Page MenuHomePhabricator
Create Task
Maniphest T86373

MediaWiki should not connect as root database user on MediaWiki-Vagrant
Closed, ResolvedPublic
Actions

Description

On one of our labs-vagrant machines (flow-tests) we started getting a "Too many connections" error ("ERROR 1040 (HY000): Too many connections" on command line, also shown via web).

The normal way to deal with that is to connect on the command-line and kill certain/all connections. To allow this even under a max_connections condition, MySQL reserves a spare connection for the super-user (generally root). See B.5.2.7 Too many connections.

However, under MediaWiki-Vagrant, MW connects as root, defeating the purpose. MediaWiki-Vagrant should set up another database account without SUPER, and use that for the wiki database configuration.

Details

SubjectRepoBranchLines +/-
Don't use MySQL root account for DB connectionmediawiki/vagrantmaster+67 -25
Customize query in gerrit

Related Objects
Search...

Event Timeline

Mattflaschen-WMF created this task.Jan 9 2015, 10:52 PM
Mattflaschen-WMF raised the priority of this task from to Needs Triage.
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF added projects: Labs-Vagrant, MediaWiki-Vagrant.
Mattflaschen-WMF subscribed.
bd808 added subscribers: Manybubbles, bd808.Jan 9 2015, 10:55 PM

The most likely cause of the "Too many connections" error is an out of date HHVM install. @Manybubbles found a bug in October that would cause this and it has since been fixed both upstream and in the WMF HHVM builds using his patch(es).

That being said, setting up proper privilege separation for the wiki code is a great idea. I honestly didn't know that we weren't using an unprivileged user.

Mattflaschen-WMF added a project: acl*security.Jan 9 2015, 10:57 PM
Manybubbles added a comment.Jan 12 2015, 4:03 PM

The most likely cause of the "Too many connections" error is an out of date HHVM install. @Manybubbles found a bug in October that would cause this and it has since been fixed both upstream and in the WMF HHVM builds using his patch(es).

I fixed it upstream and I'm proud of it! Two days of learning GDB to find a resource leak and fix it by moving one line from one function to another. I think they've since rewritten that part of the code to make it obvious though.

dduvall triaged this task as High priority.Jan 14 2015, 6:23 PM
dduvall subscribed.

I wasn't aware of this either. If we're going to be promoting more use of MW-Vagrant in labs, I think we ought to strive for more secure configurations across the board.

Perhaps this refactoring should include random/secure password generation for mysql root, and a more restrictive account for the vagrant user (at least in labs).

dduvall moved this task from Backlog to Upcoming on the MediaWiki-Vagrant board.Jan 14 2015, 6:24 PM
Mattflaschen-WMF unsubscribed.Jan 15 2015, 5:28 AM
bd808 removed a project: Labs-Vagrant.May 27 2015, 10:51 PM
bd808 set Security to None.
Mattflaschen-WMF mentioned this in T121827: Use dedicated $wgFlowCluster and $wgFlowDefaultWikiDb in MediaWiki-Vagrant.Dec 18 2015, 1:32 AM
Mattflaschen-WMF added a parent task: T121827: Use dedicated $wgFlowCluster and $wgFlowDefaultWikiDb in MediaWiki-Vagrant.
Mattflaschen-WMF claimed this task.Dec 18 2015, 6:32 AM
Mattflaschen-WMF added a project: Collaboration-Team-Archive-2015-2016.
gerritbot subscribed.Dec 18 2015, 10:14 PM

Change 260097 had a related patch set uploaded (by Mattflaschen):
WIP: Don't use MySQL root account for DB connection

https://gerrit.wikimedia.org/r/260097

gerritbot added a project: Patch-For-Review.Dec 18 2015, 10:14 PM
Catrope moved this task from Untriaged to Ready for pickup on the Collaboration-Team-Archive-2015-2016 board.Dec 19 2015, 1:22 AM
Mattflaschen-WMF moved this task from Ready for pickup to In Development on the Collaboration-Team-Archive-2015-2016 board.Dec 19 2015, 2:04 AM
Mattflaschen-WMF moved this task from In Development to Needs Review on the Collaboration-Team-Archive-2015-2016 board.Dec 23 2015, 12:11 AM
Restricted Application added a subscriber: Luke081515. · View Herald TranscriptDec 23 2015, 12:11 AM
SBisson moved this task from Needs Review to Code Review Started on the Collaboration-Team-Archive-2015-2016 board.Jan 15 2016, 8:43 PM
gerritbot added a comment.Jan 17 2016, 5:46 AM

Change 260097 merged by jenkins-bot:
Don't use MySQL root account for DB connection

https://gerrit.wikimedia.org/r/260097

bd808 moved this task from Upcoming to Done on the MediaWiki-Vagrant board.Jan 17 2016, 11:06 PM
SBisson moved this task from Code Review Started to QA Review on the Collaboration-Team-Archive-2015-2016 board.Jan 18 2016, 10:08 PM
bd808 closed this task as Resolved.Jan 26 2016, 2:58 AM
chasemp added a project: Security.Feb 10 2020, 10:56 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:16 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL