Skip to content

Commit bf87ff8

Browse files
gguillottegguillotte
committed
(MODULES-7487) Fix pw comparison MariaDB 10.2.16+
Since MariaDB 10.2.16, the `SET PASSWORD` command stores user passwords in the `mysql_native_password` plugin `authentication_string` instead of in the `password` column: ``` +------+-----------+----------+-----------------------+-------------------------------------------+ | user | host | password | plugin | authentication_string | +------+-----------+----------+-----------------------+-------------------------------------------+ | root | localhost | | mysql_native_password | *01396341988BCA5088C3A5DB5D7E434947096D4F | +------+-----------+----------+-----------------------+-------------------------------------------+ ``` The `puppetlabs/mysql` checks the `password` column instead of the `authentication_string` on all versions of MariaDB, resulting in every Puppet run attempting to update managed user passwords even when they haven't changed. Update the if statement to check the plugin authentication string on MariaDB 10.2.16 and newer.
1 parent 49458d6 commit bf87ff8

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

lib/puppet/provider/mysql_user/mysql.rb

+1-1
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ def self.instances
1414
## Default ...
1515
# rubocop:disable Metrics/LineLength
1616
query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'"
17-
elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6')
17+
elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.16')
1818
query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'"
1919
else
2020
query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'"

0 commit comments

Comments
 (0)