--source include/have_plugin_auth.inc --source include/not_embedded.inc if (!$SERVER_AUDIT_SO) { skip No SERVER_AUDIT plugin; } # An unfortunate wait for check-testcase.test to complete disconnect. let count_sessions= 1; source include/wait_until_count_sessions.inc; let $MYSQLD_DATADIR= `SELECT @@datadir`; let SEARCH_FILE= $MYSQLD_DATADIR/server_audit.log; install plugin server_audit soname 'server_audit'; show variables like 'server_audit%'; set global server_audit_file_path=null; set global server_audit_incl_users=null; set global server_audit_file_path='server_audit.log'; set global server_audit_output_type=file; set global server_audit_logging=on; --error ER_WRONG_VALUE_FOR_VAR set global server_audit_incl_users= repeat("'root',", 10000); show variables like 'server_audit_incl_users'; --error ER_WRONG_VALUE_FOR_VAR set global server_audit_excl_users= repeat("'root',", 10000); show variables like 'server_audit_excl_users'; let SEARCH_COUNT= 5; source include/wait_for_line_count_in_file.inc; connect (con1,localhost,root,,mysql); disconnect con1; let SEARCH_COUNT= 7; source include/wait_for_line_count_in_file.inc; --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR connect (con1,localhost,no_such_user,,mysql); let SEARCH_COUNT= 9; source include/wait_for_line_count_in_file.inc; connection default; set global server_audit_incl_users='odin, dva, tri'; create table t1 (id int); set global server_audit_incl_users='odin, root, dva, tri'; create table t2 (id int); set global server_audit_excl_users='odin, dva, tri'; insert into t1 values (1), (2); select * from t1; set global server_audit_incl_users='odin, root, dva, tri'; insert into t2 values (1), (2); select * from t2; alter table t1 rename renamed_t1; set global server_audit_events='connect,query'; select 1, 2, # comment 3; insert into t2 values (1), (2); select * from t2; --disable_ps_protocol --error ER_NO_SUCH_TABLE select * from t_doesnt_exist; --enable_ps_protocol --error 1064 syntax_error_query; drop table renamed_t1, t2; show variables like 'server_audit%'; set global server_audit_mode=1; set global server_audit_events=''; create database sa_db; let SEARCH_COUNT= 47; source include/wait_for_line_count_in_file.inc; connect (con1,localhost,root,,test); create table t1 (id2 int); insert into t1 values (1), (2); select * from t1; drop table t1; use sa_db; create table sa_t1(id int); insert into sa_t1 values (1), (2); drop table sa_t1; drop database sa_db; disconnect con1; let SEARCH_COUNT= 80; source include/wait_for_line_count_in_file.inc; connection default; create database sa_db; use sa_db; CREATE USER u1 IDENTIFIED BY 'pwd-123'; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; SET PASSWORD FOR u1 = PASSWORD('pwd 098'); CREATE USER u3 IDENTIFIED BY ''; ALTER USER u3 IDENTIFIED BY 'pwd-456'; drop user u1, u2, u3; set global server_audit_events='query_ddl'; create table t1(id int); insert into t1 values (1), (2); select * from t1; select 2; (select 2); /*! select 2*/; /*comment*/ select 2; drop table t1; create procedure pr1() insert into test.t1 values ("foo", 42); create function fn1(i int) returns int deterministic return i+1; drop procedure pr1; drop function fn1; set global server_audit_events='query_ddl,query_dml'; create table t1(id int); insert into t1 values (1), (2); select * from t1; select 2; drop table t1; set global server_audit_events='query_dml'; create table t1(id int); insert into t1 values (1), (2); select * from t1; select 2; (select 2); /*! select 2*/; /*comment*/ select 2; drop table t1; set global server_audit_events='query_dcl'; create table t1(id int); insert into t1 values (1), (2); select * from t1; CREATE USER u1 IDENTIFIED BY 'pwd-123'; GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321"; SET PASSWORD # comment FOR u1 = PASSWORD('pwd 098'); --error 1064 SET PASSWORD FOR u1=; CREATE USER u3 IDENTIFIED BY ''; drop user u1, u2, u3; select 2; (select 2); /*! select 2*/; /*comment*/ select 2; drop table t1; set global server_audit_events='query_dml_no_select'; create table t1(id int); insert into t1 values (1), (2); select * from t1; select 2; drop table t1; create procedure pr1() insert into test.t1 values ("foo", 42); create function fn1(i int) returns int deterministic return i+1; drop procedure pr1; drop function fn1; create procedure pr1() insert into test.t1 values ("foo", 42); create function fn1(i int) returns int deterministic return i+1; drop procedure pr1; drop function fn1; set global server_audit_events='table'; set global server_audit_incl_users='user1'; create user user1@localhost; grant all on sa_db.* to user1@localhost; connect (cn1,localhost,user1,,sa_db); connection cn1; create table t1(id int) engine=myisam; insert delayed into t1 values (1); connection default; --echo # Waiting until INSERT DELAYED thread does the insert. let $wait_condition= SELECT COUNT(*) = 1 FROM t1; --source include/wait_condition.inc drop table t1; set global server_audit_logging= off; set global server_audit_incl_users='root'; set global server_audit_logging= on; disconnect cn1; let $count_sessions=1; source include/wait_until_count_sessions.inc; drop user user1@localhost; set global server_audit_events=''; set global server_audit_incl_users='root, plug_dest'; CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; --sleep 2 --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCESS_DENIED_ERROR : this should fail : no grant connect(plug_con,localhost,plug,plug_dest); --sleep 2 GRANT PROXY ON plug_dest TO plug; --sleep 2 connect(plug_con,localhost,plug,plug_dest); connection plug_con; select USER(),CURRENT_USER(); connection default; disconnect plug_con; --sleep 2 --sleep 2 DROP USER plug; DROP USER plug_dest; set global server_audit_query_log_limit= 15; select (1), (2), (3), (4); select 'A', 'B', 'C', 'D'; set global server_audit_query_log_limit= 1024; drop database sa_db; select length('01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789'); set global server_audit_file_path='.'; --replace_regex /\.[\\\/]/HOME_DIR\// show status like 'server_audit_current_log'; set global server_audit_file_path=''; show status like 'server_audit_current_log'; set global server_audit_file_path=' '; show status like 'server_audit_current_log'; set global server_audit_file_path='nonexisting_dir/'; show status like 'server_audit_current_log'; show variables like 'server_audit%'; uninstall plugin server_audit; # replace the timestamp and the hostname with constant values --replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/ cat_file $MYSQLD_DATADIR/server_audit.log; remove_file $MYSQLD_DATADIR/server_audit.log;