql_db_fix50030.test b/mysql-test/t/system_mysql_db_fix50030.test index 45084177570..53166919f1c 100644 --- a/mysql-test/t/system_mysql_db_fix50030.test +++ b/mysql-test/t/system_mysql_db_fix50030.test @@ -78,7 +78,7 @@ INSERT INTO servers VALUES ('test','localhost','test','root','', 0,'','mysql','r -- disable_query_log # Drop all tables created by this test -DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index; +DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv; -- enable_query_log diff --git a/mysql-test/t/system_mysql_db_fix50117.test b/mysql-test/t/system_mysql_db_fix50117.test index bed00239081..872829ae79d 100644 --- a/mysql-test/t/system_mysql_db_fix50117.test +++ b/mysql-test/t/system_mysql_db_fix50117.test @@ -97,7 +97,7 @@ CREATE TABLE IF NOT EXISTS ndb_binlog_index (Position BIGINT UNSIGNED NOT NULL, -- disable_query_log # Drop all tables created by this test -DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index; +DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv; -- enable_query_log |