search

nextcloud / updater

:arrows_counterclockwise: The updater app to keep your Nextcloud up-to-date
GNU Affero General Public License v3.0
46 stars 32 forks source link

Check DB privileges #83

Open nickvergessen opened 7 years ago

nickvergessen commented 7 years ago

Original reported by @kehugter in https://github.com/nextcloud/server/issues/2870

I keep my DB user with minimum privileges during normal usage for security reasons. The update using the updater app failed because of missing DROP and INDEX privileges.

Steps to reproduce

  1. Update using the updater app. Finish the first part successfully
  2. Return to the main site to finish updating the database
  3. Update fails because of missing DB privilleges

Expected behaviour

During the sanity check, the user is warned about insufficient DB privileges.

Actual behaviour

No DB privileges check is done, user gets an error message after the Nextcould instance is unusable.

Server configuration

Operating system: Debian 8.6 Web server: nginx Database: mysql PHP version: 5.6.29 Nextcloud version: (see Nextcloud admin page) 10.0.2 Updated from an older Nextcloud/ownCloud or fresh install: Updated from Nextcloud 10.0.1 Where did you install Nextcloud from: tar archive

ghost commented 7 years ago

Thanks for migrating, I didn't see this repo.

ALTER could be added to the list of privileges needed specifically for updates.

joshtrichards commented 6 months ago

No DB privileges check is done, user gets an error message after the Nextcould instance is unusable

The Updater just deploys code. This would have to happen either when occ upgrade runs (which is already after the new code is fully deployed). Or something similar to what's proposed here maybe for an early check of DB stuff in the same manner as proposed for apps (versus waiting until code deployment has already happened):

https://github.com/nextcloud/updater/issues/401#issuecomment-2073087716