Bug#13741677 MYSQL_SECURE_INSTALLATION DOES NOT

WORK + SAVES ROOT PASSWORD TO DISK! The secure installation scripts connect to the server by storing the password in a temporary option file. Now, if the script gets killed or fails for some reason, the removal of the option file may not take place. This patch introduces following enhancements : * (.sh) Made sure that cleanup happens at every call to 'exit 1'. This is performed implicitly by END{} in pl.in. * (.pl.in) Added a warning in case unlink fails to delete the option/query files. * (.sh/.pl.in) Added more signals to the signal handler list. SIG# 1, 3, 6, 15
2012-07-26 21:47:03 +05:30 · 2012-07-26 21:47:03 +05:30 · b89363de1d
commit b89363de1d
parent 76386edb83
2 changed files with 20 additions and 8 deletions
--- a/scripts/mysql_secure_installation.pl.in
+++ b/scripts/mysql_secure_installation.pl.in
@ -1,7 +1,7 @@
 #!/usr/bin/perl
 # -*- cperl -*-
 #
-# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@ -28,7 +28,7 @@ my $mysql;  # How to call the mysql client
 my $rootpass = "";


-$SIG{QUIT} = $SIG{INT} = sub {
+$SIG{QUIT} = $SIG{INT} = $SIG{TERM} = $SIG{ABRT} = $SIG{HUP} = sub {
  print "\nAborting!\n\n";
  echo_on();
  cleanup();
@ -242,7 +242,11 @@ sub reload_privilege_tables {
 }

 sub cleanup {
-  unlink($config,$command);
+  print "Cleaning up...\n";
+
+  foreach my $file ($config, $command) {
+    unlink $file or warn "Warning: Could not unlink $file: $!\n";
+  }
 }


--- a/scripts/mysql_secure_installation.sh
+++ b/scripts/mysql_secure_installation.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-# Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@ -19,7 +19,7 @@ config=".my.cnf.$$"
 command=".mysql.$$"
 mysql_client=""

-trap "interrupt" 2
+trap "interrupt" 1 2 3 6 15

 rootpass=""
 echo_n=
@ -139,13 +139,16 @@ set_root_password() {
    if [ $? -eq 0 ]; then
 	echo "Password updated successfully!"
 	echo "Reloading privilege tables.."
-	reload_privilege_tables || exit 1
+	reload_privilege_tables
+	if [ $? -eq 1 ]; then
+		clean_and_exit
+	fi
 	echo
 	rootpass=$password1
 	make_config
    else
 	echo "Password update failed!"
-	exit 1
+	clean_and_exit
    fi

    return 0
@ -157,7 +160,7 @@ remove_anonymous_users() {
 	echo " ... Success!"
    else
 	echo " ... Failed!"
-	exit 1
+	clean_and_exit
    fi

    return 0
@ -217,6 +220,11 @@ cleanup() {
    rm -f $config $command
 }

+# Remove the files before exiting.
+clean_and_exit() {
+	cleanup
+	exit 1
+}

 # The actual script starts here