Bug 1073471
| Summary: | On DB upgrade, readonly user and client custom users losses permissions to db views | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Shirly Radco <sradco> | |
| Component: | ovirt-engine-dwh | Assignee: | Eli Mesika <emesika> | |
| Status: | CLOSED ERRATA | QA Contact: | Barak Dagan <bdagan> | |
| Severity: | high | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 3.3.0 | CC: | aberezin, acathrow, alonbl, bazulay, bdagan, didi, emesika, gklein, iheim, lbopf, pstehlik, Rhev-m-bugs, yeylon, ylavi | |
| Target Milestone: | --- | Keywords: | ZStream | |
| Target Release: | 3.4.0 | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | integration | |||
| Fixed In Version: | rhevm-dwh-3.4.0-10.el6ev.noarch.rpm | Doc Type: | Bug Fix | |
| Doc Text: |
Previously, the read-only user and custom users for the data warehouse database would lose access to views in the database when the database was upgraded. This was caused by the views being regenerated when the database was upgraded and the permissions for those views not being applied to the newly generated views. Now, user permissions are retained when the database is upgraded.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 1078129 (view as bug list) | Environment: | ||
| Last Closed: | 2014-06-09 15:18:34 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1078129, 1084186 | |||
|
Description
Shirly Radco
2014-03-06 13:43:19 UTC
Steps to Reproduce: 1.Install system 2.create user 3.give user permission to a view(doesn't matter which). 4. add upgrade file with "SELECT 1" 5.Run update Actual results: User losses permissions to the view. Expected results: User keeps permissions after upgrade. Barak, I think this needs a z stream flag. Yaniv We need to figure out a solution for this. While it is less severe on the engine, it also affect it. Yaniv it is totally related to dbscripts. current implementation is to drop all views and sps and recreate, hence permissions are dropped. not sure I am the right contact for that. Any update on getting this to 3.3\3.4 dwh? Yaniv (In reply to Yaniv Dary from comment #5) > Any update on getting this to 3.3\3.4 dwh? > > > > Yaniv Needs to meregd first to 3.4.0 Verified upgrading from 3.3.2 to av4 # psql -h "My.3.4.0.Vdc" -d ovirt_engine_history -U readonly -c "select column_name from information_schema.columns limit 2;" Password for user readonly: column_name ------------- tmplname tmpltrusted But it is missing from the new 10-setup-database.conf file: # grep 'DWH_DB' /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf* | grep USER /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf:DWH_DB_USER="engine_history" /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf.20140326100629:DWH_DB_USER=engine_history /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf.20140326100629:DWH_DB_READONLY_USER=readonly *** Bug 1099132 has been marked as a duplicate of this bug. *** Verified on av9.2:
rhevm-3.4.0-0.21.el6ev.noarch
rhevm-dwh-3.4.0-10.el6ev.noarch
rhevm-reports-3.4.0-9.el6ev.noarch
upgraded from is36.3:
rhevm-3.3.3-0.51.el6ev.noarch.rpm
rhevm-dwh-3.3.3-1.el6ev.noarch.rpm
rhevm-reports-3.3.3-1.el6ev.noarch.rpm
[root@vm1 ~]# su - postgres -c "psql -h vm1 -d engine -U engine_history -c 'select 1;'"
Password for user engine_history:
?column?
----------
1
[root@vm1 ~]# su - postgres -c "psql -h vm1 -d ovirt_engine_history -U engine_history -c 'select 1;'"
Password for user engine_history:
?column?
----------
1
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-0601.html |