Bug #26868 server install fails whith service_manager password like $xxxxx!
Submitted: 6 Mar 2007 10:38 Modified: 11 Jul 2007 15:41
Reporter: Kristian Koehntopp Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Installing Severity:S2 (Serious)
Version:1.0.1.4391 - 1.1.0.4876 OS:Linux (SLES-9)
Assigned to: BitRock Merlin CPU Architecture:Any
Tags: escaping, mer 111, password

[6 Mar 2007 10:38] Kristian Koehntopp 
Description:
Merlin installation fails with

0% ______________ 50% ______________ 100%
########################################
Error: Error running /opt/mysql/network/monitoring/mysql/bin/mysql --defaults-file=/opt/mysql/network/monitoring/mysql/my.cnf -S/opt/mysql/network/monitoring/mysql/tmp/mysql.sock -u service_manager -D merlin --password='$up3RMySQL!' -e "CREATE TABLE users (user_id int(11) NOT NULL auto_increment, user_name varchar(255) NOT NULL, user_pass varchar(32) NOT NULL, role_name varchar(255) NOT NULL, PRIMARY KEY  (user_id), UNIQUE KEY user_name (user_name)) ENGINE=InnoDB DEFAULT CHARSET=utf8; create unique index users_idx on users (user_name); insert into users values (NULL,'admin',md5('$up3RMySQL!'),'manager'); insert into users            values (NULL,'agent',md5('$up3RMySQL!'),'agent');" : ERROR 1045 (28000): Access denied for user 'service_manager'@'localhost' (using password: YES)
Press [Enter] to continue :
[1]+  Stopped

./mysqlnetwork-1.0.1.4391-linux-installer.bin

How to repeat:
Install mysqlserviceagent-1.0.1.4391-linux-sles9-x86_64-installer.bin as offered currently for download on enterprise.mysql.com. Answer all questions with return unless it is a password question. Answer password question with "$up3RMySQL!".

Stopping the server and restarting it with skip-grant-tables shows that there is no root user, that there is a service_manager user that has DBA privs and that has a wrong password hash (a password hash that does not match the output of password("$up3RMySQL!")).

Using a different password that does not contain $ or !: the problem is not reproducible. This is avalid workaround.

Using 1.1, pino was unable to reproduce.

Suggested fix:
Escape passwords properly when passing them around. Even better: Do not pass passwords to the shell, they will be visible in the processlist.
[6 Mar 2007 13:01] Carsten Segieth 
- problem verified with 1.0.1.4391

- and there might be a problem also with 1.1.0.4876 on Linux (I tested on SLES9): the install (as root) goes fine with all defaults except the service_manager password (I used Kristian's password shown above), but when I connect first time with the browser I got a login screen and not the first time setup page.

- installed on WinXP with the same password did not show any problems

- I'll check again the Linux install now.
[6 Mar 2007 15:12] Carsten Segieth 
- the problem still exists in 1.1.0.4876 on Linux. Verified on 2 systems (SLES9 + RH4) with passwords like (without the ") "$xxxxx!". A password "@pino!" worked well.
[6 Mar 2007 15:13] Carsten Segieth 
Problem with the current 1.1.0.4876 is that the install seems to work well, but then the login page is shown instead of the first setup page.
[6 Mar 2007 16:26] BitRock Merlin 
The password needs to be passed in the database creation step, which we are doing per-your original instructions. Any suggestions on how it should be escaped?
[3 Apr 2007 12:38] Peter Keane 
I just discovered a similar problem with installation on windows server (2003).

I was using a password with an apostrophe in it. The installation finished after getting an error message, but i can't login as service_manager in the web dashboard.

Peter
[13 Apr 2007 12:28] Mark Leith 
Hi Bitrock,

How exactly is the password now created on the initial setup? I can verify that a password containing $ and ! does in fact work just fine, from the MySQL perspective:

-bash-3.00$ mysql -u merlin -p -S /opt/mysql/network/monitoring/mysql/tmp/mysql.sock
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 9 to server version: 5.0.28-enterprise-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> GRANT ALL ON *.* TO 'service_manager'@'localhost' IDENTIFIED BY '$upermysql!';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye
-bash-3.00$ mysql -u service_manager  --password='$upermysql!' -S /opt/mysql/network/monitoring/mysql/tmp/mysql.sock
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10 to server version: 5.0.28-enterprise-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>

Pino also pointed out that changing the '$' character has allowed this to work correctly.

Could there be some problem passing in $something (thinking it is a variable for replacement perhaps?)

Cheers,

Mark
[10 May 2007 16:49] Andy Bang 
Via Skype:

[9:41:01 AM] ridruejo says: "I was using a password with an apostrophe in it. The installation finished after getting an error message, but i can't login as service_manager in the web dashboard."
[9:41:25 AM] ridruejo says: Is there a way to escape totally such occurences (equivalent of CDATA in XML)?
[22 Jun 2007 17:58] BitRock Merlin 
Patch sent to Keith.
[26 Jun 2007 13:48] Keith Russell 
Patch installed in versions => 1.2.0.6185
[11 Jul 2007 11:37] Mark Leith 
Verified fixed within 1.2.0.6550
[11 Jul 2007 15:41] Peter Lavin 
Added to the changelog for version 1.2.