Details
-
Bug
-
Resolution: Fixed
-
Critical
-
5.0.0
-
Mixed node cluster: 4.6.1-3652 to 5.0.0-3088
-
Untriaged
-
Unknown
Description
1. create a 2node cluster with following configuration:
a. 1 node with 4.6.1-3652 having kv,index and n1ql on it.
b. second node with 5.0.0-3088 having kv,index and n1ql on it.
2. create a bucket bucket0 with password as password and bucket bucket1 with password as password1.
3. Enable pam authentication on node with version 4.6.1-3652.
4. create a user hello with role bucket_admin on bucket-1 as shown in screenshot.
5. Add password to user hello through pam:
[root@localhost bin]# useradd hello
[root@localhost bin]# passwd hello
6. Try the following grant command to hello as:
cbq> grant bucket_admin on `bucket0` to hello;
|
{
|
"requestID": "45187163-450b-4c9c-9405-d7a2ec6cf38b", |
"errors": [ |
{
|
"code": 3000, |
"msg": "syntax error - at grant" << This is correct error message >> |
}
|
],
|
"status": "fatal", |
"metrics": { |
"elapsedTime": "397.654µs", |
"executionTime": "322.654µs", |
"resultCount": 0, |
"resultSize": 0, |
"errorCount": 1 |
}
|
}
|
cbq> grant bucket_admin on `bucket0` to hello;
|
{
|
"requestID": "ad04bee2-c6e1-468e-a1a7-b73003839a13", |
"signature": null, |
"results": [ |
],
|
"errors": [ |
{
|
"code": 13014, |
"msg": "User does not have credentials to access privilege cluster.admin!write. Add role Admin to allow the query to run." |
}
|
],
|
"status": "stopped", |
"metrics": { |
"elapsedTime": "7.454408ms", |
"executionTime": "7.390399ms", |
"resultCount": 0, |
"resultSize": 0, |
"errorCount": 1 |
}
|
}
|
|
7. Give user hello admin permissions also through UI as shown in screenshot.
8. Try grant command again as:
cbq> grant bucket_admin on `bucket0` to hello;
|
{
|
"requestID": "ad04bee2-c6e1-468e-a1a7-b73003839a13", |
"signature": null, |
"results": [ |
],
|
"errors": [ |
{
|
"code": 13014, |
"msg": "User does not have credentials to access privilege cluster.admin!write. Add role Admin to allow the query to run." |
}
|
],
|
"status": "stopped", |
"metrics": { |
"elapsedTime": "7.454408ms", |
"executionTime": "7.390399ms", |
"resultCount": 0, |
"resultSize": 0, |
"errorCount": 1 |
}
|
}
|
|
User hello has already been given admin permission.
Grant should not be allowed in mixed node cluster