diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/mysql_install_db.sh | 34 | ||||
| -rw-r--r-- | scripts/mysql_system_tables_fix.sql | 9 | ||||
| -rw-r--r-- | scripts/wsrep_sst_common.sh | 220 | ||||
| -rw-r--r-- | scripts/wsrep_sst_mariabackup.sh | 26 | ||||
| -rw-r--r-- | scripts/wsrep_sst_rsync.sh | 23 |
5 files changed, 207 insertions, 105 deletions
diff --git a/scripts/mysql_install_db.sh b/scripts/mysql_install_db.sh index 742eb1e1..f38c1d7f 100644 --- a/scripts/mysql_install_db.sh +++ b/scripts/mysql_install_db.sh @@ -344,33 +344,13 @@ then pamtooldir="$builddir/plugin/auth_pam" elif test -n "$basedir" then - bindir="$basedir/bin" # only used in the help text - resolveip=`find_in_dirs resolveip @resolveip_locations@` - if test -z "$resolveip" - then - cannot_find_file resolveip @resolveip_locations@ - exit 1 - fi - mysqld=`find_in_dirs mariadbd @mysqld_locations@` - if test -z "$mysqld" - then - cannot_find_file mariadbd @mysqld_locations@ - exit 1 - fi - langdir=`find_in_dirs --dir errmsg.sys @errmsg_locations@` - if test -z "$langdir" - then - cannot_find_file errmsg.sys @errmsg_locations@ - exit 1 - fi - srcpkgdatadir=`find_in_dirs --dir fill_help_tables.sql @pkgdata_locations@` - buildpkgdatadir=$srcpkgdatadir - if test -z "$srcpkgdatadir" - then - cannot_find_file fill_help_tables.sql @pkgdata_locations@ - exit 1 - fi - plugindir=`find_in_dirs --dir auth_pam.so $basedir/lib*/plugin $basedir/lib*/mysql/plugin $basedir/lib/*/mariadb19/plugin` + bindir="$basedir/@INSTALL_BINDIR@" + resolveip="$bindir/resolveip" + mysqld="$basedir/@INSTALL_SBINDIR@/mariadbd" + langdir="$basedir/@INSTALL_MYSQLSHAREDIR@/english" + srcpkgdatadir="$basedir/@INSTALL_MYSQLSHAREDIR@" + buildpkgdatadir="$basedir/@INSTALL_MYSQLSHAREDIR@" + plugindir="$basedir/@INSTALL_PLUGINDIR@" pamtooldir=$plugindir # relative from where the script was run for a relocatable install elif test -n "$dirname0" -a -x "$rel_mysqld" -a ! "$rel_mysqld" -ef "@sbindir@/mariadbd" diff --git a/scripts/mysql_system_tables_fix.sql b/scripts/mysql_system_tables_fix.sql index 64b92fb4..73b72f6c 100644 --- a/scripts/mysql_system_tables_fix.sql +++ b/scripts/mysql_system_tables_fix.sql @@ -773,19 +773,22 @@ if @have_innodb then end if // DELIMITER ; -# MDEV-4332 longer user names +# MDEV-4332 longer user names, extended by MDEV-24312 to longer again. alter table user modify User char(128) binary not null default ''; alter table db modify User char(128) binary not null default ''; alter table tables_priv modify User char(128) binary not null default ''; alter table columns_priv modify User char(128) binary not null default ''; -alter table procs_priv modify User char(128) binary not null default ''; +alter table procs_priv modify User char(128) binary not null default '', modify Host char(255) binary DEFAULT ''; alter table proc modify definer varchar(384) collate utf8mb3_bin not null default ''; -alter table proxies_priv modify User char(128) COLLATE utf8mb3_bin not null default ''; +alter table proxies_priv modify User char(128) COLLATE utf8mb3_bin not null default '', modify Host char(255) binary DEFAULT ''; alter table proxies_priv modify Proxied_user char(128) COLLATE utf8mb3_bin not null default ''; alter table proxies_priv modify Grantor varchar(384) COLLATE utf8mb3_bin not null default ''; alter table servers modify Username char(128) not null default ''; alter table procs_priv modify Grantor varchar(384) COLLATE utf8mb3_bin not null default ''; alter table tables_priv modify Grantor varchar(384) COLLATE utf8mb3_bin not null default ''; +# MDEV-33726 longer names from MDEV-24312 extension +alter table if exists global_priv modify Host char(255) binary DEFAULT '', modify User char(128) binary not null default ''; +alter table if exists roles_mapping modify Host char(255) binary not null DEFAULT '', modify User char(128) binary not null default ''; # Activate the new, possible modified privilege tables # This should not be needed, but gives us some extra testing that the above diff --git a/scripts/wsrep_sst_common.sh b/scripts/wsrep_sst_common.sh index 2b540581..dbbffee7 100644 --- a/scripts/wsrep_sst_common.sh +++ b/scripts/wsrep_sst_common.sh @@ -23,6 +23,22 @@ trap 'exit 3' INT QUIT TERM # Setting the path for some utilities on CentOS export PATH="$PATH:/usr/sbin:/usr/bin:/sbin:/bin" +commandex() +{ + if [ -n "$BASH_VERSION" ]; then + command -v "$1" || : + elif [ -x "$1" ]; then + echo "$1" + else + which "$1" || : + fi +} + +with_printf=1 +if [ -z "$BASH_VERSION" ]; then + [ -z "$(commandex printf)" ] && with_printf=0 +fi + trim_string() { if [ -n "$BASH_VERSION" ]; then @@ -35,9 +51,9 @@ trim_string() y=${#y} x=$(( z-x-1 )) y=$(( y-x+1 )) - printf '%s' "${1:$x:$y}" + echo "${1:$x:$y}" else - printf '' + echo '' fi else local pattern="[[:space:]${2:-}]" @@ -59,9 +75,9 @@ trim_dir() y=$(( y-x+1 )) x="${1:$x:$y}" [ -z "$x" ] && x='.' - printf '%s' "$x" + echo "$x" else - printf '' + echo '' fi else local pattern="[:space:]${2:-}" @@ -85,9 +101,9 @@ trim_right() y=${#y} if [ $y -ne $z ]; then y=$(( y+1 )) - printf '%s' "${1:0:$y}" + echo "${1:0:$y}" else - printf '' + echo '' fi else local pattern="[[:space:]${2:-}]" @@ -95,6 +111,25 @@ trim_right() fi } +trim_left() +{ + if [ -n "$BASH_VERSION" ]; then + local pattern="[![:space:]${2:-}]" + local x="${1#*$pattern}" + local z=${#1} + x=${#x} + if [ $x -ne $z ]; then + x=$(( z-x-1 )) + echo "${1:$x:$z}" + else + echo '' + fi + else + local pattern="[[:space:]${2:-}]" + echo "$1" | sed -E "s/^$pattern+//g" + fi +} + to_minuses() { local x="$1" @@ -105,11 +140,7 @@ to_minuses() x="$t" t="${t#*_}" done - if [ -n "$BASH_VERSION" ]; then - printf '%s' "$r$x" - else - echo "$r$x" - fi + echo "$r$x" } WSREP_SST_OPT_BYPASS=0 @@ -383,9 +414,11 @@ case "$1" in # option name: if [ -n "$BASH_VERSION" ]; then option="${options:0:1}" + elif [ $with_printf -ne 0 ]; then + option=$(printf '%.1s' "$options") else - # If it's not bash, then we need to use slow - # external utilities: + # If it's not bash and without printf, + # then we need to use slow external utilities: option=$(echo "$options" | cut -c1) fi # And the subsequent characters consider option value: @@ -788,17 +821,6 @@ WSREP_SST_OPT_ADDR="$WSREP_SST_OPT_HOST:$WSREP_SST_OPT_PORT$sst_path" readonly WSREP_SST_OPT_ADDR readonly WSREP_SST_OPT_ADDR_PORT -commandex() -{ - if [ -n "$BASH_VERSION" ]; then - command -v "$1" || : - elif [ -x "$1" ]; then - echo "$1" - else - which "$1" || : - fi -} - # try to use my_print_defaults, mysql and mysqldump that come # with the sources (for MTR suite): script_binary=$(dirname "$0") @@ -929,11 +951,7 @@ parse_cnf() # Truncate spaces: [ -n "$reval" ] && reval=$(trim_string "$reval") - if [ -n "$BASH_VERSION" ]; then - printf '%s' "$reval" - else - echo "$reval" - fi + echo "$reval" } # @@ -986,11 +1004,8 @@ in_config() break fi done - if [ -n "$BASH_VERSION" ]; then - printf '%s' $found - else - echo $found - fi + + echo $found } wsrep_auth_not_set() @@ -1128,9 +1143,7 @@ wsrep_gen_secret() printf '%04x%04x%04x%04x%04x%04x%04x%04x' \ $RANDOM $RANDOM $RANDOM $RANDOM \ $RANDOM $RANDOM $RANDOM $RANDOM - elif [ -n "$(commandex cksum)" -a \ - -n "$(commandex printf)" ] - then + elif [ $with_printf -ne 0 -a -n "$(commandex cksum)" ]; then printf '%08x%08x%08x%08x' \ $(head -8 /dev/urandom | cksum | cut -d ' ' -f1) \ $(head -8 /dev/urandom | cksum | cut -d ' ' -f1) \ @@ -1569,6 +1582,139 @@ check_server_ssl_config() fi } +# Get Common Name (CN) from the certificate: +openssl_getCN() +{ + get_openssl + if [ -z "$OPENSSL_BINARY" ]; then + wsrep_log_error \ + 'openssl not found but it is required for authentication' + exit 42 + fi + + local bug=0 + local CN=$("$OPENSSL_BINARY" x509 -noout -subject -in "$1" 2>&1) || bug=1 + + if [ $bug -ne 0 ]; then + wsrep_log_info "run: \"$OPENSSL_BINARY\" x509 -noout -subject -in \"$1\"" + wsrep_log_info "output: $CN" + wsrep_log_error "******** FATAL ERROR **********************************************" + wsrep_log_error "* Unable to parse the certificate file to obtain the common name. *" + wsrep_log_error "*******************************************************************" + exit 22 + fi + + CN=$(trim_string "$CN") + + if [ -n "$CN" ]; then + # If the string begins with the "subject" prefix + # then we need to remove it: + local saved="$CN" + local remain="${CN#subject}" + if [ "$remain" != "$saved" ]; then + remain=$(trim_left "$remain") + # Now let's check for the presence of "=" character + # after the "subject": + saved="$remain" + remain="${remain#=}" + if [ "$remain" != "$saved" ]; then + remain=$(trim_left "$remain") + else + remain="" + bug=1 + fi + fi + while [ -n "$remain" ]; do + local value="" + # Let's extract the option name - all characters + # up to the first '=' or ',' character (if present): + local option="${remain%%[=,]*}" + if [ "$option" != "$remain" ]; then + option=$(trim_right "$option") + # These variables will be needed to determine + # which separator comes first: + local x="${remain#*=}" + local y="${remain#*,}" + local z=${#remain} + x=${#x}; [ $x -eq $z ] && x=0 + y=${#y}; [ $y -eq $z ] && y=0 + # The remaining string is everything that follows + # the separator character: + remain=$(trim_left "${remain#*[=,]}") + # Let's check what we are dealing with - an equal + # sign or a comma? + if [ $x -gt $y ]; then + # If the remainder begins with a double quote, + # then there is a string containing commas and + # we need to parse it: + saved="$remain" + remain="${remain#\"}" + if [ "$remain" != "$saved" ]; then + while :; do + # We need to find the closing quote: + local prefix="$remain" + remain="${remain#*\"}" + # Let's check if there is a closing quote? + if [ "$remain" = "$prefix" ]; then + bug=1 + break + fi + # Everything up to the closing quote is + # the next part of the value: + value="$value${prefix%%\"*}" + # But if the last character of the value + # is a backslash, then it is a quoted quotation + # mark and we need to add it to the value: + if [ "${value%\\}" != "$value" ]; then + value="$value\"" + else + break + fi + done + [ $bug -ne 0 ] && break + # Now we have to remove "," if it is present + # in the string after the value: + saved=$(trim_left "$remain") + remain="${saved#,}" + if [ "$remain" != "$saved" ]; then + remain=$(trim_left "$remain") + elif [ -n "$remain" ]; then + bug=1 + break + fi + else + # We are dealing with a simple unquoted string value, + # therefore we need to take everything up to the end + # of the string, or up to the next comma character: + value="${remain%%,*}" + if [ "$value" != "$remain" ]; then + remain=$(trim_left "${remain#*,}") + else + remain="" + fi + value=$(trim_right "$value") + fi + if [ "$option" = 'CN' -a -n "$value" ]; then + echo "$value" + return + fi + fi + else + remain="" + fi + done + fi + + if [ $bug -ne 0 ]; then + wsrep_log_error "******** FATAL ERROR **********************************************" + wsrep_log_error "* Unable to parse the certificate options: '$CN'" + wsrep_log_error "*******************************************************************" + exit 22 + fi + + echo '' +} + simple_cleanup() { # Since this is invoked just after exit NNN diff --git a/scripts/wsrep_sst_mariabackup.sh b/scripts/wsrep_sst_mariabackup.sh index 2b05326e..fcae6dd9 100644 --- a/scripts/wsrep_sst_mariabackup.sh +++ b/scripts/wsrep_sst_mariabackup.sh @@ -803,7 +803,8 @@ recv_joiner() if [ $tmt -gt 0 ]; then if [ -n "$(commandex timeout)" ]; then local koption=0 - if [ "$OS" = 'FreeBSD' ]; then + if [ "$OS" = 'FreeBSD' -o "$OS" = 'NetBSD' -o "$OS" = 'OpenBSD' -o \ + "$OS" = 'DragonFly' ]; then if timeout 2>&1 | grep -qw -F -- '-k'; then koption=1 fi @@ -1166,12 +1167,6 @@ if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then iopts="--databases-exclude='lost+found'${iopts:+ }$iopts" - if [ ${FORCE_FTWRL:-0} -eq 1 ]; then - wsrep_log_info "Forcing FTWRL due to environment variable" \ - "FORCE_FTWRL equal to $FORCE_FTWRL" - iopts="--no-backup-locks${iopts:+ }$iopts" - fi - # if compression is enabled for backup files, then add the # appropriate options to the mariadb-backup command line: if [ "$compress" != 'none' ]; then @@ -1209,11 +1204,11 @@ if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then else # BYPASS FOR IST wsrep_log_info "Bypassing the SST for IST" - echo "continue" # now server can resume updating data + echo 'continue' # now server can resume updating data send_magic - echo "1" > "$DATA/$IST_FILE" + echo '1' > "$DATA/$IST_FILE" if [ -n "$scomp" ]; then tcmd="$scomp | $tcmd" @@ -1324,7 +1319,7 @@ else # joiner check_round=0 while check_pid "$SST_PID" 0; do wsrep_log_info "previous SST is not completed, waiting for it to exit" - check_round=$(( check_round + 1 )) + check_round=$(( check_round+1 )) if [ $check_round -eq 10 ]; then wsrep_log_error "previous SST script still running." exit 114 # EALREADY @@ -1351,16 +1346,7 @@ else # joiner # backward-incompatible behavior: CN="" if [ -n "$tpem" ]; then - # find out my Common Name - get_openssl - if [ -z "$OPENSSL_BINARY" ]; then - wsrep_log_error \ - 'openssl not found but it is required for authentication' - exit 42 - fi - CN=$("$OPENSSL_BINARY" x509 -noout -subject -in "$tpem" | \ - tr ',' '\n' | grep -F 'CN =' | cut -d '=' -f2 | sed s/^\ // | \ - sed s/\ %//) + CN=$(openssl_getCN "$tpem") fi MY_SECRET="$(wsrep_gen_secret)" # Add authentication data to address diff --git a/scripts/wsrep_sst_rsync.sh b/scripts/wsrep_sst_rsync.sh index aabf5bd3..0d92a3c0 100644 --- a/scripts/wsrep_sst_rsync.sh +++ b/scripts/wsrep_sst_rsync.sh @@ -354,7 +354,7 @@ SST_PID="$DATA/wsrep_sst.pid" check_round=0 while check_pid "$SST_PID" 0; do wsrep_log_info "Previous SST is not completed, waiting for it to exit" - check_round=$(( check_round + 1 )) + check_round=$(( check_round+1 )) if [ $check_round -eq 20 ]; then wsrep_log_error "previous SST script still running." exit 114 # EALREADY @@ -370,7 +370,7 @@ check_round=0 while check_pid "$STUNNEL_PID" 1 "$STUNNEL_CONF"; do wsrep_log_info "Lingering stunnel daemon found at startup," \ "waiting for it to exit" - check_round=$(( check_round + 1 )) + check_round=$(( check_round+1 )) if [ $check_round -eq 10 ]; then wsrep_log_error "stunnel daemon still running." exit 114 # EALREADY @@ -388,7 +388,7 @@ check_round=0 while check_pid "$RSYNC_PID" 1 "$RSYNC_CONF"; do wsrep_log_info "Lingering rsync daemon found at startup," \ "waiting for it to exit" - check_round=$(( check_round + 1 )) + check_round=$(( check_round+1 )) if [ $check_round -eq 10 ]; then wsrep_log_error "rsync daemon still running." exit 114 # EALREADY @@ -481,11 +481,7 @@ EOF tar_type=2 fi if [ $tar_type -eq 2 ]; then - if [ -n "$BASH_VERSION" ]; then - printf '%s' "$binlog_files" >&2 - else - echo "$binlog_files" >&2 - fi + echo "$binlog_files" >&2 fi if [ $tar_type -ne 0 ]; then # Preparing list of the binlog file names: @@ -854,16 +850,7 @@ EOF # backward-incompatible behavior: CN="" if [ -n "$SSTCERT" ]; then - # find out my Common Name - get_openssl - if [ -z "$OPENSSL_BINARY" ]; then - wsrep_log_error \ - 'openssl not found but it is required for authentication' - exit 42 - fi - CN=$("$OPENSSL_BINARY" x509 -noout -subject -in "$SSTCERT" | \ - tr ',' '\n' | grep -F 'CN =' | cut -d '=' -f2 | sed s/^\ // | \ - sed s/\ %//) + CN=$(openssl_getCN "$SSTCERT") fi MY_SECRET="$(wsrep_gen_secret)" # Add authentication data to address |