Skip to content

M
MariaDB
Commit 94dea8ef authored by Alexey Botchkov's avatar Alexey Botchkov
Browse files
Options

MDEV-25457 CREATE / DROP PROCEDURE not logged with audit plugin. 

CREATE/DROP PROCEDIRE/FUNCTION is now treated as DDL.
parent c0ca3c4f
Hide whitespace changes
Inline Side-by-side
Showing with 26 additions and 5 deletions
mysql-test/suite/plugins/r/server_audit.result
View file @ 94dea8ef
...@@ -118,6 +118,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123'; ...@@ -118,6 +118,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098'); SET PASSWORD FOR u1 = PASSWORD('pwd 098');
CREATE USER u3 IDENTIFIED BY ''; CREATE USER u3 IDENTIFIED BY '';
ALTER USER u3 IDENTIFIED BY 'pwd-456';
drop user u1, u2, u3; drop user u1, u2, u3;
set global server_audit_events='query_ddl'; set global server_audit_events='query_ddl';
create table t1(id int); create table t1(id int);
...@@ -139,6 +140,10 @@ select 2; ...@@ -139,6 +140,10 @@ select 2;
2 2
2 2
drop table t1; drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='query_ddl,query_dml'; set global server_audit_events='query_ddl,query_dml';
create table t1(id int); create table t1(id int);
insert into t1 values (1), (2); insert into t1 values (1), (2);
...@@ -210,6 +215,10 @@ select 2; ...@@ -210,6 +215,10 @@ select 2;
2 2
2 2
drop table t1; drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='table'; set global server_audit_events='table';
set global server_audit_incl_users='user1'; set global server_audit_incl_users='user1';
create user user1@localhost; create user user1@localhost;
...@@ -382,6 +391,8 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv, ...@@ -382,6 +391,8 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv,
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping,
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,user, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,user,
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'ALTER USER u3 IDENTIFIED BY \'pwd-456\'',0
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,user,
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db,
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv,
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv,
...@@ -391,6 +402,10 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping, ...@@ -391,6 +402,10 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping,
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop table t1',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop table t1',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create procedure pr1() insert into test.t1 values ("foo", 42)',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create function fn1(i int) returns int deterministic return i+1',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop procedure pr1',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop function fn1',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'create table t1(id int)',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'insert into t1 values (1), (2)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'insert into t1 values (1), (2)',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select * from t1',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select * from t1',0
......
mysql-test/suite/plugins/t/server_audit.test
View file @ 94dea8ef
...@@ -95,6 +95,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123'; ...@@ -95,6 +95,7 @@ CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098'); SET PASSWORD FOR u1 = PASSWORD('pwd 098');
CREATE USER u3 IDENTIFIED BY ''; CREATE USER u3 IDENTIFIED BY '';
ALTER USER u3 IDENTIFIED BY 'pwd-456';
drop user u1, u2, u3; drop user u1, u2, u3;
set global server_audit_events='query_ddl'; set global server_audit_events='query_ddl';
...@@ -106,6 +107,11 @@ select 2; ...@@ -106,6 +107,11 @@ select 2;
/*! select 2*/; /*! select 2*/;
/*comment*/ select 2; /*comment*/ select 2;
drop table t1; drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='query_ddl,query_dml'; set global server_audit_events='query_ddl,query_dml';
create table t1(id int); create table t1(id int);
insert into t1 values (1), (2); insert into t1 values (1), (2);
...@@ -145,6 +151,10 @@ insert into t1 values (1), (2); ...@@ -145,6 +151,10 @@ insert into t1 values (1), (2);
select * from t1; select * from t1;
select 2; select 2;
drop table t1; drop table t1;
create procedure pr1() insert into test.t1 values ("foo", 42);
create function fn1(i int) returns int deterministic return i+1;
drop procedure pr1;
drop function fn1;
set global server_audit_events='table'; set global server_audit_events='table';
set global server_audit_incl_users='user1'; set global server_audit_incl_users='user1';
......
plugin/server_audit/server_audit.c
View file @ 94dea8ef
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
#define PLUGIN_VERSION 0x104 #define PLUGIN_VERSION 0x104
#define PLUGIN_STR_VERSION "1.4.9" #define PLUGIN_STR_VERSION "1.4.12"
#define _my_thread_var loc_thread_var #define _my_thread_var loc_thread_var
...@@ -854,12 +854,8 @@ struct sa_keyword keywords_to_skip[]= ...@@ -854,12 +854,8 @@ struct sa_keyword keywords_to_skip[]=
struct sa_keyword not_ddl_keywords[]= struct sa_keyword not_ddl_keywords[]=
{ {
{4, "DROP", &function_word, SQLCOM_QUERY_ADMIN},
{4, "DROP", &procedure_word, SQLCOM_QUERY_ADMIN},
{4, "DROP", &user_word, SQLCOM_DCL}, {4, "DROP", &user_word, SQLCOM_DCL},
{6, "CREATE", &user_word, SQLCOM_DCL}, {6, "CREATE", &user_word, SQLCOM_DCL},
{6, "CREATE", &function_word, SQLCOM_QUERY_ADMIN},
{6, "CREATE", &procedure_word, SQLCOM_QUERY_ADMIN},
{6, "RENAME", &user_word, SQLCOM_DCL}, {6, "RENAME", &user_word, SQLCOM_DCL},
{0, NULL, 0, SQLCOM_DDL} {0, NULL, 0, SQLCOM_DDL}
}; };
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7