Subject: rsyslog-mysql: rsyslog mysql user has too many privileges Package: rsyslog-mysql Version: 3.18.6-4 Severity: normal
*** Please type your report below this line *** The rsyslog documentation states the following (in /usr/share/doc/rsyslog-doc/html/rsyslog_mysql.html): If you have modified the default, use your name here. Database-userid and -password are the credentials used to connect to the database. As they are stored in clear text in rsyslog.conf, that user should have only the least possible privileges. It is sufficient to grant it INSERT privileges to the systemevents table, only. However, when I look at the permissions in MySQL, I see: mysql> show grants for rsys...@localhost; +----------------------------------------------------------------------------------------------------------------+ | Grants for rsys...@localhost | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'rsyslog'@'localhost' IDENTIFIED BY PASSWORD '*blahblahpasswordremoved' | | GRANT ALL PRIVILEGES ON `Syslog`.* TO 'rsyslog'@'localhost' | +----------------------------------------------------------------------------------------------------------------+ I would prefer giving INSERT privileges to this user (or another called rsyslog_logger) and then if necessary having a saparate user which can do selects on the database. - Paul -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages rsyslog-mysql depends on: ii dbconfig-common 1.8.39 common framework for packaging dat ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libc6 2.7-18 GNU C Library: Shared libraries ii libmysqlclient15off 5.0.51a-24+lenny1 MySQL database client library ii rsyslog 3.18.6-4 enhanced multi-threaded syslogd ii ucf 3.0016 Update Configuration File: preserv Versions of packages rsyslog-mysql recommends: ii mysql-server 5.0.51a-24+lenny1 MySQL database server (metapackage ii mysql-server-5.0 [mysq 5.0.51a-24+lenny1 MySQL database server binaries rsyslog-mysql suggests no packages. -- debconf information: rsyslog-mysql/remote/port: rsyslog-mysql/database-type: mysql rsyslog-mysql/upgrade-error: abort rsyslog-mysql/install-error: abort rsyslog-mysql/remote/newhost: rsyslog-mysql/internal/skip-preseed: false rsyslog-mysql/remote/host: * rsyslog-mysql/dbconfig-install: true rsyslog-mysql/upgrade-backup: true rsyslog-mysql/dbconfig-remove: rsyslog-mysql/internal/reconfiguring: false rsyslog-mysql/missing-db-package-error: abort rsyslog-mysql/db/dbname: Syslog rsyslog-mysql/mysql/admin-user: root rsyslog-mysql/mysql/method: unix socket rsyslog-mysql/dbconfig-reinstall: false rsyslog-mysql/purge: false rsyslog-mysql/passwords-do-not-match: rsyslog-mysql/db/app-user: rsyslog rsyslog-mysql/remove-error: abort rsyslog-mysql/dbconfig-upgrade: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
