Red Hat Bugzilla – Bug 1025856
incorrect passwords can connect after change_mysql_password is run
Last modified: 2015-05-14 19:32:19 EDT
While preparing to run the change_mysql_password script in production, ops found that users with incorrect passwords could connect after the script was run. The correct behavior is for the password to be reset if it has been changed and invalid passwords to be rejected.
Additionally, this tool should reset the password to the value in the env, not generate a new value.
Commits pushed to master at https://github.com/openshift/li
Fix bug 1025856
Signed-off-by: Stefanie Forrester <email@example.com>
Fix bug 1025856: reset to password in env instead of generating new password
Checked on devenv-stage_549,
Git clone the li-repo to get the latest script.
Change mysql password for my app,
Reset the password with the script change_mysql_password
The script finished with successful.
And after password reset, trying to connect to the db with incorrect password, it cannot be accessed.
\> mysql -uadminagNuJah -predhat -h127.1.244.2 app1
ERROR 1045 (28000): Access denied for user 'adminagNuJah'@'127.1.244.2' (using password: YES)
And can be connected with correct password.
\> mysql -uadminagNuJah -pPhvIZiYPnYZV -h127.1.244.2 app1
Welcome to the MySQL monitor. Commands end with ; or \g.