-
Type:
New Feature
-
Status: Done
-
Priority:
Medium
-
Resolution: Fixed
-
Affects Version/s: 5.7.x, Not 5.5.x, Not 5.6.x
-
Fix Version/s: 5.7.21-21
-
Component/s: None
-
Labels:
Behavior has changed after PS-5736 https://jira.percona.com/browse/PS-5736?focusedCommentId=239846&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-239846
Add new global dynamic variable innodb_temp_tablespace_encrypt=ON/OF. When it is turned on, server starts to encrypt temporary tablespace and temporary InnoDB file-per-table tablespaces. Option does not force encryption of temp tables which are currently opened, it doesn't rebuild system temporary tablespace to encrypt data which already written. Since temp tablespace created fresh at each server startup, it will not contain unencrypted data if this option specified as server argument. Turning this option off at runtime makes server to create all subsequent temporary file-per-table tablespaces unencrypted, but does not turn off encryption of system temporary tablespace.
To use this option, keyring plugin must be loaded. If keyring plugin is not available, server will give error message and refuse to create new temp tables.
- is blocked by
-
PS-5734 Disabling temp tablespace encryption at runtime does not create un-encrypted file-per-table temp tables
-
- Done
-
-
PS-5736 Make innodb_temp_tablespace_encrypt truly dynamic
-
- Done
-
- is triggering
-
PS-5773 crash in create temporary with encryption on
-
- Done
-
- relates to
-
PS-5350 Test PS-3821
-
- Done
-