Bug 622907 - support piped passwords to perl-based maintenance commands
Summary: support piped passwords to perl-based maintenance commands
Status: CLOSED CURRENTRELEASE
Alias: None
Product: 389
Classification: Retired
Component: Command Line Utilities
Version: 1.2.6
Hardware: All
OS: All
medium
medium
Target Milestone: ---
Assignee: Nathan Kinder
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 639035 389_1.2.8
TreeView+ depends on / blocked
 
Reported: 2010-08-10 18:34 UTC by Ulf Weltman
Modified: 2015-12-07 17:15 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2015-12-07 17:15:57 UTC


Attachments (Terms of Use)
patch proposal (8.04 KB, patch)
2010-08-10 18:36 UTC, Ulf Weltman
no flags Details | Diff

Description Ulf Weltman 2010-08-10 18:34:31 UTC
The perl-based maintenance commands (db2index.pl, etc) call stty to disable and enable terminal echo.  A password can be piped in ("echo secret12 | db2index.pl -w - .." which succeeds, but prints a funky error.  On HP-UX it's "stty: : Not a typewriter", on Linux "stty: standard input: Invalid argument".

Comment 1 Ulf Weltman 2010-08-10 18:36:33 UTC
Created attachment 437968 [details]
patch proposal

The perl file test operator -t makes it easy to test whether the file is connected to a TTY.

Comment 4 Rich Megginson 2011-01-22 00:30:01 UTC
Well, the test works, but
 system("stty -echo");
does not.  However,
 system("/bin/stty", "-echo");
does work, but is not portable.  I guess if you specify just plain "stty" it has to invoke the shell to do the $PATH lookup, which I guess negates the stty -echo somehow.  Need to investigate this some more.

Comment 5 Rich Megginson 2011-01-24 15:53:18 UTC
To ssh://git.fedorahosted.org/git/389/ds.git
   f2a1d62..07d9cb2  master -> master
commit 07d9cb2b67b32d321ebfca0a4f1e57791c5bf411
Author: Rich Megginson <rmeggins@redhat.com>
Date:   Mon Jan 24 08:37:52 2011 -0700
    Author: ulf.weltman@hp.com
    Reviewed by: rmeggins
    Branch: master
    Fix Description: Use -t STDIN to check if the terminal is a tty
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no

Comment 6 Jenny Galipeau 2011-06-07 12:19:26 UTC
Which perl scripts should support piped passwords?

Comment 7 Rich Megginson 2011-06-07 15:56:05 UTC
bak2db.pl db2bak.pl db2index.pl db2ldif.pl fixup-linkedattrs.pl fixup-memberof.pl ldif2db.pl ns-accountstatus.pl ns-activate.pl ns-inactivate.pl schema-reload.pl syntax-validate.pl usn-tombstone-cleanup.pl

Comment 8 Amita Sharma 2011-06-16 13:42:09 UTC
1.
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./db2index.pl -D "cn=Directory Manager" -n userRoot -w -
Bind Password: 
adding new entry "cn=db2index_2011_6_16_18_57_12, cn=index, cn=tasks, cn=config"

2.
[root@rhel61 slapd-rhel61]#  echo "Secret123" | ./db2bak.pl -D "cn=Directory Manager" -w -
Bind Password: 
Back up directory: /var/lib/dirsrv/slapd-rhel61/bak/rhel61-2011_6_16_18_59_19
adding new entry "cn=backup_2011_6_16_18_59_19, cn=backup, cn=tasks, cn=config"

3.
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./bak2db.pl -D "cn=Directory Manager" -w - -a /var/lib/dirsrv/slapd-rhel61/bak/rhel61-2011_6_16_18_59_19
Bind Password: 
adding new entry "cn=restore_2011_6_16_19_0_29, cn=restore, cn=tasks, cn=config"

4.
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./db2ldif.pl -D "cn=Directory Manager" -w - -n userRoot
Bind Password: 

5. [root@rhel61 slapd-rhel61]# echo "Secret123" | ./fixup-linkedattrs.pl -D "cn=Directory Manager" -w -
Bind Password: 
adding new entry "cn=linked_attrs_fixup_2011_6_16_19_4_27, cn=fixup linked attributes, cn=tasks, cn=config"

6. 
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./fixup-memberof.pl -D "cn=Directory Manager" -w - -b "dc=example,dc=com"
Bind Password: 
adding new entry "cn=memberOf_fixup_2011_6_16_19_5_45, cn=memberOf task, cn=tasks, cn=config"

7.
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./ns-accountstatus.pl -D "cn=Directory Manager"  -w - -I "dn:uid=aami,ou=people,dc=example,dc=com"
Bind Password: 
No such object (32)
Matched DN: ou=people,dc=example,dc=com

8. [root@rhel61 slapd-rhel61]# echo "Secret123" | ./ns-activate.pl -D "cn=Directory Manager"  -w - -I "dn:uid=aami,ou=people,dc=example,dc=com"
Bind Password: 
No such object (32)
Matched DN: ou=people,dc=example,dc=com

9. [root@rhel61 slapd-rhel61]# echo "Secret123" | ./ns-inactivate.pl -D "cn=Directory Manager"  -w - -I "dn:uid=aami,ou=people,dc=example,dc=com"
Bind Password: 
No such object (32)
Matched DN: ou=people,dc=example,dc=com

10. [root@rhel61 slapd-rhel61]# echo "Secret123" | ./schema-reload.pl -D "cn=Directory Manager"  -w -
Bind Password: 
adding new entry "cn=schema_reload_2011_6_16_19_10_12, cn=schema reload task, cn=tasks, cn=config"

11. 
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./syntax-validate.pl -D "cn=Directory Manager"  -w - -b "dn:uid=aami,ou=people,dc=example,dc=com"
Bind Password: 
adding new entry "cn=syntax_validate_2011_6_16_19_11_0, cn=syntax validate, cn=tasks, cn=config"


12.
[root@rhel61 slapd-rhel61]# echo "Secret123" | ./usn-tombstone-cleanup.pl -D "cn=Directory Manager"  -w - -n userRoot
Bind Password: 
adding new entry "cn=usn_cleanup_2011_6_16_19_11_46, cn=USN tombstone cleanup task, cn=tasks, cn=config"


hence Verified.


Note You need to log in before you can comment on or make changes to this bug.