Bug #17700 mysql_fix_privilege_tables root password
Submitted: 24 Feb 2006 14:50 Modified: 24 Jan 2007 0:44
Reporter: Christian Deligant Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Command-line Clients Severity:S3 (Non-critical)
Version:4.0.27-BK, 4.0.24 OS:kernel 2.4, debian sarge_1
Assigned to: Ian Greenhoe CPU Architecture:Any

[24 Feb 2006 14:50] Christian Deligant
Description:
The mysql_fix_privilege_tables program doesn't accept passwords that are made of space-separated words or have an apostrophe inside.

How to repeat:
example (suppose root's password is "I'm the first")
mysql_fix_privilege_tables I'm the first [this didn't work]
mysql_fix_privilege_tables "I'm the first" [neither did this]
mysql_fix_privilege_tables 'I\'m the first' [nor this]

Suggested fix:
change the behaviour in that it ALWAYS asks for a password, ignoring it if it is empty
OR introduce a -p option like the other programs of the suite
[25 Feb 2006 21:40] Valeriy Kravchuk
Thank you for a problem report. Please, specify the exact version of MySQL server from which that mysql_fix_privilege_tables is taken.
[27 Feb 2006 10:23] Christian Deligant
The exact version of the server running is

4.0.24_Debian-10sarge1-log

But the same "behaviour" was existing in prior versions as well (I allways had to do the workaround when upgrading)
[27 Feb 2006 14:58] Valeriy Kravchuk
Please, provide the entire test case, starting with setting 'I\'m root' of similar password for the root user. Can you connect with that password to your original server?
[27 Feb 2006 17:54] Christian Deligant
Well, obviously, I can connect as root to the server via the "I'm root" password given at request when I do «mysql -uroot -p [enter]» (or other programs like mysqladmin) or in scripts invoking «mysql -uroot -p"I'm root"»...

As stated by the mysql_fix_privilege_tables script (run as root), if the script doesn't work I have to provide the root password as an argument to the script, even if it is known (and said!) this is insecure. But neither of these did work:
- mysql_fix_privilege_tables I'm root [enter]
- mysql_fix_privilege_tables  "I'm root" [enter]
- mysql_fix_privilege_tables 'I\m root' [enter]
- mysql_fix_privilege_tables -p"I'm root" [enter]
- mysql_fix_privilege_tables -p [enter]

So I logged on in Mysql as root, changed the password with a simpler one (a), exit Mysql, relaunched the script with

mysql_fix_privilege_tables a [enter]

went back in mysql to put the old password again.
[27 Feb 2006 18:06] Christian Deligant
For further explanation... try this on a fake Mysql server

#> mysqladmin -uroot -p password "I'm root" [enter]

(at the prompt give the "old" root password)
now with

#> mysql_fix_privilege_tables 

you are asking to put the new password as an argument, but doing 

#> mysql_fix_privilege_tables [ I'm root | "I'm root" | 'I\'m root' | -p ]

prints out help pages instead of "doing the job"
I guess the help pages are of all the programs cited in the script that don't understand that kind of password...

Hope this helps!

PS: don't forget to revert to the old password with
#> mysqladmin -uroot -p password "[OLD PASSWORD]" [enter]

writing "I'm root" (without quotes or escapes) on the prompt
[5 Apr 2006 17:22] Valeriy Kravchuk
Verified just as described in the last two comments. Even adding option --password="I'm root" etc. (like suggested int the script itself) does not help. Works OK with a password of one word, like "root".
[23 Jun 2006 20:07] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/8157
[1 Aug 2006 7:15] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/9873

ChangeSet@1.2528, 2006-08-01 00:15:16-07:00, igreenhoe@anubis.greendragongames.com +1 -0
  Fix for bug #17700 (mysql_fix_privilege_tables cannot handle a
  password with embedded spaces)
  
  Problem:  Original code written assuming password contains no spaces.
  Further, because of how sh interprets characters in variables, you
  cannot do the "simple solution".
  
  Solution:  Move the "was a password provided" check to the end. This
  allows us to correctly quote the password argument when passed to the
  mysql client program.  Addendum:  Put this check inside of a shell fn
  to simplify the code.
[24 Jan 2007 0:44] Paul Dubois
Noted in 4.1.23, 5.0.32, 5.1.15 changelogs.

mysql_fix_privilege_tables did not handle a password containing 
embedded space or apostrophe characters.