[HCoop-Discuss] Mysql-fixperms has been eliminated
Clinton Ebadi
clinton at unknownlamer.org
Sat Nov 6 15:47:11 EDT 2021
Greetings,
As has been planned for over a year but never implemented, MySQL default
behavior should be much more sensible going forward:
https://git.hcoop.net/hcoop/domtool2.git/commit/d505bba1ca42e447925faa4f4d042d8378b77980
Members will have "ALL ON $db.*" permissions by default going forward,
which should fix a lot of weird behavior with installation and migration
scripts failing because they can't use constructs like 'DROP TABLE
... IF EXISTS' or make the reasonable assumption they can DROP database
objects created in the same script. This comes with the risk of members
dropping their own databses, but in this case the added safety is not
worth the usability cost. We keep a week of daily database backups
(https://wiki.hcoop.net/MemberManual/Databases#Database_Backups), so
some risk is mitigated at least.
The documentation at https://wiki.hcoop.net/MemberManual/Databases#MySQL
has been updated to reflect the new default permission scheme.
Background:
Since at least 2007, we've avoided granting members DROP permissions at
the database-wide level since this allows the database itself to be
dropped. This is an unpleasant risk, but unfortunately there is no way
to avoid it -- almost all software is written with the assumption it can
DROP objects within the database at will, and our safety precaution
breaks a lot of installation and migraton scripts. For example,
something as innocuous as "DROP TABLE ... IF EXISTS" for a table that
does not actually exist fails with an error, since members cannot have
DROP permissions to objects that don't exist.
Given how much our permissions regime broke basic things like
installation scripts, mysql-fixperms has been axed. Looking over our
setup, I found nowhere where a member dropping their own database
outside of `dbtool' would actually be a problem, except obviously in the
case of an accidental drop.
Anyway, sorry about taking so long to get to this, I hope this improves
the default experience a bit.
--
<captain_krunk> ntk is currently using "telnet fyodor 25" to send email
More information about the HCoop-Discuss
mailing list