Remove PROCESS privilege requirement for MySQL source in DM #12015
Description
Is your feature request related to a problem?
Currently, DM requires PROCESS privilege for MySQL sources, but initial investigation suggests this might not be necessary. This requirement adds extra security overhead and should be removed if not essential for DM's operation. It is also not part of the requirements in the documentation.
Describe the feature you'd like
- DM currently shows a warning when the MySQL user lacks PROCESS privilege
- The warning appears in the
dumper_conn_number_checker
which checks if connection concurrency exceeds database's maximum connection limit - Initial investigation by engineering lead suggests this privilege might not be necessary
Current Behavior
When running DM without PROCESS privilege, the following warning appears:
{
"id": 0,
"name": "dumper_conn_number_checker",
"desc": "check if connetion concurrency exceeds database's maximum connection limit",
"state": "warn",
"errors": [
{
"severity": "warn",
"short_error": "lack of Process global (*.*) privilege; "
}
]
}
How to reproduce
- MySQL Version: 8.0.40
- DM Version: v8.5.0
- Command tested:
tiup dmctl check-task
andtiup dmctl start-task
More details:
This issue was identified during the documentation review of the quick start guide. Removing unnecessary privileges will improve security posture and simplify setup requirements.
https://github.com/pingcap/docs/blob/0c69e8a87585d5269c9e6a596f1ad3dab4fe0063/dm/quick-start-with-dm.md
Describe alternatives you've considered
The warning disappears if the user grants the PROCESS privilege.
Teachability, Documentation, Adoption, Migration Strategy
No response