Page MenuHomePhabricator

Having lots of accounts with separate grants makes auditing difficult.
Closed, ResolvedPublic

Description

Our database account/permissions generation has a lot of issues as noted in T140832. This is mostly user facing / user impacting. One issue that primarily administrative is the madness of thousands of user accounts with individual grants. These are difficult to audit, reason about, investigate, and ensure consistency.

Beginning with mariadb 10.0.5 we can possibly use the roles idiom https://mariadb.com/kb/en/mariadb/roles-overview/ to create a consistent grant for all users. This seems made for our many users with the same permissions use case.

Event Timeline

chasemp triaged this task as Medium priority.Jul 22 2016, 1:36 PM
chasemp created this task.
Danny_B removed a subscriber: Danny_B.Jul 23 2016, 2:28 AM
jcrespo closed this task as Resolved.Feb 14 2017, 3:10 PM
jcrespo claimed this task.

This is now done- users are handled with roles + accounts are handled on a database. Resolving myself, although most of the work was done my Yuvi.