From f65fc173323025ecc70cd88bb877604b80c0b2db Mon Sep 17 00:00:00 2001 From: vincent Date: Fri, 15 Feb 2019 17:26:49 +0100 Subject: [PATCH 1/2] =?UTF-8?q?script=20cr=C3=A9ation=20maria-sys=20pour?= =?UTF-8?q?=20les=20sauvegardes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- posttemplate/25-mariadb-passwd | 66 ++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100755 posttemplate/25-mariadb-passwd diff --git a/posttemplate/25-mariadb-passwd b/posttemplate/25-mariadb-passwd new file mode 100755 index 0000000..cf7ab71 --- /dev/null +++ b/posttemplate/25-mariadb-passwd @@ -0,0 +1,66 @@ +#!/bin/bash + +systemctl stop mariadb + +mariadb_cfdir=/etc/mysql/ +dc=$mysql_cfgdir/mariadbBackup.cnf +mariadb_rundir=/var/run/mysqld/ +mariadb_statedir=/var/lib/mysql + +if [ -e "$dc" -a -n "`fgrep mysql_upgrade $dc 2>/dev/null`" ]; then + pass="`sed -n 's/^[ ]*password *= *// p' $dc | head -n 1`" + # Basedir is deprecated. Remove the option if it's in an existing mariadbBackup.cnf + sed -i '/basedir/d' "$dc" +else + pass=`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'`; + if [ ! -d "$mariadb_cfdir" ]; then + then install -o 0 -g 0 -m 0755 -d $mariadb_cfdir + fi + umask 066 + cat /dev/null > $dc + umask 022 + echo "# Automatically generated DONT'T TOUCH !!!!!!" >>$dc + echo "[client]" >>$dc + echo "host = localhost" >>$dc + echo "user = maria-sys-maint" >>$dc + echo "password = $pass" >>$dc + echo "socket = $mariadb_rundir/mysqld.sock" >>$dc + echo "[mysql_upgrade]" >>$dc + echo "host = localhost" >>$dc + echo "user = maria-sys-maint" >>$dc + echo "password = $pass" >>$dc + echo "socket = $mariadb_rundir/mysqld.sock" >>$dc +fi + +# If this dir chmod go+w then the admin did it. But this file should not. + chown 0:0 $dc + chmod 0600 $dc + +# If database doesn't exist we create it. +mkdir /var/lib/mariadb-files +mariadb_filesdir=/var/lib/mariadb-files + +if [ ! "$(ls -A "${mariadb_statedir}")" ] && [ -d "${mariadb_filesdir}" ]; then + existingdatabase=0 + initfile=`mktemp --tmpdir=/var/lib/mariadb-files/` + touch "$initfile" + chmod 600 "$initfile" + chown mysql:mysql "$initfile" + echo "USE mysql; " >> "$initfile" + db_get mysql-server/root_password && rootpw="$RET" + if [ ! -z "$rootpw" ]; then + rootpw=$(printf %q "${rootpw}") + echo "ALTER USER 'root'@'localhost' IDENTIFIED BY '$rootpw';" >> "$initfile" + fi + echo "CREATE USER IF NOT EXISTS 'maria-sys-maint'@'localhost' IDENTIFIED BY '$pass';" >> "$initfile" + echo "GRANT ALL ON *.* TO 'maria-sys-maint'@'localhost' WITH GRANT OPTION;" >> "$initfile" + echo "SHUTDOWN;" >> "$initfile" + mysqld --initialize-insecure --user=mysql --init-file="$initfile"> /dev/null 2>&1 || true + rm "$initfile" +else + existingdatabase=1 +fi + +systemctl start mariadb + +exit 0 From be45f4e3fabd6beba5083d0ec96384ff54469e4b Mon Sep 17 00:00:00 2001 From: vincent Date: Tue, 19 Feb 2019 10:02:40 +0100 Subject: [PATCH 2/2] =?UTF-8?q?ajout=20d'un=20warning=20sur=20les=20netmas?= =?UTF-8?q?k=20des=20ip=20des=20connexions=20autoris=C3=A9es=20=C3=A0=20la?= =?UTF-8?q?=20BDD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- dicos/25_bdd_server.xml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dicos/25_bdd_server.xml b/dicos/25_bdd_server.xml index 9376818..d82d563 100644 --- a/dicos/25_bdd_server.xml +++ b/dicos/25_bdd_server.xml @@ -145,6 +145,10 @@ + + ipMariaDBLimit + + ['eth0', 'eth1', 'eth2', 'eth3', 'eth4']