Skip to content

Unused mysql privileges required even if not used/not needed at all #8616

Closed
@arekm

Description

@arekm

magento 2.1.1 reports:

Database user does not have enough privileges. Please make sure SELECT, INSERT,
UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, 
CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, 
CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, 
EVENT, TRIGGER privileges are granted to table ...

From looking at
9e8fc42
it seems that someone simply replaced "ALL PRIVILEGES" with list of all possible privileges even if magento2 doesn't use/need some of these.

For example "REFERENCES" privilege. According to mysql docs:
https://dev.mysql.com/doc/refman/5.6/en/privileges-provided.html#priv_references

The REFERENCES privilege is unused before MySQL 5.6.22. As of 5.6.22, creation of a foreign key constraint requires at least one of the SELECT, INSERT, UPDATE, DELETE, or REFERENCES privileges for the parent table.

Notice the "OR". So if db user has one of SELECT, INSERT, UPDATE, DELETE (which will be true for magento2 case) it doesn't need REFERENCES privilege.

Also tried to find out where EVENT is used but I failed to find code that uses mysql events in magento2 sources.

What should happen? Unused privileges like REFERENCES, EVENT should be dropped from requirements list.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Fixed in 2.2.xThe issue has been fixed in 2.2 release lineIssue: Format is not validGate 1 Failed. Automatic verification of issue format is failed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions