0

My privileges seem to be broken all round since enabling log_bin_trust_function_creators on GCP Cloud SQL

I needed a trigger, which they don't allow at all with Binary Logging (which is enabled). So I enabled that flag, because the insert trigger is deterministic + very simple, therefore safe for binary logging

As soon as the flag was set I was thrown a error, not anymore that "triggers were blocked full stop/try the flag etc", but now a pure user privileges error.

Then I realised that I couldn't view tables anymore. Not even the user tables! Even when logged in as root!

And all I did was enable that flag...

I disabled the flag and removed. I even rebooted.

Still locked out.

I am not replicating, but added that tag because of the link with binary logging

Paniiiiic!

I have a backup, will have lost a day's work :(

RR44
  • 1
  • I now see that then root % user has had its permissions cut by the managed service to just USAGE, meaning no privileges... The root localhost user has all privs... But I can't run from that on this managed service and there. Thankfully I have another user with admin rights. But what a mess from just changing that flag! – RR44 May 16 '22 at 19:37

0 Answers0