[Bug 23250] New: koha-create generates broken mysql password

classic Classic list List threaded Threaded
17 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] New: koha-create generates broken mysql password

bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

            Bug ID: 23250
           Summary: koha-create generates broken mysql password
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: blocker
          Priority: P5 - low
         Component: Installation and upgrade (command-line installer)
          Assignee: [hidden email]
          Reporter: [hidden email]
        QA Contact: [hidden email]

Using koha-create with latest master generates a broken mysql password in
koha-conf.xml, like this

> <pass>B6_uW%vW"__DB_PASS__`1l(Gm</pass>

The problem does not appear when I revert the changes from bug 23090.

This will make every new instance unusable. It's in the nightly, that means new
devboxes will be broken too I guess.

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Mirko Tietgen <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|                            |23090


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23090
[Bug 23090] MySQL validate_password plugin breaks koha-create
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

M. Tompsett <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #1 from M. Tompsett <[hidden email]> ---
What was the koha-create command used to generate that?!

Because:
sudo koha-create --create-db {instance name}
generally is working for me.

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

M. Tompsett <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |Needs Signoff

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

--- Comment #2 from M. Tompsett <[hidden email]> ---
Created attachment 91250
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=91250&action=edit
Bug 23250: Just use an @ in the password

Rather than try to use -y and symbols, since
older versions of pwgen don't have the -y,
Purposefully just shorten the generated
password to 15 characters and put @ on the end.
This avoids nasty shell globbing, fixes the
MySQL requiring a symbol by default in the
newer versions.

While @ at the end is less secure, the
password portion providing security is
still 15 characters long.

Before patch, password should have potentially
multiple ugly symbols in it.
After patch, when creating an instance, the
password will have an @ at the end of it.

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

M. Tompsett <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #91250|0                           |1
        is obsolete|                            |

--- Comment #3 from M. Tompsett <[hidden email]> ---
Created attachment 91251
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=91251&action=edit
Bug 23250: Just use an @ in the password

Rather than try to use -y and symbols, since
older versions of pwgen don't have the -y,
Purposefully just shorten the generated
password to 15 characters and put @ on the end.
This avoids nasty shell globbing, fixes the
MySQL requiring a symbol by default in the
newer versions.

While @ at the end is less secure, the
password portion providing security is
still 15 characters long.

Before patch, password should have potentially
multiple ugly symbols in it.
After patch, when creating an instance, the
password will have an @ at the end of it.

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Martin Renvoize <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #91251|0                           |1
        is obsolete|                            |

--- Comment #4 from Martin Renvoize <[hidden email]> ---
Created attachment 91284
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=91284&action=edit
Bug 23250: Just use an @ in the password

Rather than try to use -y and symbols, since
older versions of pwgen don't have the -y,
Purposefully just shorten the generated
password to 15 characters and put @ on the end.
This avoids nasty shell globbing, fixes the
MySQL requiring a symbol by default in the
newer versions.

While @ at the end is less secure, the
password portion providing security is
still 15 characters long.

Before patch, password should have potentially
multiple ugly symbols in it.
After patch, when creating an instance, the
password will have an @ at the end of it.

Signed-off-by: Martin Renvoize <[hidden email]>

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Martin Renvoize <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Needs Signoff               |Signed Off
                 CC|                            |martin.renvoize@ptfs-europe
                   |                            |.com
   Patch complexity|---                         |Trivial patch

--- Comment #5 from Martin Renvoize <[hidden email]> ---
Simple patch that works well.

Thanks Mark,

Going straight for PQA

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Martin Renvoize <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Signed Off                  |Passed QA

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Martin Renvoize <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Passed QA                   |Pushed to master
         Version(s)|                            |19.11.00
        released in|                            |

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

--- Comment #6 from Martin Renvoize <[hidden email]> ---
Nice work!

Pushed to master for 19.11.00

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Fridolin SOMERS <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]
                   |                            |m
         Version(s)|19.11.00                    |19.11.00,19.05.02
        released in|                            |
             Status|Pushed to master            |Pushed to stable

--- Comment #7 from Fridolin SOMERS <[hidden email]> ---
Pushed to 19.05.x for 19.05.02

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Lucas Gass <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #8 from Lucas Gass <[hidden email]> ---
backported to 18.11.x for 18.11.08

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Fridolin SOMERS <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Version(s)|19.11.00,19.05.02           |19.11.00,19.05.02,18.11.08
        released in|                            |

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Jonathan Druart <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]-c
                   |                            |ommunity.org

--- Comment #9 from Jonathan Druart <[hidden email]> ---
What are we doing here? MySQL wants a special char to be secure so we are
arbitrarily adding a '@' at the end of the password?
Am I understanding this correctly??

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

Jonathan Druart <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |25622

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 23250] koha-create generates broken mysql password

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23250

--- Comment #12 from Jonathan Druart <[hidden email]> ---
Ok, sorry, actually it was already without special chars prior to bug 23090!

--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/