From d505bba1ca42e447925faa4f4d042d8378b77980 Mon Sep 17 00:00:00 2001 From: Clinton Ebadi Date: Sat, 6 Nov 2021 14:47:36 -0400 Subject: [PATCH] mysql: grant users ALL perms on their dbs, remove mysql-fixperms Users were not given DROP permissions at the database level since that came with the risk of the user dropping their own database, with DROP permissions for individual tables granted by mysql-fixperms. This safeguard unfortunately breaks most software since installation and migration scripts usually assume a database wide grant has been issued and they can use SQL like "DROP TABLE ... IF EXISTS". Given this reality, grant users ALL permissions to their database. Regular backups are critical, and can mitigate the risk as best as it can be. --- Makefile | 10 +--------- src/main-mysql-fixperms.sml | 24 ------------------------ src/main.sig | 2 -- src/main.sml | 27 --------------------------- src/msg.sml | 4 ++-- src/msgTypes.sml | 2 +- src/plugins/domtool-mysql | 4 ++-- 7 files changed, 6 insertions(+), 67 deletions(-) delete mode 100644 src/main-mysql-fixperms.sml diff --git a/Makefile b/Makefile index efa01a6..1f1d55b 100644 --- a/Makefile +++ b/Makefile @@ -31,7 +31,7 @@ config.sml: mlton: bin/domtool-server bin/domtool-client bin/domtool-slave \ bin/domtool-admin bin/domtool-doc bin/dbtool bin/vmail \ - bin/smtplog bin/setsa bin/mysql-fixperms bin/webbw bin/domtool-tail \ + bin/smtplog bin/setsa bin/webbw bin/domtool-tail \ bin/fwtool bin/domtool-config bin/domtool-portal smlnj: $(COMMON_DEPS) openssl/smlnj/FFI/libssl.h.cm pcre/smlnj/FFI/libpcre.h.cm \ @@ -113,10 +113,6 @@ src/smtplog.mlb: src/prefix.mlb src/sources src/suffix.mlb $(MAKE_MLB_BASE) >src/smtplog.mlb echo "main-smtplog.sml" >>src/smtplog.mlb -src/mysql-fixperms.mlb: src/prefix.mlb src/sources src/suffix.mlb - $(MAKE_MLB_BASE) >src/mysql-fixperms.mlb - echo "main-mysql-fixperms.sml" >>src/mysql-fixperms.mlb - src/fwtool.mlb: src/prefix.mlb src/sources src/suffix.mlb $(MAKE_MLB_BASE) >src/fwtool.mlb echo "main-fwtool.sml" >>src/fwtool.mlb @@ -204,9 +200,6 @@ bin/setsa: $(COMMON_MLTON_DEPS) src/setsa.mlb bin/smtplog: $(COMMON_MLTON_DEPS) src/smtplog.mlb $(MLTON) -output bin/smtplog src/smtplog.mlb -bin/mysql-fixperms: $(COMMON_MLTON_DEPS) src/mysql-fixperms.mlb - $(MLTON) -output bin/mysql-fixperms src/mysql-fixperms.mlb - bin/fwtool: $(COMMON_MLTON_DEPS) src/fwtool.mlb $(MLTON) -output bin/fwtool src/fwtool.mlb @@ -254,7 +247,6 @@ install: install_sos -cp bin/vmail /usr/local/bin/ -cp bin/setsa /usr/local/bin/ -cp bin/smtplog /usr/local/bin/ - -cp bin/mysql-fixperms /usr/local/bin/ -cp bin/vmailpasswd /usr/local/bin/ -cp bin/webbw /usr/local/sbin/ -cp bin/domtool-tail /usr/local/bin/ diff --git a/src/main-mysql-fixperms.sml b/src/main-mysql-fixperms.sml deleted file mode 100644 index 1e49f0f..0000000 --- a/src/main-mysql-fixperms.sml +++ /dev/null @@ -1,24 +0,0 @@ -(* HCoop Domtool (http://hcoop.sourceforge.net/) - * Copyright (c) 2007, Adam Chlipala - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - *) - -(* Driver for requesting MySQL DROP permission granting *) - -val _ = - case CommandLine.arguments () of - [] => Main.requestMysqlFixperms () - | _ => print "Invalid command-line arguments\n" diff --git a/src/main.sig b/src/main.sig index bea8247..ffee519 100644 --- a/src/main.sig +++ b/src/main.sig @@ -77,8 +77,6 @@ signature MAIN = sig val requestSmtpLog : string -> unit - val requestMysqlFixperms : unit -> unit - val requestApt : {node : string, pkg : string} -> OS.Process.status val requestAptExists : {node : string, pkg : string} -> OS.Process.status val requestCron : {node : string, uname : string} -> OS.Process.status diff --git a/src/main.sml b/src/main.sml index dfe0bd5..c6272f2 100644 --- a/src/main.sml +++ b/src/main.sml @@ -754,23 +754,6 @@ fun requestSmtpLog domain = OpenSSL.close bio end -fun requestMysqlFixperms () = - let - val (_, context) = requestContext (fn () => ()) - val bio = OpenSSL.connect true (context, - Config.Dbms.dbmsNode ^ ":" ^ Int.toString Config.slavePort) - in - Msg.send (bio, MsgMysqlFixperms); - case Msg.recv bio of - NONE => print "Server closed connection unexpectedly.\n" - | SOME m => - case m of - MsgOk => print "Permissions granted.\n" - | MsgError s => print ("Failed: " ^ s ^ "\n") - | _ => print "Unexpected server reply.\n"; - OpenSSL.close bio - end - fun requestApt {node, pkg} = let val (user, context) = requestContext (fn () => ()) @@ -1847,16 +1830,6 @@ fun slave () = ("Invalid database name " ^ user ^ "_" ^ dbname, SOME ("Invalid database name " ^ dbname))) (fn () => ()) - | MsgMysqlFixperms => - (print "Starting mysql-fixperms\n"; - doIt (fn () => if OS.Process.isSuccess - (OS.Process.system "/usr/bin/sudo -H /afs/hcoop.net/common/etc/scripts/mysql-grant-table-drop") then - ("Requested mysql-fixperms", - NONE) - else - ("Requested mysql-fixperms, but execution failed!", - SOME "Script execution failed.")) - (fn () => ())) | MsgFirewallRegen => doIt (fn () => (Acl.read Config.aclFile; if Acl.query {user = user, class = "priv", value = "all"} then diff --git a/src/msg.sml b/src/msg.sml index eb04648..23ec652 100644 --- a/src/msg.sml +++ b/src/msg.sml @@ -238,7 +238,7 @@ fun send (bio, m) = | MsgGrantDb {dbtype, dbname} => (OpenSSL.writeInt (bio, 37); OpenSSL.writeString (bio, dbtype); OpenSSL.writeString (bio, dbname)) - | MsgMysqlFixperms => OpenSSL.writeInt (bio, 38) + (* | MsgMysqlFixperms => OpenSSL.writeInt (bio, 38) *) | MsgDescribe dom => (OpenSSL.writeInt (bio, 39); OpenSSL.writeString (bio, dom)) | MsgDescription s => (OpenSSL.writeInt (bio, 40); @@ -365,7 +365,7 @@ fun recv bio = (SOME dbtype, SOME dbname) => SOME (MsgGrantDb {dbtype = dbtype, dbname = dbname}) | _ => NONE) - | 38 => SOME MsgMysqlFixperms + (* | 38 => SOME MsgMysqlFixperms *) | 39 => Option.map MsgDescribe (OpenSSL.readString bio) | 40 => Option.map MsgDescription (OpenSSL.readString bio) | 41 => SOME MsgReUsers diff --git a/src/msgTypes.sml b/src/msgTypes.sml index c815960..aece410 100644 --- a/src/msgTypes.sml +++ b/src/msgTypes.sml @@ -125,7 +125,7 @@ datatype msg = (* MsgRegenerate without actual publishing of configuration *) | MsgGrantDb of {dbtype : string, dbname : string} (* Grant all allowed privileges on a DBMS database to the user *) - | MsgMysqlFixperms + (* | MsgMysqlFixperms *) (* Run the script to grant DROP privileges on MySQL tables to owning users *) | MsgDescribe of string (* Ask for a listing of all of a domain's real configuration *) diff --git a/src/plugins/domtool-mysql b/src/plugins/domtool-mysql index b3690ff..0d1710e 100755 --- a/src/plugins/domtool-mysql +++ b/src/plugins/domtool-mysql @@ -32,7 +32,7 @@ case $1 in chmod 770 $DIR/$DBNAME ln -sf $DIR/$DBNAME /var/lib/mysql/$DBNAME chmod g+rw -R $DIR/$DBNAME/ - sudo -H mysql -e "GRANT CREATE,CREATE TEMPORARY TABLES,SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE VIEW,SHOW VIEW,LOCK TABLES,GRANT OPTION ON TABLE * TO '$USERNAME'@$WHERE;" $DBNAME + sudo -H mysql -e "GRANT ALL ON TABLE * TO '$USERNAME'@$WHERE WITH GRANT OPTION;" $DBNAME sudo -H mysql -e "FLUSH PRIVILEGES;" ;; @@ -50,7 +50,7 @@ case $1 in DBNAME_BASE=$3 DBNAME="${USERNAME}_${DBNAME_BASE}" - sudo -H mysql -e "GRANT CREATE,SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE VIEW,SHOW VIEW,LOCK TABLES,GRANT OPTION ON TABLE * TO '$USERNAME'@$WHERE;" $DBNAME + sudo -H mysql -e "GRANT ALL ON TABLE * TO '$USERNAME'@$WHERE WITH GRANT OPTION;" $DBNAME ;; *) -- 2.20.1