Documentation Home
MySQL 9.1 Reference Manual
Related Documentation
MySQL 9.1 Release Notes
Download this Manual
PDF (US Ltr) - 40.3Mb
PDF (A4) - 40.4Mb
Man Pages (TGZ) - 259.3Kb
Man Pages (Zip) - 366.4Kb
Info (Gzip) - 4.0Mb
Info (Zip) - 4.0Mb
MySQL 9.1 Reference Manual  /  ...  /  Recovering From Failed Replication Privilege Checks

19.3.3.3 Recovering From Failed Replication Privilege Checks

If a privilege check against the PRIVILEGE_CHECKS_USER account fails, the transaction is not executed and replication stops for the channel. Details of the error and the last applied transaction are recorded in the Performance Schema replication_applier_status_by_worker table. Follow this procedure to recover from the error:

  1. Identify the replicated event that caused the error and verify whether or not the event is expected and from a trusted source. You can use mysqlbinlog to retrieve and display the events that were logged around the time of the error. For instructions to do this, see Section 9.5, “Point-in-Time (Incremental) Recovery”.

  2. If the replicated event is not expected or is not from a known and trusted source, investigate the cause. If you can identify why the event took place and there are no security considerations, proceed to fix the error as described below.

  3. If the PRIVILEGE_CHECKS_USER account should have been permitted to execute the transaction, but has been misconfigured, grant the missing privileges to the account, use a FLUSH PRIVILEGES statement or execute a mysqladmin flush-privileges or mysqladmin reload command to reload the grant tables, then restart replication for the channel.

  4. If the transaction needs to be executed and you have verified that it is trusted, but the PRIVILEGE_CHECKS_USER account should not have this privilege normally, you can grant the required privilege to the PRIVILEGE_CHECKS_USER account temporarily. After the replicated event has been applied, remove the privilege from the account, and take any necessary steps to ensure the event does not recur if it is avoidable.

  5. If the transaction is an administrative action that should only have taken place on the source and not on the replica, or should only have taken place on a single replication group member, skip the transaction on the server or servers where it stopped replication, then issue START REPLICA to restart replication on the channel. To avoid the situation in future, you could issue such administrative statements with SET sql_log_bin = 0 before them and SET sql_log_bin = 1 after them, so that they are not logged on the source.

  6. If the transaction is a DDL or DML statement that should not have taken place on either the source or the replica, skip the transaction on the server or servers where it stopped replication, undo the transaction manually on the server where it originally took place, then issue START REPLICA to restart replication.

To skip a transaction, if GTIDs are in use, commit an empty transaction that has the GTID of the failing transaction, for example: 

SET GTID_NEXT='aaa-bbb-ccc-ddd:N';
BEGIN;
COMMIT;
SET GTID_NEXT='AUTOMATIC';

If GTIDs are not in use, issue a SET GLOBAL sql_replica_skip_counter statement to skip the event. For instructions to use this alternative method and more details about skipping transactions, see Section 19.1.7.3, “Skipping Transactions”.


PREV   HOME   UP   NEXT
Related Documentation
MySQL 9.1 Release Notes
Download this Manual
PDF (US Ltr) - 40.3Mb
PDF (A4) - 40.4Mb
Man Pages (TGZ) - 259.3Kb
Man Pages (Zip) - 366.4Kb
Info (Gzip) - 4.0Mb
Info (Zip) - 4.0Mb