mysqlaccess

开启mysql的远程连接的方法 mysql-noinstall-5.1.6-alpha-win32.zip

    @res = grep(!/^\Q$delim\E$/, @res);
    # remove trailing \n from each returned record
    chomp(@res); 
    # each record has 1 field to much : ucase_host
    @res = grep { /(.*)\t.*$/; $_ = $1; } @res;

    MySQLaccess::Debug::Print(2,"Result of sorted table $tbl:");
    foreach $line (@res) { MySQLaccess::Debug::Print(2," >>$line"); }
    return @res;
}

# ===========================================================
# sub Get_All_db(template): 
#  return all db the grant-tables are working on,
#  which conform to the template
# ===========================================================
sub Get_All_dbs {
   my ($template,$tmp) = @_;
   my @db=();
   my $aref;

   # working with  temporary tables or production tables
   if (defined($tmp) and $tmp) {
      $aref = \@MySQLaccess::Grant::sorted_db_tmp_table ;
   }
   else {
      $aref = \@MySQLaccess::Grant::sorted_db_table;
   }

   MySQLaccess::Debug::Print(1," template=[$template]");

   # get all db for which access-rights can be calculated,
   # which conform to the template.
   # !! these db's don't have to exist yet, so it's not
   #    enough to look which db already exist on the system
   $reg_expr = $template;
   if ($template =~ /[\*\?]/) {
      $reg_expr =~ tr/*?/%_/;
      #$reg_expr = MySQLaccess::Wildcards::Wild2Reg($template);
   }
   $reg_expr = MySQLaccess::Wildcards::SQL2Reg("$reg_expr");

   if ( ! ($template =~ /[\*\?%_]/) ) {
      push(@db,$template);
      return \@db;
   }

   MySQLaccess::Debug::Print(2,"#Reading db-table...");
   foreach $record (@{$aref}) { #MySQLaccess::Grant::sorted_db_table) {
    my @record=split(/\t/,$record);
    my $db = $record[1];
    MySQLaccess::Debug::Print(2,"> $db ");
    if ( (!grep(/$db/i,@db)) and ($db =~/$reg_expr/i) ) {
       push(@db,$db);
       MySQLaccess::Debug::Print(2,"added");
    } 
    else {
       MySQLaccess::Debug::Print(2,"skipped");
    }
   }
   # if no rule is found for a certain db in the db-table,
   # the rights of the user are used, so we should inform
   # the user for
   if (!grep(/^%$/,@db)) { push(@db,"$MySQLaccess::NEW_DB"); }
   return \@db;
}

# ===========================================================
# sub Get_All_users(template): 
#  return all users the grant-tables are working on,
#  which conform to the template
# ===========================================================
sub Get_All_users {
   ($template,$tmp) = @_; # nog verder uitwerken!!!
   my @user=();
   my $aref;

   # working with  temporary tables or production tables
   if (defined($tmp) and $tmp) {
      $aref = \@MySQLaccess::Grant::sorted_user_tmp_table ;
   }
   else {
      $aref = \@MySQLaccess::Grant::sorted_user_table;
   }

   MySQLaccess::Debug::Print(1,"Debug Get_All_users:");
   # get all db for which access-rights can be calculated.
   # !! these db's don't have to exist yet, so it's not
   #    enough to look which db already exist on the system
   $reg_expr = $template;
   if ($template =~ /[\*\?]/) {
      $reg_expr =~ tr/*?/%_/;
      #$reg_expr = MySQLaccess::Wildcards::Wild2Reg($template);
   }
   $reg_expr = MySQLaccess::Wildcards::SQL2Reg("$reg_expr");

   if ( ! ($template =~ /[\*\?%_]/) ) {
      push(@user,$template);
      return \@user;
   }

   MySQLaccess::Debug::Print(2,"#Reading user-table...");
   foreach $record (@{$aref}) { #MySQLaccess::Grant::sorted_user_table) {
    my @record=split(/\t/,$record);
    my $user = $record[1];
    MySQLaccess::Debug::Print(2,"> $user ");
    if ( (!grep(/$user/,@user)) and ($user=~/$reg_expr/)) {
       push(@user,$user);
       MySQLaccess::Debug::Print(2, "added");
    } 
    else {
       MySQLaccess::Debug::Print(2, "skipped");
    }
   }
   # Any user means also:
   # - the 'empty' user, ie without supplying a username
   # - any user still to be defined/created
   #push(@user,'');               #without_suplying_a_username
   push(@user,"$MySQLaccess::NEW_USER");
   #push(@Warnings,'minimum_priv');
   return \@user;
}

# ===========================================================
# sub Get_All_hosts(template): 
#  return all hosts the grant-tables are working on,
#  which conform to the template
# ===========================================================
sub Get_All_hosts {
   my ($template,$tmp) = @_;
   my @host=();
   my $aref;
   my $aref1;

   # working with  temporary tables or production tables
   if (defined($tmp) and $tmp) {
      $aref = \@MySQLaccess::Grant::sorted_host_tmp_table ;
      $aref1= \@MySQLaccess::Grant::sorted_db_tmp_table ;
   }
   else {
      $aref = \@MySQLaccess::Grant::sorted_host_table;
      $aref1= \@MySQLaccess::Grant::sorted_db_table ;
   }

   MySQLaccess::Debug::Print(1, "Debug Get_All_hosts:");
   # get all db for which access-rights can be calculated.
   # !! these db's don't have to exist yet, so it's not
   #    enough to look which db already exist on the system
   $reg_expr = $template;
   if ($template =~ /[\*\?]/) {
      $reg_expr =~ tr/*?/%_/;
      #$reg_expr = MySQLaccess::Wildcards::Wild2Reg($template);
   }
   $reg_expr = MySQLaccess::Wildcards::SQL2Reg("$reg_expr");

   if ( ! ($template =~ /[\*\?%_]/) ) {
      push(@host,$template);
      return \@host;
   }

   MySQLaccess::Debug::Print(1, "#Reading db-table...");
   foreach $record (@{$aref1}) { #MySQLaccess::Grant::sorted_db_table) {
    my @record=split(/\t/,$record);
    my $host = $record[0];
    MySQLaccess::Debug::Print(2, "> $host ");
    if (! grep(/$host/i,@host)) {
       push(@host,$host);
       MySQLaccess::Debug::Print(2, "added");
    } 
    else {
       MySQLaccess::Debug::Print(2, "skipped");
    }
   }
   MySQLaccess::Debug::Print(1, "#Reading host-table...");
   foreach $record (@{$aref}) {
    my @record=split(/\t/,$record);
    my $host = $record[0];
    MySQLaccess::Debug::Print(2, "> $host ");
    if ( (!grep(/$host/,@host)) and ($host=~/$reg_expr/)) {
       push(@host,$host);
       MySQLaccess::Debug::Print(2, "added");
    } 
    else {
       MySQLaccess::Debug::Print(2, "skipped");
    }
   }
   # DOUBT:
   #print "#Reading user-table...\n" if ($DEBUG>1);
   #foreach $record (@MySQLaccess::Grant::sorted_user_table) {
   # my @record=split(/\t/,$record);
   # my $host = $record[0];
   # print "> $host " if ($DEBUG>2);
   # if ( (!grep(/$host/,@host)) and ($host=~/$reg_expr/)) {
   #    push(@host,$host);
   #    print "added\n" if ($DEBUG>2);
   # } 
   # else {
   #    print "skipped\n" if ($DEBUG>2);
   # }
   #}
   # Any host also means:
   # - any host still to be defined/created
   #push(@host,"any_other_host");

   @host = sort(@host);
   return \@host;
}


##########################################################################
package MySQLaccess::Grant;
##############
BEGIN {
    $DEBUG     = 0;
    $DEBUG     = $MySQLaccess::DEBUG unless ($DEBUG);
}



# ===========================================================
# sub Diff_Privileges()
#  Calculate diff between temporary and original grant-tables
# ===========================================================
sub Diff_Privileges {
   my @before=();
   my @after =();
   my @diffs =();

   # -----------------------------
   # Build list of users,dbs,hosts
   # to process...
   my @all_dbs   = @{MySQLaccess::DB::Get_All_dbs('*')};
   my @all_users = @{MySQLaccess::DB::Get_All_users('*')};
   my @all_hosts = @{MySQLaccess::DB::Get_All_hosts('*')};
   #if EDIT-mode
   my @all_dbs_tmp   = @{MySQLaccess::DB::Get_All_dbs('*','tmp')};
   my @all_users_tmp = @{MySQLaccess::DB::Get_All_users('*','tmp')};
   my @all_hosts_tmp = @{MySQLaccess::DB::Get_All_hosts('*','tmp')};


   my %Access;
   # ------------------------------------
   # Build list of priv. for grant-tables
   foreach $host (@all_hosts) {
     foreach $user (@all_users) {
       foreach $db (@all_dbs) {
         MySQLaccess::Grant::Initialize();
         %Access = MySQLaccess::Grant::Get_Access_Rights($host,$user,$db);	
         push(@before,MySQLaccess::Report::Raw_Report($host,$user,$db,\%Access));
       }
     }
   }

   # ----------------------------------
   # Build list of priv. for tmp-tables
   foreach $host (@all_hosts_tmp) {
     foreach $user (@all_users_tmp) {
       foreach $db (@all_dbs_tmp) {
         MySQLaccess::Grant::Initialize('tmp');
         %Access = MySQLaccess::Grant::Get_Access_Rights($host,$user,$db,'tmp');	
         push(@after,MySQLaccess::Report::Raw_Report($host,$user,$db,\%Access));
       }
     }
   }

   # ----------------------------------
   # Write results to temp-file to make
   # DIFF
   @before = sort(@before);
   @after  = sort(@after);

   ($hb, $before) = tempfile("$MySQLaccess::script.XXXXXX") or
    push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");
   ($ha, $after)  = tempfile("$MySQLaccess::script.XXXXXX") or
    push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");

   print $hb join("\n",@before);
   print $ha join("\n",@after);
   close $hb;
   close $ha;

   # ----------------------------------
   # compute difference
   my $cmd="$MySQLaccess::DIFF $before $after |";
   open(DIFF,"$cmd");
   @diffs = <DIFF>;
   @diffs = grep(/[<>]/,@diffs);
   chomp(@diffs);
   close(DIFF);

   # ----------------------------------
   # cleanup temp. files
   unlink($before);
   unlink($after);

   return \@diffs;
}

# ===========================================================
# sub Initialize()
#
# ===========================================================
sub Initialize {
    %MySQLaccess::Grant::Access       = %{Default_Access_Rights()};
    @MySQLaccess::Grant::Errors       = ();
    @MySQLaccess::Grant::Warnings     = ();
    @MySQLaccess::Grant::Notes        = ();
    # -----
    # rules
    $MySQLaccess::Grant::Rules{'user'} = 'no_rule_found';
    $MySQLaccess::Grant::Rules{'db'}   = 'no_rule_found';
    $MySQLaccess::Grant::Rules{'host'} = 'no_equiv_host';
    $MySQLaccess::Grant::full_access   = 1;

    $MySQLaccess::Grant::process_host_table = 0;
    return 1;
}

# ===========================================================
# sub ReadTables()
#  
# ===========================================================
sub ReadTables {
    my ($tmp) = @_;
    my ($HOST,$DB,$USER);
    my @tables;

    # build list of available tables
    @tables = MySQLaccess::DB::Show_Tables();

    # reading production grant-tables or temporary tables?
    $tmp = (defined($tmp) and $tmp) ? 1 : 0;
    if ($tmp) { #reading temporary tables
       $HOST=$MySQLaccess::ACCESS_H_TMP;
       $DB  =$MySQLaccess::ACCESS_D_TMP;
       $USER=$MySQLaccess::ACCESS_U_TMP;

       # ----------------------------
       # do tables exist?
       if (!grep(/$HOST/,@tables)) { MySQLaccess::DB::CreateTable($HOST); }
       if (!grep(/$USER/,@tables)) { MySQLaccess::DB::CreateTable($USER); }
       if (!grep(/$DB/,@tables))   { MySQLaccess::DB::CreateTable($DB); }

       MySQLaccess::Debug::Print(1,"Finding fields in tmp-ACL files:");
       # -----------------------------
       # Get record-layout 
       my ($h1,$h2) = MySQLaccess::DB::Show_Fields($HOST);
       my ($d1,$d2) = MySQLaccess::DB::Show_Fields($DB);
       my ($u1,$u2) = MySQLaccess::DB::Show_Fields($USER);
       %MySQLaccess::Grant::H_tmp = %{$h1}; @MySQLaccess::Grant::H_tmp = @{$h2};
       %MySQLaccess::Grant::D_tmp = %{$d1}; @MySQLaccess::Grant::D_tmp = @{$d2};
       %MySQLaccess::Grant::U_tmp = %{$u1}; @MySQLaccess::Grant::U_tmp = @{$u2};

#       @MySQLaccess::Grant::Privileges_tmp=@{Make_Privlist()};
#
       MySQLaccess::Debug::Print(1, "Reading sorted temp-tables:");
       @MySQLaccess::Grant::sorted_db_tmp_table  = MySQLaccess::DB::Sort_table($DB, 'ucase_host', 'user', 'db');
       @MySQLaccess::Grant::sorted_host_tmp_table= MySQLaccess::DB::Sort_table($HOST, 'ucase_host', 'db');
       @MySQLaccess::Grant::sorted_user_tmp_table= defined($MySQLaccess::Param{'password'}) ?
                           MySQLaccess::DB::Sort_table($USER, 'ucase_host', 'user', 'password'):
                           MySQLaccess::DB::Sort_table($USER, 'ucase_host', 'user');
    }
    else {      #reading production grant-tables
       $HOST=$MySQLaccess::ACCESS_H;
       $DB  =$MySQLaccess::ACCESS_D;
       $USER=$MySQLaccess::ACCESS_U;

       MySQLaccess::Debug::Print(1,"Finding fields in ACL files:");
       # -----------------------------
       # Get record-layout 
       my ($h1,$h2) = MySQLaccess::DB::Show_Fields($HOST);
       my ($d1,$d2) = MySQLaccess::DB::Show_Fields($DB);
       my ($u1,$u2) = MySQLaccess::DB::Show_Fields($USER);
       %MySQLaccess::Grant::H = %{$h1}; @MySQLaccess::Grant::H = @{$h2};
       %MySQLaccess::Grant::D = %{