Bug 172775

Summary: Replication seems to corrupt hosts cache
Product: [Fedora] Fedora Reporter: Andrew Stribblehill <a.d.stribblehill>
Component: mysqlAssignee: Tom Lane <tgl>
Status: CLOSED UPSTREAM QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4CC: hhorak
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: x86_64   
OS: Linux   
URL: http://bugs.mysql.com/bug.php?id=13659
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-11-09 18:30:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Andrew Stribblehill 2005-11-09 16:05:41 UTC 
Description of problem:
I'm using replication and the MySQL servers are occasionally caching the wrong
values for hostnames (see URL). It appears that all the users who reported the
bug to MySQL are Red Hat users.

Version-Release number of selected component (if applicable):
mysql-server-4.1.14-1.FC4.1

How reproducible:
sometimes

Steps to Reproduce:
1.Set up replication
2.access master from many hosts (sorry this is vague)
3.watch for inconsistencies: make a connection from foo.example.com and do
SELECT USER();
  
Actual results:
notice that it says user.com

Expected results:
user.com

Additional info:

Problem goes away when we disable the MySQL host cache.

$ grep hosts /etc/nsswitch.conf
hosts:   dns nis [NOTFOUND=return] files

Nothing freaky in /etc/hosts

$ ypcat hosts
127.0.0.1       localhost loghost
129.234.4.13    timehost
129.234.4.78    nsrhost
127.0.0.1       localhost loghost

The DNS entries don't change (!)

getent hosts foo.example.com and its IP works fine.

Running NSCD but I've had this problem with NSCD turned off too.

ObSecurity:
I assert that this is a possible security problem because many sites use
host-based MySQL access control rules. It certainly caused me a denial of
service when the replication master had the wrong value for the replication slave.
Comment 1 Tom Lane 2005-11-09 16:26:35 UTC 
You should file this with www.mysql.com; it's unlikely that I'd be able to find
the problem.  Nor do I see any reason to think it's a Red Hat rather than MySQL
bug.
Comment 2 Andrew Stribblehill 2005-11-09 16:55:28 UTC 
I'm sorry, I was sure I'd filled in the URL field that showed the MySQL bug
(http://bugs.mysql.com/bug.php?id=13659). The reason I've filed it with Red Hat
as well is:

  * each of the reporters has been running a Red Hat distribution of some form
  * MySQL AB don't think it's their bug (though they haven't told us why yet,
admittedly).

<sigh> I guess I'll go and chase MySQL a bit more...
Comment 3 Tom Lane 2005-11-09 18:30:21 UTC 
Ah, I missed the link to an upstream bug report.  I see that the latest comment
there acknowledges that it probably is a MySQL bug.  I'm going to close this
entry as being filed upstream; but feel free to reopen this report if it does
turn out to be Red Hat specific, or if MySQL provide a fix in a future update.