Hi, Alexey! I think, specify a non-empty DEFINER explicitly. Doesn't matter which one, it's mysql_install_db, so there are few definers that are guaranteed to exist (as they are created by mysql_install_db itself), use one of those, for example, root@localhost. Those procedures are SQL SECURITY INVOKER anyway. On Jun 25, Alexey Botchkov wrote:

I'm in doubts about how this one should be fixed:

https://jira.mariadb.org/browse/MDEV-10119

The story goes like this:

- mysql_install_db script runs 'mysqld --skip-grant-tables'

In this case the 'current_user()' seems to be empty.

- so the CREATE PROCEDURE command in the bootstrap creates the procedure with the empty DEFINER.

- as a result, the 'SHOW CREATE PROCEDURE' returns query started with

'CREATE DEFINER=`` PROCEDURE...',

- that DEFINER=`` gives an error when feed to the server.

That can be fixed on any stage. We can do any of these:

- set some 'current_user()' to be not empty even with the --skip-grant-tables option

- specify some non-empty DEFINER for the CREATE PROCEDURE statement

(in both options it's not that clear what user could that be)

- fix the SHOW CREATE PROCEDURE statement so it doesn't add the errorneous DEFINER=`` to the query.

- make server handling the 'DEFINER=``' with no error. Maybe assigning the 'current_user()' in this case.

So, what can You recommend as a fix in this case?

Best regards. HF

Regards, Sergei Chief Architect MariaDB and security@mariadb.org