Debian Bug report logs -
#439078
passwort of db user is not updated during reinstall
Reported by: Michael Biebl <biebl@debian.org>
Date: Wed, 22 Aug 2007 05:12:01 UTC
Severity: normal
Tags: confirmed
Found in version dbconfig-common/1.8.35
Fixed in version dbconfig-common/2.0.5
Done: Paul Gevers <elbrus@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, sean finney <seanius@debian.org>:
Bug#439078; Package dbconfig-common.
(full text, mbox, link).
Acknowledgement sent to Michael Biebl <biebl@debian.org>:
New Bug report received and forwarded. Copy sent to sean finney <seanius@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: dbconfig-common
Version: 1.8.35
Severity: normal
I have the following scenario:
1.) You install package foo, which creates the db bar and the mysql user
baz. Password for baz is autogenerated.
2.) You purge the package foo. dbconfig-common (via debconf) prompts me,
if I want to deconfigure the db (default yes) and in the next step, if I
want to drop the db (default no).
So most users will probably accept the default.
3.) The users reinstalls the package foo. The db bar already exists,
same for the mysql user baz. The problem now is, that the now autogenerated
password does not match the password that is already in the mysql db.
The resulting config file written by dbconfig-common is not valid, as
the user baz can't access the bar db.
I would propose the following:
If in step 3) the user does not provide a password for the user bar,
dbconfig-common should update the password of the mysql user with the
newly autogenerated password iff bar has only access rights for db foo.
If the administrator has granted the bar user additional access right
for other dbs, the password shall not be updated as this would
potentially break existing setups.
Cheers,
Michael
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.23-rc3
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages dbconfig-common depends on:
ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy
ii ucf 3.001 Update Configuration File: preserv
dbconfig-common recommends no packages.
-- debconf information:
dbconfig-common/remote-questions-default: false
dbconfig-common/pgsql/revertconf: false
dbconfig-common/internal/skip-preseed: false
dbconfig-common/db/dbname:
dbconfig-common/pgsql/manualconf:
dbconfig-common/dbconfig-remove: true
dbconfig-common/mysql/method: unix socket
dbconfig-common/upgrade-backup: true
dbconfig-common/pgsql/authmethod-admin: ident
dbconfig-common/upgrade-error: abort
dbconfig-common/purge: false
dbconfig-common/db/basepath:
dbconfig-common/install-error: abort
dbconfig-common/pgsql/no-empty-passwords:
dbconfig-common/pgsql/admin-user: postgres
dbconfig-common/dbconfig-install: true
dbconfig-common/dbconfig-reinstall: false
dbconfig-common/remote/host:
dbconfig-common/pgsql/changeconf: false
dbconfig-common/remote/newhost:
dbconfig-common/missing-db-package-error: abort
dbconfig-common/dbconfig-upgrade: true
dbconfig-common/pgsql/no-user-choose-other-method:
dbconfig-common/internal/reconfiguring: false
dbconfig-common/passwords-do-not-match:
dbconfig-common/remove-error: abort
dbconfig-common/remember-admin-pass: false
dbconfig-common/mysql/admin-user: root
dbconfig-common/pgsql/method: unix socket
dbconfig-common/pgsql/authmethod-user:
dbconfig-common/database-type:
dbconfig-common/db/app-user:
dbconfig-common/remote/port:
Added tag(s) confirmed.
Request was from Paul Gevers <elbrus@debian.org>
to control@bugs.debian.org.
(Fri, 14 Aug 2015 19:51:05 GMT) (full text, mbox, link).
Changed Bug title to 'passwort of db user is not updated during reinstall' from 'dbconfig-common: passwort of db user is not updated'
Request was from Paul Gevers <elbrus@debian.org>
to control@bugs.debian.org.
(Fri, 14 Aug 2015 19:51:05 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#439078; Package dbconfig-common.
(Sun, 28 Aug 2016 19:09:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Paul Gevers <elbrus@debian.org>:
Extra info received and forwarded to list.
(Sun, 28 Aug 2016 19:09:03 GMT) (full text, mbox, link).
Message #14 received at 439078@bugs.debian.org (full text, mbox, reply):
tag 439078 pending
thanks
Date: Sat Jul 23 13:07:14 2016 +0200
Author: Paul Gevers <elbrus@debian.org>
Commit ID: a3aff1c86205ef4c6de78a53e135e4377552bb5d
Commit URL: https://anonscm.debian.org/cgit/collab-maint/dbconfig-common.git;a=commitdiff;h=a3aff1c86205ef4c6de78a53e135e4377552bb5d
Patch URL: https://anonscm.debian.org/cgit/collab-maint/dbconfig-common.git;a=commitdiff_plain;h=a3aff1c86205ef4c6de78a53e135e4377552bb5d
Check for mysql privileges during create_user and act according to that
Closes: #439078
Added tag(s) pending.
Request was from Paul Gevers <elbrus@debian.org>
to control@bugs.debian.org.
(Sun, 28 Aug 2016 19:09:35 GMT) (full text, mbox, link).
Reply sent
to Paul Gevers <elbrus@debian.org>:
You have taken responsibility.
(Sun, 28 Aug 2016 19:21:04 GMT) (full text, mbox, link).
Notification sent
to Michael Biebl <biebl@debian.org>:
Bug acknowledged by developer.
(Sun, 28 Aug 2016 19:21:05 GMT) (full text, mbox, link).
Message #21 received at 439078-close@bugs.debian.org (full text, mbox, reply):
Source: dbconfig-common
Source-Version: 2.0.5
We believe that the bug you reported is fixed in the latest version of
dbconfig-common, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 439078@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Gevers <elbrus@debian.org> (supplier of updated dbconfig-common package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 26 Aug 2016 17:04:14 +0200
Source: dbconfig-common
Binary: dbconfig-common dbconfig-mysql dbconfig-pgsql dbconfig-sqlite dbconfig-sqlite3 dbconfig-no-thanks
Architecture: source
Version: 2.0.5
Distribution: unstable
Urgency: medium
Maintainer: Paul Gevers <elbrus@debian.org>
Changed-By: Paul Gevers <elbrus@debian.org>
Description:
dbconfig-common - framework that helps packages to manage databases
dbconfig-mysql - dbconfig-common MySQL/MariaDB support
dbconfig-no-thanks - dbconfig-common bypass
dbconfig-pgsql - dbconfig-common PostgreSQL support
dbconfig-sqlite - dbconfig-common SQLite support
dbconfig-sqlite3 - dbconfig-common SQLite3 support
Closes: 439078 475829 663234 824329 824537 825517 830888 834294
Changes:
dbconfig-common (2.0.5) unstable; urgency=medium
.
* Minor fixes to the documentation, thanks to Carsten Leonhardt
* Update Brazilian, thanks Adriano Rafael Gomes (Closes: #824329)
* Add libdbd-mysql-perl dependency for the install-examples tests
* Prevent empty dbc_dbname in dbc_read_package_debconf (LP: #689327)
* Don't forget app-pass during reconfigure/error (Closes: #825517)
* Improve installation and reconfigure situation in the cases where
database administrator rights are not needed. This enables most
packages to be installed using a database server where the user is
already created and has enough privileges. (Closes: #475829)
* Prevent empty MySQL port as MySQL 5.7 doesn't support it anymore
(Closes: #824537)
* Make sure that debconf questions regarding multidbs can be backed up
properly (Closes: #663234)
* Check existing mysql privileges and behave according to the answer
(Closes: #439078)
* Bump Standards (no changes)
* Fix PostgreSQL Unix socket use: it was always using TCP (Closes:
#834294)
* Fail PostgreSQL case when using ident for authentication but the
system user with the name of the dbuser name doesn't exist. Mapping
isn't supported (yet) (Closes: #830888)
* [tests] Drop posh testing for now, seems like a test framework issue
i.s.o a dbconfig issue
* [tests] Add MySQL/MariaDB TCP/IP no-admin testcase
Checksums-Sha1:
5be4a3b84cdb3d5532df4bbe13f006cc6112a04b 1871 dbconfig-common_2.0.5.dsc
ed8aa94d455903f11f8c0a82575f85f1538786b6 214588 dbconfig-common_2.0.5.tar.xz
Checksums-Sha256:
844c1febfbb167fbf537b0b6909898b82297cc143e29d3be79bfae9ebf91e841 1871 dbconfig-common_2.0.5.dsc
96f7c59593a3e748e8fd0176568fa6f679f4de6473dc15f15d82ff8742b33602 214588 dbconfig-common_2.0.5.tar.xz
Files:
39c0bfef1344d665b497c76ec6e1d9e6 1871 admin optional dbconfig-common_2.0.5.dsc
5c8be0f8318c5806b6e62fd37b1a3aa5 214588 admin optional dbconfig-common_2.0.5.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJXwzReAAoJEJxcmesFvXUKUSoH/ioU8oTgEMT7vsXAiu1rV9Ps
ZzpadLlhpquYq6vtje8APvdVsKm5ZYdU67FIAll5PGl8GpxtFf8baAES9kkq6Idr
Xnenhw9iBo7YOt2BtzC8cyjisDLYz7XLLvJNSfIZzn82utvGggmwDRjlhs77Irld
3sOUNnBftI6lnawb0beyne+QZeZR1HznW2Sti1y9JK+cRS0XLM9joSi6FS47oe7T
qc6Hkn43sDbMLNFQkTazqRj97Gh8z+RqWWuyYmahddvP5ezIoCLbZj0PgE+Lmy6Z
tyaFEInwQmlMa8q9wWWzJzBteOzOniQdmSc8OFsBAyziQMl4Mp2VoeG389PP0sE=
=j6BB
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 26 Sep 2016 07:36:26 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Jan 6 07:08:48 2018;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.