Newer mariadb-dump output breaks on import

To: debian-user@lists.debian.org
Subject: Newer mariadb-dump output breaks on import
From: "Gareth Evans" <donotspam@fastmail.fm>
Date: Thu, 25 Jul 2024 08:42:01 +0100
Message-id: <[🔎] b703e36f-b279-4250-a711-a600f33f80e2@app.fastmail.com>

As explained in:

https://mariadb.org/mariadb-dump-file-compatibility-change/

Later versions of MariaDB than Bookworm's

0.5.25, 10.6.18, 10.11.8, 11.0.6, 11.1.5, 11.2.4 and 11.4.2

introduce a breaking change to mariadb-dump (mysqldump) in order to prevent shell commands being executed via SQL dumps.  

A line is prepended to the dump file to activate "sandbox mode", which older versions do not recognise, so newer-versions' dump files cannot be imported without modification or workaround.  

$ cat /etc/debian_version
12.6

$ apt policy mariadb-server
mariadb-server:
  Installed: 1:10.11.6-0+deb12u1

$ head -n2 dump.sql
/*!999999\- enable the sandbox mode */ 
-- MariaDB dump 10.19  Distrib 10.6.18-MariaDB, for Linux (x86_64)

$ mysql < dump.sql 
ERROR at line 1: Unknown command '\-'.

The command

tail +2 dump.sql | mysql ...

is a workaround, but that's potentially a lot of changes to make in scripts only to be undone again (if you want to benefit from the enhanced security the change affords) when MariaDB is updated.

Is this likely to be considered worthy of an update or backport?

https://tracker.debian.org/pkg/mariadb

incudes

[2024-05-20] mariadb 1:10.11.8-1 MIGRATED to testing (Debian testing watch) 

but I can't see any mention of the problem at

https://security-tracker.debian.org/tracker/source-package/mariadb

so I wonder if the latest testing version is just routine work for testing.

Thanks,
Gareth

Reply to:

Prev by Date: Re: Failed to boot on linux-image-4.19.0-27-cloud-amd64 under Xen 4.7
Next by Date: Re: Trouble when editing a Debian wiki page
Previous by thread: Re: Failed to boot on linux-image-4.19.0-27-cloud-amd64 under Xen 4.7
Next by thread: combine two commands via pipe
Index(es):
- Date
- Thread