Save As MySQL is crashing gnucash

John Ralls jralls at ceridwen.us
Fri Nov 26 15:14:01 EST 2010 

On Nov 26, 2010, at 11:51 AM, Phil Longstaff wrote:

> That's not quite OK.  If a new version of gnucash is released which requires a 
> changed db schema, gnucash will try to automatically add new columns and 
> constraints.  This might mean we will need to package schema upgrades as a 
> separate utility to be run by the dba.
> 
> An example of this is that in the future, we will probably add real foreign key 
> constraints to the db.
> 
> Phil
> ---------
> I used to be a hypochondriac AND a kleptomaniac. So I took something for it.
> 
> 
> 
> 
> ________________________________
> From: John Ralls <jralls at ceridwen.us>
> To: Peter Boosten <peter at boosten.org>
> Cc: gnucash-user at gnucash.org
> Sent: Fri, November 26, 2010 1:50:30 PM
> Subject: Re: Save As MySQL is crashing gnucash
> 
> 
> On Nov 26, 2010, at 10:09 AM, Peter Boosten wrote:
> 
>> On 26-11-2010 16:39, John Ralls wrote:
>>> 
>>> Not quite. Users must be created by a superuser, but can be delegated the 
>>> create-db privilege, 
>>> 
>>> and gnucash will work best if the userid used to access mysql (or
>> postgres) has that
>>> privilege.
>> 
>> Yes, from the lazy-perspective (user friendly?) you are right, but from
>> a security point of view this is so NOT done. You never ever want a user
>> (in this case even an application user) to have create (or drop)
>> privileges (db or table).
> 
> That's OK. In that kind of an environment, the initial "save as" just needs to 
> be performed by the DBA, providing her credentials. After that she can, from the 
> appropriate DBA console program (psql or mysql), create the user(s) and change 
> the ownership and privs to whatever the local policies are. That's a bit much 
> for home and most small business users, though.


Good point, I hadn't thought of that. 

Gut won't it be sufficient to warn in the "NEWS" (as well as the release notes, but not everyone reads those, unfortunately) that a DBA will have to open all databases using her credentials one time after upgrading if the user doesn't have create table privs?

I think that this is a pretty tiny corner case, considering that both MySql and Postgresql create users with create table privs by default, and that very few of our users are likely to have a DBA at all, never mind one who locks out normal users from create table. We just need to make sure that GC fails gracefully with a nice friendly "Don't Panic" button.

Regards,
John Ralls

More information about the gnucash-user mailing list