diff options
| author | Nirbhay Choubey <nirbhay.choubey@oracle.com> | 2012-07-26 21:47:03 +0530 |
|---|---|---|
| committer | Nirbhay Choubey <nirbhay.choubey@oracle.com> | 2012-07-26 21:47:03 +0530 |
| commit | b89363de1d13526f6f034775d9ddb7cd18c7d273 (patch) | |
| tree | a788b41df448385162c97621825803a42350294a /scripts | |
| parent | 76386edb83f1146fe3704569d6b4b22241ce5985 (diff) | |
| download | mariadb-git-b89363de1d13526f6f034775d9ddb7cd18c7d273.tar.gz | |
Bug#13741677 MYSQL_SECURE_INSTALLATION DOES NOT
WORK + SAVES ROOT PASSWORD TO DISK!
The secure installation scripts connect to the
server by storing the password in a temporary
option file. Now, if the script gets killed or
fails for some reason, the removal of the option
file may not take place.
This patch introduces following enhancements :
* (.sh) Made sure that cleanup happens at every
call to 'exit 1'. This is performed implicitly
by END{} in pl.in.
* (.pl.in) Added a warning in case unlink fails
to delete the option/query files.
* (.sh/.pl.in) Added more signals to the signal
handler list. SIG# 1, 3, 6, 15
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/mysql_secure_installation.pl.in | 10 | ||||
| -rw-r--r-- | scripts/mysql_secure_installation.sh | 18 |
2 files changed, 20 insertions, 8 deletions
diff --git a/scripts/mysql_secure_installation.pl.in b/scripts/mysql_secure_installation.pl.in index 543b8d1b1c0..278fffe7322 100755 --- a/scripts/mysql_secure_installation.pl.in +++ b/scripts/mysql_secure_installation.pl.in @@ -1,7 +1,7 @@ #!/usr/bin/perl # -*- cperl -*- # -# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -28,7 +28,7 @@ my $mysql; # How to call the mysql client my $rootpass = ""; -$SIG{QUIT} = $SIG{INT} = sub { +$SIG{QUIT} = $SIG{INT} = $SIG{TERM} = $SIG{ABRT} = $SIG{HUP} = sub { print "\nAborting!\n\n"; echo_on(); cleanup(); @@ -242,7 +242,11 @@ sub reload_privilege_tables { } sub cleanup { - unlink($config,$command); + print "Cleaning up...\n"; + + foreach my $file ($config, $command) { + unlink $file or warn "Warning: Could not unlink $file: $!\n"; + } } diff --git a/scripts/mysql_secure_installation.sh b/scripts/mysql_secure_installation.sh index 5e84a92a76c..c92cb1262df 100644 --- a/scripts/mysql_secure_installation.sh +++ b/scripts/mysql_secure_installation.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -19,7 +19,7 @@ config=".my.cnf.$$" command=".mysql.$$" mysql_client="" -trap "interrupt" 2 +trap "interrupt" 1 2 3 6 15 rootpass="" echo_n= @@ -139,13 +139,16 @@ set_root_password() { if [ $? -eq 0 ]; then echo "Password updated successfully!" echo "Reloading privilege tables.." - reload_privilege_tables || exit 1 + reload_privilege_tables + if [ $? -eq 1 ]; then + clean_and_exit + fi echo rootpass=$password1 make_config else echo "Password update failed!" - exit 1 + clean_and_exit fi return 0 @@ -157,7 +160,7 @@ remove_anonymous_users() { echo " ... Success!" else echo " ... Failed!" - exit 1 + clean_and_exit fi return 0 @@ -217,6 +220,11 @@ cleanup() { rm -f $config $command } +# Remove the files before exiting. +clean_and_exit() { + cleanup + exit 1 +} # The actual script starts here |