pt-show-grants doesn't sort column-level privileges
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Percona Toolkit moved to https://jira.percona.com/projects/PT |
Fix Released
|
Medium
|
Frank Cizmich | ||
Bug Description
complete command run: ./pt-show-grants h=127.0.0.2,u=root --only myuser
pt-show-grants version: 2.2.16
MySQL version of server : MySQL 5.6.17, MySQL 5.6.19a, AWS Aurora 5.6.10a
Summary:
The pt-show-grants tool is supposed to canonicalize grants. Unfortunately, it doesn't do that for GRANT entries containing column-level privileges.
I ran the output of pt-show-grants against two databases, one MySQL 5.6.19 and the other AWS Aurora 5.6.10a. The output was only different in the way that the columns in column-level privileges were ordered. In each case, it was clear that the columns weren't sorted.
Root cause and fix:
After looking at pt-show-grants source code, I see that columns in column-level privileges are left in the order that SHOW GRANTS returns them.
To fix this issue, we can sort the column-level privileges. I added the code below in the split_grants function at the end of the if block that tests for column-level privileges.
# sort columns in column-level permissions
@grants = map {
$_ =~ s/(INSERT|
$_;
} @grants;
I've attached a patch with this code in it.
| Peter Dolberg (pldsbox+ubuntuone) wrote | #1 |
| Changed in percona-toolkit: | |
| status: | New → Fix Committed |
| milestone: | none → 2.3.1 |
| importance: | Undecided → Medium |
| assignee: | nobody → Frank Cizmich (frank-cizmich) |
| Frank Cizmich (frank-cizmich) wrote | #2 |
| Changed in percona-toolkit: | |
| status: | Fix Committed → Fix Released |
| Shahriyar Rzayev (rzayev-sehriyar) wrote | #3 |
Fixed as suggested.
Modified test suite to accommodate for change.