MySQL Forums
Forum List  »  Security

MySQL innodb_undo_log_encrypt not working
Posted by: Christopher de Vidal
Date: September 03, 2022 06:18PM

I have set innodb_undo_log_encrypt=ON in /etc/mysql/mysql.conf.d/encryption.cnf under the [mysqld] section but it appears to not be working. Am I just misreading the output below?

Other InnoDB tables are encrypted. A note in the MySQL docs[1] says, "When innodb_undo_log_encrypt is enabled, unencrypted undo log pages that are present on disk remain unencrypted, and new undo log pages are written to disk in encrypted form." But the flag in the conf file was set a month ago, with many writes in the interim.

No errors in the logs.

I am using MySQL 8.0.29-0ubuntu0.20.04.3.

mysql> SELECT space, name, flag, (flag & 8192) AS encrypted FROM INFORMATION_SCHEMA.INNODB_TABLESPACES WHERE NAME LIKE 'innodb_undo_%';
+------------+-----------------+------+-----------+
| space | name | flag | encrypted |
+------------+-----------------+------+-----------+
| 4294967279 | innodb_undo_001 | 0 | 0 |
| 4294967278 | innodb_undo_002 | 0 | 0 |
+------------+-----------------+------+-----------+
2 rows in set (0.00 sec)

MySQL> SHOW VARIABLES LIKE "innodb_undo_log_encrypt";
+-------------------------+-------+
| Variable_name | Value |
+-------------------------+-------+
| innodb_undo_log_encrypt | ON |
+-------------------------+-------+
1 row in set (0.00 sec)

mysql>

root@db02:~# zgrep -i undo /var/log/mysql/error.log*
root@db02:~#

[1] https://dev.mysql.com/doc/refman/8.0/en/innodb-data-encryption.html#innodb-data-encryption-undo-log

Options: ReplyQuote


Subject
Views
Written By
Posted
MySQL innodb_undo_log_encrypt not working
96
September 03, 2022 06:18PM


Sorry, only registered users may post in this forum.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.