Bug 24909 - mysql init scripts MUST stop using mysqladmin
Summary: mysql init scripts MUST stop using mysqladmin
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: mysql
Version: 7.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Patrick Macdonald
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-01-25 04:28 UTC by Adrian Chung
Modified: 2007-04-18 16:30 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2001-01-25 04:28:44 UTC
Embargoed:


Attachments (Terms of Use)

Description Adrian Chung 2001-01-25 04:28:41 UTC
Both the logrotate.d/mysqld script and the new mysql-3.23.32-1.7 init
script in /etc/rc.d/init.d/mysqld attempt to use mysqladmin to flush,
shutdown and reload mysqld.

How is this expected to work, when the password for the root user is set to
a non-null password?

More over, what's the point of releasing a security update when the only
way scripts will run properly is for them to expect null passwords for the
root user?

Comment 1 Trond Eivind Glomsrxd 2001-01-25 04:31:40 UTC
Creating a .my.cnf in roots home directory should fix this. If there is any
other way of flushing the logs, let me know.

Comment 2 Adrian Chung 2001-01-25 05:07:14 UTC
Works like a charm.  If only MySQL documented that somewhere useful.

If only you were closer to Canada, I'd buy you a beer. :)

Comment 3 Jon Warbrick 2001-01-30 13:23:50 UTC
Not being able to change/set the (MySQL) root password without having to store
it somewhere else in plain text is not very satisfactory. It will make it even
more likely that people will run MySQL with wide open access to anyone who can
log on to the machine.

MySQL can be cleanly stopped with a kill -TERM (that's what the supplied
mysql.server.sh script does). For log file flushing, I'd suggest that you
arrange to create a new MySQL user in postinstall with a random PWD and only
RELOAD rights. (GRANT RELOAD to *.* TO sys_reload@localhost IDENTIFIED BY
"<pwd>") Then hardwire the password into the rotate script. At least then the
password, even if discovered, will only alow someone to do one of a number of
reloads. And people will be able to set a root pwd without further problems.

Comment 4 Trond Eivind Glomsrxd 2001-01-30 20:02:31 UTC
Take a look at 3.23.32-5 when it shows up in Rawhide, it implements some of this.


Note You need to log in before you can comment on or make changes to this bug.