37 lines
1.7 KiB
Plaintext
37 lines
1.7 KiB
Plaintext
# restart: --skip-name-resolve --bind-address=127.0.0.1,10.0.2.1/red
|
|
CREATE USER root@127.0.0.1;
|
|
CREATE USER root@10.0.2.1;
|
|
CREATE USER root@10.0.1.1;
|
|
# Check that client can establish connection to the address 127.0.0.1 from the default network namespace
|
|
USER()
|
|
root@127.0.0.1
|
|
# Check that client can establish connection to the address 10.0.2.1 from the network namespace 'red'
|
|
USER()
|
|
root@10.0.2.1
|
|
# Check that client can't establish connection to the address 10.0.2.1 from a non-existing network namespace 'green'
|
|
ERROR: Network namespace error: No such file or directory
|
|
# Simulate case where the mysql client doesn't have the cap_sys_admin_capability
|
|
ERROR: Network namespace error: Operation not permitted
|
|
# Check that connections to the host from clients outside the network namespace error out since
|
|
# they are visible only through the gateway through which the network namespace connects to the
|
|
# outer root network namespace.
|
|
# restart: --skip-name-resolve --bind-address=127.0.0.1,10.0.2.1/red,10.0.1.1/blue
|
|
# Check that client can establish connection to the address 10.0.2.1 from the network namespace 'red'
|
|
USER()
|
|
root@10.0.2.1
|
|
# Check that client can establish connection to the address 10.0.1.1 from the network namespace 'blue'
|
|
USER()
|
|
root@10.0.1.1
|
|
# restart: --skip-name-resolve --bind-address=127.0.0.1 --admin-address=10.0.2.1/red --admin-port=ADMIN_PORT
|
|
GRANT SERVICE_CONNECTION_ADMIN ON *.* TO root@10.0.2.1;
|
|
USER()
|
|
root@10.0.2.1
|
|
# restart: --skip-name-resolve --bind-address=127.0.0.1 --admin-address=10.0.2.1/red --admin-port=ADMIN_PORT --create-admin-listener-thread=true
|
|
USER()
|
|
root@10.0.2.1
|
|
REVOKE SERVICE_CONNECTION_ADMIN ON *.* FROM root@10.0.2.1;
|
|
# restart:
|
|
DROP USER root@127.0.0.1;
|
|
DROP USER root@10.0.2.1;
|
|
DROP USER root@10.0.1.1;
|