From b89363de1d13526f6f034775d9ddb7cd18c7d273 Mon Sep 17 00:00:00 2001 From: Nirbhay Choubey Date: Thu, 26 Jul 2012 21:47:03 +0530 Subject: Bug#13741677 MYSQL_SECURE_INSTALLATION DOES NOT WORK + SAVES ROOT PASSWORD TO DISK! The secure installation scripts connect to the server by storing the password in a temporary option file. Now, if the script gets killed or fails for some reason, the removal of the option file may not take place. This patch introduces following enhancements : * (.sh) Made sure that cleanup happens at every call to 'exit 1'. This is performed implicitly by END{} in pl.in. * (.pl.in) Added a warning in case unlink fails to delete the option/query files. * (.sh/.pl.in) Added more signals to the signal handler list. SIG# 1, 3, 6, 15 --- scripts/mysql_secure_installation.pl.in | 10 +++++++--- scripts/mysql_secure_installation.sh | 18 +++++++++++++----- 2 files changed, 20 insertions(+), 8 deletions(-) (limited to 'scripts') diff --git a/scripts/mysql_secure_installation.pl.in b/scripts/mysql_secure_installation.pl.in index 543b8d1b1c0..278fffe7322 100755 --- a/scripts/mysql_secure_installation.pl.in +++ b/scripts/mysql_secure_installation.pl.in @@ -1,7 +1,7 @@ #!/usr/bin/perl # -*- cperl -*- # -# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -28,7 +28,7 @@ my $mysql; # How to call the mysql client my $rootpass = ""; -$SIG{QUIT} = $SIG{INT} = sub { +$SIG{QUIT} = $SIG{INT} = $SIG{TERM} = $SIG{ABRT} = $SIG{HUP} = sub { print "\nAborting!\n\n"; echo_on(); cleanup(); @@ -242,7 +242,11 @@ sub reload_privilege_tables { } sub cleanup { - unlink($config,$command); + print "Cleaning up...\n"; + + foreach my $file ($config, $command) { + unlink $file or warn "Warning: Could not unlink $file: $!\n"; + } } diff --git a/scripts/mysql_secure_installation.sh b/scripts/mysql_secure_installation.sh index 5e84a92a76c..c92cb1262df 100644 --- a/scripts/mysql_secure_installation.sh +++ b/scripts/mysql_secure_installation.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -19,7 +19,7 @@ config=".my.cnf.$$" command=".mysql.$$" mysql_client="" -trap "interrupt" 2 +trap "interrupt" 1 2 3 6 15 rootpass="" echo_n= @@ -139,13 +139,16 @@ set_root_password() { if [ $? -eq 0 ]; then echo "Password updated successfully!" echo "Reloading privilege tables.." - reload_privilege_tables || exit 1 + reload_privilege_tables + if [ $? -eq 1 ]; then + clean_and_exit + fi echo rootpass=$password1 make_config else echo "Password update failed!" - exit 1 + clean_and_exit fi return 0 @@ -157,7 +160,7 @@ remove_anonymous_users() { echo " ... Success!" else echo " ... Failed!" - exit 1 + clean_and_exit fi return 0 @@ -217,6 +220,11 @@ cleanup() { rm -f $config $command } +# Remove the files before exiting. +clean_and_exit() { + cleanup + exit 1 +} # The actual script starts here -- cgit v1.2.1