diff --git a/dicos/25_bdd_server.xml b/dicos/25_bdd_server.xml index 9376818..d82d563 100644 --- a/dicos/25_bdd_server.xml +++ b/dicos/25_bdd_server.xml @@ -145,6 +145,10 @@ + + ipMariaDBLimit + + ['eth0', 'eth1', 'eth2', 'eth3', 'eth4'] diff --git a/posttemplate/25-mariadb-passwd b/posttemplate/25-mariadb-passwd new file mode 100755 index 0000000..cf7ab71 --- /dev/null +++ b/posttemplate/25-mariadb-passwd @@ -0,0 +1,66 @@ +#!/bin/bash + +systemctl stop mariadb + +mariadb_cfdir=/etc/mysql/ +dc=$mysql_cfgdir/mariadbBackup.cnf +mariadb_rundir=/var/run/mysqld/ +mariadb_statedir=/var/lib/mysql + +if [ -e "$dc" -a -n "`fgrep mysql_upgrade $dc 2>/dev/null`" ]; then + pass="`sed -n 's/^[ ]*password *= *// p' $dc | head -n 1`" + # Basedir is deprecated. Remove the option if it's in an existing mariadbBackup.cnf + sed -i '/basedir/d' "$dc" +else + pass=`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'`; + if [ ! -d "$mariadb_cfdir" ]; then + then install -o 0 -g 0 -m 0755 -d $mariadb_cfdir + fi + umask 066 + cat /dev/null > $dc + umask 022 + echo "# Automatically generated DONT'T TOUCH !!!!!!" >>$dc + echo "[client]" >>$dc + echo "host = localhost" >>$dc + echo "user = maria-sys-maint" >>$dc + echo "password = $pass" >>$dc + echo "socket = $mariadb_rundir/mysqld.sock" >>$dc + echo "[mysql_upgrade]" >>$dc + echo "host = localhost" >>$dc + echo "user = maria-sys-maint" >>$dc + echo "password = $pass" >>$dc + echo "socket = $mariadb_rundir/mysqld.sock" >>$dc +fi + +# If this dir chmod go+w then the admin did it. But this file should not. + chown 0:0 $dc + chmod 0600 $dc + +# If database doesn't exist we create it. +mkdir /var/lib/mariadb-files +mariadb_filesdir=/var/lib/mariadb-files + +if [ ! "$(ls -A "${mariadb_statedir}")" ] && [ -d "${mariadb_filesdir}" ]; then + existingdatabase=0 + initfile=`mktemp --tmpdir=/var/lib/mariadb-files/` + touch "$initfile" + chmod 600 "$initfile" + chown mysql:mysql "$initfile" + echo "USE mysql; " >> "$initfile" + db_get mysql-server/root_password && rootpw="$RET" + if [ ! -z "$rootpw" ]; then + rootpw=$(printf %q "${rootpw}") + echo "ALTER USER 'root'@'localhost' IDENTIFIED BY '$rootpw';" >> "$initfile" + fi + echo "CREATE USER IF NOT EXISTS 'maria-sys-maint'@'localhost' IDENTIFIED BY '$pass';" >> "$initfile" + echo "GRANT ALL ON *.* TO 'maria-sys-maint'@'localhost' WITH GRANT OPTION;" >> "$initfile" + echo "SHUTDOWN;" >> "$initfile" + mysqld --initialize-insecure --user=mysql --init-file="$initfile"> /dev/null 2>&1 || true + rm "$initfile" +else + existingdatabase=1 +fi + +systemctl start mariadb + +exit 0