Description:
mysql_secure_installation command attempts to read password from ~/.mysql_secret. This file is generated by mysql_install_db command on MySQL 5.6 and MySQL 5.7 only. As of MySQL 8.0 series, mysql_install_db is removed. So, the file is not created any longer.
How to repeat:
Run mysql_secure_insallation without specifying login credentials.
Suggested fix:
diff --git a/client/mysql.cc b/client/mysql.cc
index 55fed58861a..d9f384cfcc3 100644
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -1936,8 +1936,8 @@ static void usage(int version)
break;
}
}
+ print_defaults(MYSQL_CONFIG_NAME, load_default_groups);
my_print_help(my_long_options);
- print_defaults("my", load_default_groups);
my_print_variables(my_long_options);
}
diff --git a/client/mysql_secure_installation.cc b/client/mysql_secure_installation.cc
index f265323f5ae..8ba89991ff8 100644
--- a/client/mysql_secure_installation.cc
+++ b/client/mysql_secure_installation.cc
@@ -84,8 +84,6 @@ static struct my_option my_connection_options[]=
{0, 0, 0, 0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0}
};
-my_bool find_temporary_password(char **p);
-
static void print_version(void)
{
fprintf(stdout, "%s Ver %s, for %s on %s\n", my_progname,
@@ -604,24 +602,12 @@ int get_opt_user_password()
{
/*
No password is provided and we cannot connect with a blank password.
- Assume there is an ongoing deployment running and attempt to locate
- the temporary password file.
*/
- char *temp_pass;
- if (find_temporary_password(&temp_pass) == TRUE)
- {
- my_free(password);
- password= temp_pass;
- using_temporary_password= TRUE;
- }
- else
- {
- char prompt[128];
- my_snprintf(prompt, sizeof(prompt) - 1,
- "Enter password for user %s: ", opt_user);
- // Request password from user
- password= get_tty_password(prompt);
- }
+ char prompt[128];
+ my_snprintf(prompt, sizeof(prompt) - 1,
+ "Enter password for user %s: ", opt_user);
+ // Request password from user
+ password= get_tty_password(prompt);
}
init_connection_options(&mysql);
} // if !password_provided
@@ -838,71 +824,6 @@ void reload_privilege_tables()
}
-/**
- Attempt to retrieve a password from the temporary password file
- '.mysql_secret'.
- @param p[out] A pointer to a password in a newly allocated buffer or null
- @returns true if the password was successfully retrieved.
-*/
-
-my_bool find_temporary_password(char **p)
-{
- const char *root_path= "/root";
- const char *password_file_name= "/.mysql_secret";
- *p= NULL;
- const char *home= getenv("HOME");
- if (home == NULL)
- home= root_path;
-
- size_t home_len= strlen(home);
- size_t path_len= home_len + strlen(password_file_name)+1;
- char *path= (char *)malloc(path_len);
- memset(path, 0, path_len);
-
- strcat(path, home);
- strcat(path, password_file_name);
- FILE *fp= fopen(path, "r");
- if (fp == NULL)
- {
- free(path);
- return FALSE;
- }
-
- /*
- The format of the password file is
- ['#'][bytes]['\n']['password bytes']['\n']|[EOF])
- */
- char header[256];
- char password[64];
- size_t password_len=0;
- /* Read header and skip it */
- if (fgets(&header[0], sizeof(header), fp) == NULL || header[0] != '#')
- goto error;
-
- /* Read password */
- if (fgets(&password[0], sizeof(password), fp) == NULL)
- goto error;
-
- /* Remove terminating newline character if it exists */
- password_len= strlen(&password[0]);
- if (password[password_len - 1] == '\n')
- password[password_len - 1] = '\0';
-
- *p= my_strdup(PSI_NOT_INSTRUMENTED,
- &password[0], MYF(MY_FAE));
- fprintf(stdout, "Connecting to MySQL server using password in '%s'\n",path);
-
- free(path);
- return TRUE;
-
- error:
- fprintf(stdout, "The password file '%s' is corrupt! Skipping.\n", path);
- if (path)
- free(path);
- return FALSE;
-}
-
-
int main(int argc,char *argv[])
{
int reply;
Description: mysql_secure_installation command attempts to read password from ~/.mysql_secret. This file is generated by mysql_install_db command on MySQL 5.6 and MySQL 5.7 only. As of MySQL 8.0 series, mysql_install_db is removed. So, the file is not created any longer. How to repeat: Run mysql_secure_insallation without specifying login credentials. Suggested fix: diff --git a/client/mysql.cc b/client/mysql.cc index 55fed58861a..d9f384cfcc3 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -1936,8 +1936,8 @@ static void usage(int version) break; } } + print_defaults(MYSQL_CONFIG_NAME, load_default_groups); my_print_help(my_long_options); - print_defaults("my", load_default_groups); my_print_variables(my_long_options); } diff --git a/client/mysql_secure_installation.cc b/client/mysql_secure_installation.cc index f265323f5ae..8ba89991ff8 100644 --- a/client/mysql_secure_installation.cc +++ b/client/mysql_secure_installation.cc @@ -84,8 +84,6 @@ static struct my_option my_connection_options[]= {0, 0, 0, 0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0} }; -my_bool find_temporary_password(char **p); - static void print_version(void) { fprintf(stdout, "%s Ver %s, for %s on %s\n", my_progname, @@ -604,24 +602,12 @@ int get_opt_user_password() { /* No password is provided and we cannot connect with a blank password. - Assume there is an ongoing deployment running and attempt to locate - the temporary password file. */ - char *temp_pass; - if (find_temporary_password(&temp_pass) == TRUE) - { - my_free(password); - password= temp_pass; - using_temporary_password= TRUE; - } - else - { - char prompt[128]; - my_snprintf(prompt, sizeof(prompt) - 1, - "Enter password for user %s: ", opt_user); - // Request password from user - password= get_tty_password(prompt); - } + char prompt[128]; + my_snprintf(prompt, sizeof(prompt) - 1, + "Enter password for user %s: ", opt_user); + // Request password from user + password= get_tty_password(prompt); } init_connection_options(&mysql); } // if !password_provided @@ -838,71 +824,6 @@ void reload_privilege_tables() } -/** - Attempt to retrieve a password from the temporary password file - '.mysql_secret'. - @param p[out] A pointer to a password in a newly allocated buffer or null - @returns true if the password was successfully retrieved. -*/ - -my_bool find_temporary_password(char **p) -{ - const char *root_path= "/root"; - const char *password_file_name= "/.mysql_secret"; - *p= NULL; - const char *home= getenv("HOME"); - if (home == NULL) - home= root_path; - - size_t home_len= strlen(home); - size_t path_len= home_len + strlen(password_file_name)+1; - char *path= (char *)malloc(path_len); - memset(path, 0, path_len); - - strcat(path, home); - strcat(path, password_file_name); - FILE *fp= fopen(path, "r"); - if (fp == NULL) - { - free(path); - return FALSE; - } - - /* - The format of the password file is - ['#'][bytes]['\n']['password bytes']['\n']|[EOF]) - */ - char header[256]; - char password[64]; - size_t password_len=0; - /* Read header and skip it */ - if (fgets(&header[0], sizeof(header), fp) == NULL || header[0] != '#') - goto error; - - /* Read password */ - if (fgets(&password[0], sizeof(password), fp) == NULL) - goto error; - - /* Remove terminating newline character if it exists */ - password_len= strlen(&password[0]); - if (password[password_len - 1] == '\n') - password[password_len - 1] = '\0'; - - *p= my_strdup(PSI_NOT_INSTRUMENTED, - &password[0], MYF(MY_FAE)); - fprintf(stdout, "Connecting to MySQL server using password in '%s'\n",path); - - free(path); - return TRUE; - - error: - fprintf(stdout, "The password file '%s' is corrupt! Skipping.\n", path); - if (path) - free(path); - return FALSE; -} - - int main(int argc,char *argv[]) { int reply;