kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch '247_escape-mysql-passwords-at-install' into pu

This commit is contained in:
Kienan Stewart 2018-06-13 18:04:25 -04:00
parent c300912d78 1b08ae2638
commit e9da389e85
2 changed files with 22 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
install/alternc.install
View File

@ -155,7 +155,8 @@ if [ -r /etc/alternc/my.cnf ]; then
# * add a right quote operator at the end of line (;s) # * add a right quote operator at the end of line (;s)
# * convert mysql variables into our MYSQL_ naming convention (;s) # * convert mysql variables into our MYSQL_ naming convention (;s)
# * print the result (;p) # * print the result (;p)
eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_USER/;s/password/MYSQL_PASS/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my.cnf` MYSQL_PASS_ESC=$(echo "$MYSQL_PASS" | sed -e 's/[\/&^$]/\\&/g')
eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_USER/;s/password/MYSQL_PASS_ESC/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my.cnf`
chown root:alterncpanel /etc/alternc/my.cnf chown root:alterncpanel /etc/alternc/my.cnf
chmod 640 /etc/alternc/my.cnf chmod 640 /etc/alternc/my.cnf
fi fi
@ -168,7 +169,8 @@ if [ -r /etc/alternc/my_mail.cnf ]; then
# * add a right quote operator at the end of line (;s) # * add a right quote operator at the end of line (;s)
# * convert mysql variables into our MYSQL_ naming convention (;s) # * convert mysql variables into our MYSQL_ naming convention (;s)
# * print the result (;p) # * print the result (;p)
eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_MAIL_USER/;s/password/MYSQL_MAIL_PASS/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my_mail.cnf` MYSQL_MAIL_PASS_ESC=$(echo "$MYSQL_MAIL_PASS" | sed -e 's/[\/&^$]/\\&/g')
eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_MAIL_USER/;s/password/MYSQL_MAIL_PASS_ESC/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my_mail.cnf`
chown root:alterncpanel /etc/alternc/my_mail.cnf chown root:alterncpanel /etc/alternc/my_mail.cnf
chmod 640 /etc/alternc/my_mail.cnf chmod 640 /etc/alternc/my_mail.cnf
fi fi

84
install/mysql.sh
View File

@ -117,87 +117,39 @@ if [ -f $MYSQL_CONFIG ]; then
echo "Updating mysql configuration in $MYSQL_CONFIG" echo "Updating mysql configuration in $MYSQL_CONFIG"
else else
echo "Creating mysql configuration in $MYSQL_CONFIG" echo "Creating mysql configuration in $MYSQL_CONFIG"
cat > $MYSQL_CONFIG <<EOF
# AlternC - Web Hosting System - MySQL Configuration
# Automatically generated by AlternC configuration, do not edit
# This file will be modified on package configuration
# (e.g. upgrade or dpkg-reconfigure alternc)
[mysql]
database=
[client]
EOF
chown root:www-data $MYSQL_CONFIG
chmod 640 $MYSQL_CONFIG
fi fi
if [ -f $MYSQL_MAIL_CONFIG ]; then if [ -f $MYSQL_MAIL_CONFIG ]; then
echo "Updating mysql configuration in $MYSQL_MAIL_CONFIG" echo "Updating mysql configuration in $MYSQL_MAIL_CONFIG"
else else
echo "Creating mysql configuration in $MYSQL_MAIL_CONFIG" echo "Creating mysql configuration in $MYSQL_MAIL_CONFIG"
cat > $MYSQL_MAIL_CONFIG <<EOF fi
# AlternC - Web Hosting System - MySQL mail user Configuration
write_mysql_cnf() {
local filename="$1"
local host=$(echo "$2" | sed -e 's/["]/\\&/g')
local db=$(echo "$3" | sed -e 's/["]/\\&/g')
local user=$(echo "$4" | sed -e 's/["]/\\&/g')
local password=$(echo "$5" | sed -e 's/["]/\\&/g')
cat > "$filename" <<EOF
# AlternC - Web Hosting System - MySQL mail user Configuration
# Automatically generated by AlternC configuration, do not edit # Automatically generated by AlternC configuration, do not edit
# This file will be modified on package configuration # This file will be modified on package configuration
# (e.g. upgrade or dpkg-reconfigure alternc) # (e.g. upgrade or dpkg-reconfigure alternc)
[mysql] [mysql]
database= database="$db"
[client] [client]
host="$host"
user="$user"
password="$password"
EOF EOF
chown root:www-data $MYSQL_MAIL_CONFIG chown root:www-data "$filename"
chmod 640 $MYSQL_MAIL_CONFIG chmod 640 "$filename"
fi
# create a sed script to create/update the file
set_value() {
var=$1
RET=$2
file=$3
grep -Eq "^ *$var=" $file || echo "$var=" >> $file
if [ $file = $MYSQL_CONFIG ]; then
SED_SCRIPT_USR="$SED_SCRIPT_USR;s\\^ *$var=.*\\$var=\"$RET\"\\"
else
SED_SCRIPT_MAIL="$SED_SCRIPT_MAIL;s\\^ *$var=.*\\$var=\"$RET\"\\"
fi
} }
SED_SCRIPT_USR="" write_mysql_cnf "$MYSQL_CONFIG" "$host" "$database" "$user" "$password"
SED_SCRIPT_MAIL="" write_mysql_cnf "$MYSQL_MAIL_CONFIG" "$host" "$database" "$alternc_mail_user" "$alternc_mail_password"
# hostname was empty in older (pre-0.9.6?) versions
if [ -z "$host" ]; then
host="localhost"
fi
#filling the config file for the sysusr
set_value host $host $MYSQL_CONFIG
set_value database $database $MYSQL_CONFIG
set_value user $user $MYSQL_CONFIG
set_value password $password $MYSQL_CONFIG
#filling the config file for the mailuser
set_value host $host $MYSQL_MAIL_CONFIG
set_value database $database $MYSQL_MAIL_CONFIG
set_value user $alternc_mail_user $MYSQL_MAIL_CONFIG
set_value password $alternc_mail_password $MYSQL_MAIL_CONFIG
# take extra precautions here with the mysql password:
# put the sed script in a temporary file
SED_SCRIPT_NAME=`mktemp`
cat > $SED_SCRIPT_NAME <<EOF
$SED_SCRIPT_USR
EOF
sed -f "$SED_SCRIPT_NAME" < $MYSQL_CONFIG > $MYSQL_CONFIG.$$
mv -f $MYSQL_CONFIG.$$ $MYSQL_CONFIG
rm -f $SED_SCRIPT_NAME
SED_SCRIPT_NAME_MAIL=`mktemp`
cat > $SED_SCRIPT_NAME_MAIL <<EOF
$SED_SCRIPT_MAIL
EOF
sed -f "$SED_SCRIPT_NAME_MAIL" < $MYSQL_MAIL_CONFIG > $MYSQL_MAIL_CONFIG.$$
mv -f $MYSQL_MAIL_CONFIG.$$ $MYSQL_MAIL_CONFIG
rm -f $SED_SCRIPT_NAME_MAIL
# Now we should be able to use the mysql configuration # Now we should be able to use the mysql configuration
mysql="/usr/bin/mysql --defaults-file=$MYSQL_CONFIG" mysql="/usr/bin/mysql --defaults-file=$MYSQL_CONFIG"