Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
gratan
Gratan
Gratan is a tool to manage MySQL permissions.
It defines the state of MySQL permissions using Ruby DSL, and updates permissions according to DSL.
Notice
>= 0.3.0- Support template
>= 0.3.1- Fix
<secret>password
- Fix
Installation
Add this line to your application's Gemfile:
gem 'gratan'
And then execute:
$ bundle
Or install it yourself as:
$ gem install gratan
Usage
gratan -e -o Grantfile
vi Grantfile
gratan -a --dry-run
gratan -a
Help
Usage: gratan [options]
--host HOST
--port PORT
--socket SOCKET
--username USERNAME
--password PASSWORD
--database DATABASE
-a, --apply
-f, --file FILE
--dry-run
-e, --export
--with-identifier
--split
--chunk-by-user
-o, --output FILE
--ignore-user REGEXP
--target-user REGEXP
--ignore-object REGEXP
--enable-expired
--ignore-not-exist
--ignore-password-secret
--skip-disable-log-bin
--override-sql-mode
--use-show-create-user
--no-color
--debug
--auto-identify OUTPUT
--csv-identify CSV
--mysql2-options JSON
-h, --help
A default connection to a database can be established by setting the following environment variables:
GRATAN_DB_HOST: database hostGRATAN_DB_PORT: database portGRATAN_DB_SOCKET: database socketGRATAN_DB_DATABASE: database database nameGRATAN_DB_USERNAME: database userGRATAN_DB_PASSWORD: database password
Grantfile example
require 'other/grantfile'
user "scott", "%" do
on "*.*" do
grant "USAGE"
end
on "test.*", expired: '2014/10/08', identified: "PASSWORD '*ABCDEF'" do
grant "SELECT"
grant "INSERT"
end
on /^foo\.prefix_/ do
grant "SELECT"
grant "INSERT"
end
end
user "scott", ["localhost", "192.168.%"], expired: '2014/10/10' do
on "*.*", with: 'GRANT OPTION' do
grant "ALL PRIVILEGES"
end
end
Use template
template 'all db template' do
on '*.*' do
grant 'SELECT'
end
end
template 'test db template' do
grant context.default
context.extra.each do |priv|
grant priv
end
end
user 'scott', 'localhost', identified: 'tiger' do
include_template 'all db template'
on 'test.*' do
context.default = 'SELECT'
include_template 'test db template', extra: ['INSERT', 'UPDATE']
end
end
Run tests
bundle install
docker-compose up -d
bundle exec rake
# MYSQL57=1 bundle exec rake
Similar tools
What does "Gratan" mean?
FAQs
Unknown package
We found that gratan demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Apr 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025