diff --git a/defaults/main.yml b/defaults/main.yml index e5bac9b1..f0dbfcca 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -43,7 +43,7 @@ galera_mariadb_server_package: "{{ _galera_mariadb_server_package }}" # The major version used to select the repo URL path galera_major_version: 10.5 -galera_minor_version: 8 +galera_minor_version: 9 # Set the URL for the MariaDB repository galera_repo_host: "downloads.mariadb.com" diff --git a/handlers/galera_upgrade_hook.yml b/handlers/galera_upgrade_hook.yml new file mode 100644 index 00000000..eb32ec56 --- /dev/null +++ b/handlers/galera_upgrade_hook.yml @@ -0,0 +1,39 @@ +--- +# Copyright 2021, City Network International AB +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Start mysql_safe instance + command: mariadbd-safe --skip-grant-tables --skip-networking + async: 300 + poll: 0 + +- name: Get current root permissions + community.mysql.mysql_query: + login_unix_socket: "{{ galera_unix_socket }}" + query: select Priv from mysql.global_priv where User = 'root' and Host = 'localhost' + retries: 10 + delay: 2 + register: maria_root_priv + until: maria_root_priv is success + +- name: Fixing root access permissions + community.mysql.mysql_query: + login_unix_socket: "{{ galera_unix_socket }}" + query: UPDATE mysql.global_priv SET Priv = %(priv)s where User = 'root' and Host = 'localhost' + named_args: + priv: "{{ maria_root_priv['query_result'][0][0]['Priv'] | replace('274877906943', '549755813887') | string }}" + when: "'549755813887' not in maria_root_priv['query_result'][0][0]['Priv']" + +- name: Stop mysql_safe + command: mysql -e shutdown diff --git a/handlers/main.yml b/handlers/main.yml index 0ee2005b..d06c32bb 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -58,6 +58,16 @@ - galera_install_server | bool - not galera_cluster_ready | bool +# TODO: Remove this include once MariaDB bug will be resolved +# https://jira.mariadb.org/browse/MDEV-25030 +- name: Fix root user permissions during upgrade + include_tasks: handlers/galera_upgrade_hook.yml + listen: Bootstrap cluster + when: + - galera_install_server | bool + - galera_upgrade | bool + - inventory_hostname == galera_server_bootstrap_node + - name: Start new cluster command: /usr/local/bin/galera_new_cluster failed_when: not start_new_cluster.rc in [0, 3] diff --git a/releasenotes/notes/galera_upgrade_bug-88faad86f94d4f26.yaml b/releasenotes/notes/galera_upgrade_bug-88faad86f94d4f26.yaml new file mode 100644 index 00000000..3c5b0ed4 --- /dev/null +++ b/releasenotes/notes/galera_upgrade_bug-88faad86f94d4f26.yaml @@ -0,0 +1,7 @@ +--- +upgrade: + - | + MariaDB version 10.5.9 is know to have `bug `_ + which results in broken root permissions after upgrade. We have implemented + a workarond for it which will be triggered automatically. This note + is informative only.