On Toolserver, the convention is that databases with names that end with "_p" are publicly readable. This rule should be implemented on Tools as well (replicated databases and tools-db) as otherwise data can't be shared inside the database. Users could then create databases named "u1234__test_p".
Cf. bug #45895 for the same issue on Bots.
Version: unspecified
Severity: normal
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | jcrespo | T50930 Database replication problems - production and labs (tracking) | |||
| Invalid | coren | T51069 Grant read privileges to all users on databases that end with "_p" |
To be more precise: I can connect from other tool accounts (p50380g50440) to p50380g50450__checkwiki_p, but not from my user account (u2267). Now. And maybe yesterday I tested only tools <-> tools? Hmmm.
It should work for everyone's databases and everyone's accounts.
are you talking about tools-db server? that one wasn't affected because it run on gluster
User accounts do not get access to the local (tools-db) database.
They currently get access to the replicas only as a concession to the toolserver use case of "a quick query against production database", and even that I would generally discourage -- access is intended for service groups only in principle.