Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: 10.1
-
Fix Version/s: N/A
-
Component/s: Encryption, Plugins
-
Labels:None
-
Sprint:10.1.8-4
Description
When file_key_management plugin is linked statically, it is enabled by default, which of course causes ugly (even though non-fatal) errors on bootstrap and server startup, because the plugin is not configured.
It should either be disallowed to link it statically at all, or it should be disabled by default, something similar to feedback plugin
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc
index 6d8268e..1d2e2d8 100644
--- a/sql/sql_plugin.cc
+++ b/sql/sql_plugin.cc
@@ -211,6 +211,7 @@
/* we disable few other plugins by default */
,{ "feedback", PLUGIN_OFF }
+ ,{ "file_key_management", PLUGIN_OFF }
};
/* support for Services */
Gliffy Diagrams
Attachments
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
The problem is that the file_key_management plugin requires a mandatory option (key file), and if it's not there, it causes a set of errors. It's one thing when a user enabled plugin explicitly but did not configure it properly, and quite another when they had nothing to do with the plugin and it just started throwing scary messages.
2015-09-30 12:58:52 140256084612960 [ERROR] mysqld: File '' not found (Errcode: 2 "No such file or directory") 2015-09-30 12:58:52 140256084612960 [ERROR] Plugin 'file_key_management' init function returned error. 2015-09-30 12:58:52 140256084612960 [ERROR] Plugin 'file_key_management' registration as a ENCRYPTION failed.
We should not link with file_key_management plugin statically in our release binaries.
But plugin supports static linking and if someone wants to link it statically in his custom build — sure, he can do that. And deal with warnings.
I'd say current behavior is "as intended".
Based on discussion, closing.
What bad exactly could happen now that innodb-encrypt-tables=OFF by default and if I correctly understand all the rest encryption configuration variables are also OFF by default ?