summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTerje Rosten <terje.rosten@oracle.com>2016-12-19 10:15:54 +0100
committerTerje Rosten <terje.rosten@oracle.com>2016-12-19 12:01:45 +0100
commit1079066b22815b9c46a6689c93469c3af1fd88ff (patch)
treebf3b7a57997057d98b7e272356616b786cd1aa3c
parent30a59a8d78f10f738aef124fe6736851275192bd (diff)
downloadmariadb-git-1079066b22815b9c46a6689c93469c3af1fd88ff.tar.gz
Bug#13344753 MYSQL_SECURE_INSTALLATION SCRIPT DOES NOT CHECK USER INPUT
Loop until valid answer is given. Variants of y,yes and n,no and blank (meaning default) are considered valid.
-rw-r--r--scripts/mysql_secure_installation.sh67
1 files changed, 48 insertions, 19 deletions
diff --git a/scripts/mysql_secure_installation.sh b/scripts/mysql_secure_installation.sh
index c92cb1262df..236525c12cd 100644
--- a/scripts/mysql_secure_installation.sh
+++ b/scripts/mysql_secure_installation.sh
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -33,6 +33,20 @@ set_echo_compat() {
esac
}
+validate_reply () {
+ ret=0
+ if [ -z "$1" ]; then
+ reply=y
+ return $ret
+ fi
+ case $1 in
+ y|Y|yes|Yes|YES) reply=y ;;
+ n|N|no|No|NO) reply=n ;;
+ *) ret=1 ;;
+ esac
+ return $ret
+}
+
prepare() {
touch $config $command
chmod 600 $config $command
@@ -258,15 +272,18 @@ echo "Setting the root password ensures that nobody can log into the MySQL"
echo "root user without the proper authorisation."
echo
-if [ $hadpass -eq 0 ]; then
- echo $echo_n "Set root password? [Y/n] $echo_c"
-else
- echo "You already have a root password set, so you can safely answer 'n'."
- echo
- echo $echo_n "Change the root password? [Y/n] $echo_c"
-fi
+while true ; do
+ if [ $hadpass -eq 0 ]; then
+ echo $echo_n "Set root password? [Y/n] $echo_c"
+ else
+ echo "You already have a root password set, so you can safely answer 'n'."
+ echo
+ echo $echo_n "Change the root password? [Y/n] $echo_c"
+ fi
+ read reply
+ validate_reply $reply && break
+done
-read reply
if [ "$reply" = "n" ]; then
echo " ... skipping."
else
@@ -290,9 +307,11 @@ echo "go a bit smoother. You should remove them before moving into a"
echo "production environment."
echo
-echo $echo_n "Remove anonymous users? [Y/n] $echo_c"
-
-read reply
+while true ; do
+ echo $echo_n "Remove anonymous users? [Y/n] $echo_c"
+ read reply
+ validate_reply $reply && break
+done
if [ "$reply" = "n" ]; then
echo " ... skipping."
else
@@ -308,9 +327,11 @@ echo
echo "Normally, root should only be allowed to connect from 'localhost'. This"
echo "ensures that someone cannot guess at the root password from the network."
echo
-
-echo $echo_n "Disallow root login remotely? [Y/n] $echo_c"
-read reply
+while true ; do
+ echo $echo_n "Disallow root login remotely? [Y/n] $echo_c"
+ read reply
+ validate_reply $reply && break
+done
if [ "$reply" = "n" ]; then
echo " ... skipping."
else
@@ -328,8 +349,12 @@ echo "access. This is also intended only for testing, and should be removed"
echo "before moving into a production environment."
echo
-echo $echo_n "Remove test database and access to it? [Y/n] $echo_c"
-read reply
+while true ; do
+ echo $echo_n "Remove test database and access to it? [Y/n] $echo_c"
+ read reply
+ validate_reply $reply && break
+done
+
if [ "$reply" = "n" ]; then
echo " ... skipping."
else
@@ -346,8 +371,12 @@ echo "Reloading the privilege tables will ensure that all changes made so far"
echo "will take effect immediately."
echo
-echo $echo_n "Reload privilege tables now? [Y/n] $echo_c"
-read reply
+while true ; do
+ echo $echo_n "Reload privilege tables now? [Y/n] $echo_c"
+ read reply
+ validate_reply $reply && break
+done
+
if [ "$reply" = "n" ]; then
echo " ... skipping."
else