Fixed that --open-files-limit works on Linux

Docs/manual.texi:
  Update of security and replication sections
sql/ha_berkeley.cc:
  More documentation
sql/sql_base.cc:
  Fixed overflow bug
sql/sql_parse.cc:
  Variable name change

4 files changed, 41 insertions, 8 deletions

diff --git a/sql/ha_berkeley.cc b/sql/ha_berkeley.cc
index 0cf789056c9..1732f77cd0a 100644
--- a/sql/ha_berkeley.cc
+++ b/sql/ha_berkeley.cc
@@ -119,6 +119,8 @@ bool berkeley_init(void)
     berkeley_tmpdir=mysql_tmpdir;
   if (!berkeley_home)
     berkeley_home=mysql_real_data_home;
+  DBUG_PRINT("bdb",("berkeley_home: %s",mysql_real_data_home));
+
   /*
     If we don't set set_lg_bsize() we will get into trouble when
     trying to use many open BDB tables.
@@ -1675,6 +1677,34 @@ int ha_berkeley::external_lock(THD *thd, int lock_type)
   DBUG_RETURN(error);
 }
 
+/*
+  The idea with handler::store_lock() is the following:
+
+  The statement decided which locks we should need for the table
+  for updates/deletes/inserts we get WRITE locks, for SELECT... we get
+  read locks.
+
+  Before adding the lock into the table lock handler (see thr_lock.c)
+  mysqld calls store lock with the requested locks.  Store lock can now
+  modify a write lock to a read lock (or some other lock), ignore the
+  lock (if we don't want to use MySQL table locks at all) or add locks
+  for many tables (like we do when we are using a MERGE handler).
+
+  Berkeley DB changes all WRITE locks to TL_WRITE_ALLOW_WRITE (which
+  signals that we are doing WRITES, but we are still allowing other
+  reader's and writer's.
+
+  When releasing locks, store_lock() are also called. In this case one
+  usually doesn't have to do anything.
+
+  In some exceptional cases MySQL may send a request for a TL_IGNORE;
+  This means that we are requesting the same lock as last time and this
+  should also be ignored. (This may happen when someone does a flush
+  table when we have opened a part of the tables, in which case mysqld
+  closes and reopens the tables and tries to get the same locks at last
+  time).  In the future we will probably try to remove this.
+*/
+
 
 THR_LOCK_DATA **ha_berkeley::store_lock(THD *thd, THR_LOCK_DATA **to,
 					enum thr_lock_type lock_type)
diff --git a/sql/mysqld.cc b/sql/mysqld.cc
index 4d9b7982f48..3d2c850ee36 100644
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -119,7 +119,7 @@ inline void reset_floating_point_exceptions()
 #else
 #include <my_pthread.h>			// For thr_setconcurency()
 #endif
-#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) && !defined(__linux__) && !defined(HAVE_mit_thread)
+#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) && !defined(HAVE_mit_thread)
 #define SET_RLIMIT_NOFILE
 #endif
 
diff --git a/sql/sql_base.cc b/sql/sql_base.cc
index 74e8dccd4d7..8425fb2d75a 100644
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@@ -1610,7 +1610,7 @@ find_field_in_tables(THD *thd,Item_field *item,TABLE_LIST *tables)
       char buff[NAME_LEN*2+1];
       if (db)
       {
-	strxmov(buff,db,".",table_name,NullS);
+	strxnmov(buff,sizeof(buff)-1,db,".",table_name,NullS);
 	table_name=buff;
       }
       my_printf_error(ER_UNKNOWN_TABLE,ER(ER_UNKNOWN_TABLE),MYF(0),table_name,
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index c1c27ec3192..1d41ae6230a 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -1784,8 +1784,8 @@ mysql_execute_command(void)
     break;
   case SQLCOM_SHOW_GRANTS:
     res=0;
-    if ((thd->user && !strcmp(thd->user,lex->grant_user->user.str)) ||
-	!(check_access(thd, SELECT_ACL, "mysql")))
+    if ((thd->priv_user && !strcmp(thd->priv_user,lex->grant_user->user.str)) ||
+	!check_access(thd, SELECT_ACL, "mysql",0,1))
     {
       res = mysql_show_grants(thd,lex->grant_user);
     }
@@ -1854,7 +1854,7 @@ error:
 
 bool
 check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
-	     bool no_grant)
+	     bool dont_check_global_grants)
 {
   uint db_access,dummy;
   if (save_priv)
@@ -1862,7 +1862,7 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
   else
     save_priv= &dummy;
 
-  if (!db && !thd->db && !no_grant)
+  if (!db && !thd->db && !dont_check_global_grants)
   {
     send_error(&thd->net,ER_NO_DB_ERROR);	/* purecov: tested */
     return TRUE;				/* purecov: tested */
@@ -1874,7 +1874,7 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
     return FALSE;
   }
   if ((want_access & ~thd->master_access) & ~(DB_ACLS | EXTRA_ACL) ||
-      ! db && no_grant)
+      ! db && dont_check_global_grants)
   {						// We can never grant this
     net_printf(&thd->net,ER_ACCESS_DENIED_ERROR,
 	       thd->priv_user,
@@ -1892,8 +1892,11 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
     db_access=thd->db_access;
   want_access &= ~EXTRA_ACL;			// Remove SHOW attribute
   db_access= ((*save_priv=(db_access | thd->master_access)) & want_access);
+
+  /* grant_option is set if there exists a single table or column grant */
   if (db_access == want_access ||
-      ((grant_option && !no_grant) && !(want_access & ~TABLE_ACLS)))
+      ((grant_option && !dont_check_global_grants) &&
+       !(want_access & ~TABLE_ACLS)))
     return FALSE;				/* Ok */
   net_printf(&thd->net,ER_DBACCESS_DENIED_ERROR,
 	     thd->priv_user,