After merging: https://gerrit.wikimedia.org/r/c/operations/puppet/+/739667 we need to remove the grants from the DB itself.
scholarships lives on m2.
Description
Description
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | None | T243037 Shutdown scholarships.wikimedia.org and archive project | |||
| Restricted Task | |||||
| Resolved | Marostegui | T296166 Remove scholarships grants from m2 |
Event Timeline
Comment Actions
root@db1183.eqiad.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.64.32.26`; Query OK, 0 rows affected (0.001 sec) root@db1183.eqiad.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.64.16.31`; Query OK, 0 rows affected (0.002 sec) root@db1183.eqiad.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.64.0.95`; Query OK, 0 rows affected (0.001 sec) root@db2133.codfw.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.192.0.114`; Query OK, 0 rows affected (0.033 sec) root@db2133.codfw.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.192.16.96`; Query OK, 0 rows affected (0.033 sec) root@db2133.codfw.wmnet[(none)]> REVOKE SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON `scholarships`.* FROM `dump`@`10.192.48.161`; Query OK, 0 rows affected (0.033 sec)
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2021-11-22T06:46:19Z] <marostegui> Revoke dump grants for scholarships database T296166
Comment Actions
Apart from the backup users, all these needs clean up
root@db1183.eqiad.wmnet[(none)]> select user,host from mysql.user where user like 'scholar%'; +------------------+-------------+ | User | Host | +------------------+-------------+ | scholarships | 10.% | | scholarships_app | 10.% | | scholarships | 10.192.16.9 | | scholarships_app | 10.192.16.9 | | scholarships | 10.64.0.135 | | scholarships_app | 10.64.0.135 | | scholarships | 10.64.16.19 | | scholarships_app | 10.64.16.19 | +------------------+-------------+ 8 rows in set (0.002 sec)
Comment Actions
root@db1183.eqiad.wmnet[(none)]> drop user if exists 'scholarships'@'10.192.16.9'; drop user if exists 'scholarships_app'@'10.192.16.9'; Query OK, 0 rows affected (0.002 sec) Query OK, 0 rows affected (0.001 sec)
Comment Actions
root@db1183.eqiad.wmnet[mysql]> drop user if exists 'scholarships'@'10.%'; drop user if exists 'scholarships_app'@'10.%'; Query OK, 0 rows affected (0.002 sec) Query OK, 0 rows affected (0.001 sec) root@db1183.eqiad.wmnet[mysql]> drop user if exists 'scholarships'@'10.64.0.135'; drop user if exists 'scholarships_app'@'10.64.0.135'; Query OK, 0 rows affected (0.002 sec) Query OK, 0 rows affected (0.001 sec) root@db1183.eqiad.wmnet[mysql]>
Only left the active proxy grants - I will get them dropped tomorrow just in case.
Comment Actions
This is all done:
root@db1183.eqiad.wmnet[(none)]> select user,host from mysql.user where user like 'scholar%'; Empty set (0.002 sec) root@db1183.eqiad.wmnet[(none)]>