当前位置:网站首页>Record today's MySQL failures

Record today's MySQL failures

2022-06-10 21:23:00 Li_ XiaoJin

There is a problem today , Morning yes MySQL Limit IP Access operation , Restrict it only through 192.168.137.% Access to this segment . I didn't expect that something would go wrong immediately , The Canadian website cannot submit the order for card purchase . Later, I checked and found that in the log , There are database errors .

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.jdbc.BadSqlGrammarException: 
### Error querying database.  Cause: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: execute command denied to user 'mvno-ca'@'localhost' for routine 'cmi_mvno_ca.mvnoNextval'
### The error may exist in URL [jar:file:/home/ca/mvno-ca/lib/mvno-common-business-1.0-SNAPSHOT.jar!/mapper/WebformSubmissionData.xml]
### The error may involve defaultParameterMap
### The error occurred while setting parameters
### SQL: SELECT mvnoNextval('mvno_sequence') from dual;
### Cause: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: execute command denied to user 'mvno-ca'@'localhost' for routine 'cmi_mvno_ca.mvnoNextval'
; bad SQL grammar []; nested exception is com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: execute command denied to user 'mvno-ca'@'localhost' for routine 'cmi_mvno_ca.mvnoNextval'
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:982)

Finally, the following is verified SQL Report errors , This is the order number generated by placing an order to obtain the serial number , because MySQ No sequence , With a function to achieve . I use navicat Executed for a while , Found that the return is null, I feel the problem is a little serious , The customer has been complaining , Go back quickly .

SELECT mvnoNextval('mvno_sequence') from dual;

Continue to verify , Check out the implementation of this function

show create function mvnoNextval;

And found that [email protected] I checked the information on the Internet , Find out definer This value does not restrict the permissions invoked by functions and stored procedures , But it will restrict the access of functions and stored procedures to the database .

About definer and invoker The explanation of When creating a stored procedure, you can specify SQL SECURITY attribute , Set to DEFINER perhaps INVOKER, To inform mysql When executing stored procedures ,, In order to DEFINER To execute , Or execute with the permission of the caller .

By default , Use DEFINER The way , At this point, the user who calls the stored procedure must have the EXECUTE jurisdiction , also DEFINER The specified user must be in mysql.user Users present in the table .

DEFINER In mode , Default DEFINER=CURRENT_USER, When the stored procedure executes ,mysql Will check the DEFINER Defined users 'user_name'@'host_name' Authority ;

INVOKER In mode , When the stored procedure executes , Checks the permissions of the stored procedure caller . from:https://my.oschina.net/u/1424662/blog/485118

Now it needs to be solved definer The problem of , modify definer.

modify function、procedure Of definer

select definer from mysql.proc;  --  function 、 stored procedure 
update mysql.proc set definer='[email protected]'; --  If you have a limited number of libraries or anything, you can add where Conditions 

modify event Of definer

select DEFINER from mysql.EVENT; --  Timing events 
update mysql.EVENT set definer=' [email protected] ';

modify view Of definer

 comparison function It's a bit of a hassle :
select DEFINER from information_schema.VIEWS; 
select concat("alter DEFINER=`user`@`localhost` SQL SECURITY DEFINER VIEW ",TABLE_SCHEMA,".",TABLE_NAME," as ",VIEW_DEFINITION,";") from information_schema.VIEWS where DEFINER<>'[email protected]'; 
 Just execute the query statement again .

modify trigger Of definer

 At present, there is no specific and convenient method , The tool end can be used HeidiSQL、sqlyog Wait for a change . Note that it is necessary to lock the watch before modification , Because if there are other table changes in the process of change, trigger , It will cause data inconsistency .
Flush tables with readlock
Unlock tables
PlantUML Assignment2  Branch and bound problem 

After this lesson , Find yourself right MySQL My understanding is still not enough , Still need to continue to learn !

Copyright: use Creative Commons signature 4.0 International license agreement to license Links:https://lixj.fun/archives/ Record today's fault

原网站

版权声明
本文为[Li_ XiaoJin]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/161/202206101959594474.html