Clean root password Management
Don't store the root password. Provide easy replacement for mysql_pwd.py
This commit is contained in:
parent
2f4eca027a
commit
1dc370fb94
|
@ -2,6 +2,7 @@
|
|||
|
||||
db=$(CreoleGet dbEnable non)
|
||||
cluster=$(CreoleGet dbEnableCluster non)
|
||||
role=$(CreoleGet dbClusterPosition 'Node')
|
||||
gstateFile="/var/lib/mysql/grastate.dat"
|
||||
|
||||
if [[ ${db} == "oui" ]]
|
||||
|
@ -10,7 +11,7 @@ then
|
|||
then
|
||||
if [[ ! -e ${gstateFile} ]]
|
||||
then
|
||||
galera_new_cluster
|
||||
[[ ${role} == "Leader" ]] && galera_new_cluster
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Initialize root password
|
||||
# and secure MariaDB installation
|
||||
#
|
||||
|
||||
ROLE=$(CreoleGet dbClusterPosition)
|
||||
SECURE_CMD="mysql_secure_installation"
|
||||
PASSWORD=$(pwgen -1 10)
|
||||
passwd="/usr/share/eole/scripts/mariadbPwd"
|
||||
|
||||
${passwd} ${PASSWORD}
|
||||
|
||||
# Run secure installation script
|
||||
${SECURE_CMD} <<__EOF__
|
||||
${oldPass}
|
||||
y
|
||||
n
|
||||
y
|
||||
y
|
||||
y
|
||||
y
|
||||
__EOF__
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Initialize root password
|
||||
# and secure MariaDB installation
|
||||
#
|
||||
|
||||
function genPasswordToFile()
|
||||
{
|
||||
local file=${1}
|
||||
pwgen -1 10 > ${file}
|
||||
chmod 600 ${file}
|
||||
}
|
||||
ROLE=$(CreoleGet dbClusterPosition)
|
||||
WRITERFILE="/root/.bddadm"
|
||||
SECURE_CMD="mysql_secure_installation"
|
||||
oldPass=""
|
||||
|
||||
#[[ ${ROLE} == "Node" ]] && exit 0
|
||||
[[ -e ${WRITERFILE} ]] && oldPass=$(< ${WRITERFILE})
|
||||
|
||||
genPasswordToFile ${WRITERFILE}
|
||||
pass=$(< ${WRITERFILE})
|
||||
|
||||
# Run secure installation script
|
||||
${SECURE_CMD} <<__EOF__
|
||||
${oldPass}
|
||||
y
|
||||
${pass}
|
||||
${pass}
|
||||
y
|
||||
y
|
||||
y
|
||||
y
|
||||
__EOF__
|
|
@ -0,0 +1,20 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Renew MariaDB root password
|
||||
# Just like old (mysql_pwd.py)
|
||||
#
|
||||
cmd="mysql"
|
||||
options='--defaults-file=/etc/mysql/debian.cnf'
|
||||
|
||||
if [[ -z ${1} ]]
|
||||
then
|
||||
read -s -p "New Password : " password
|
||||
echo
|
||||
else
|
||||
password="${1}"
|
||||
fi
|
||||
|
||||
sql="FLUSH PRIVILEGES; ALTER USER 'root'@'localhost' IDENTIFIED BY '${password}';"
|
||||
|
||||
${cmd} ${options} -e "${sql}"
|
||||
exit $?
|
Loading…
Reference in New Issue