commit: 0fc8e4b963a0c1a2df778b426a479093c398679c Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Mon Sep 26 18:48:50 2016 +0000 Commit: Brian Evans <grknight <AT> gentoo <DOT> org> CommitDate: Tue Sep 27 16:44:03 2016 +0000 URL: https://gitweb.gentoo.org/proj/mysql.git/commit/?id=0fc8e4b9
mysql-multilib-r1.eclass: Fix password reading from my.cnf We are reading multiple sections from my.cnf at once from my.cnf when looking for the password for the mysql root user in mysql-multilib-r1_pkg_config(). If each section has set a password option this will result in the following invalid password value (with "set -x"): ++ local extra_options= ++ //usr/bin/my_print_defaults client mysql ++ sed -n '/^--password=/s,--password=,,gp' + MYSQL_ROOT_PASSWORD='***** *****' + [[ ***** ***** == \*\*\*\*\* ]] + set +x Like you can see the two passwords are concatenated via newline in one string which is not what we want. With this commit we will no longer read all sections at once instead we read section per section. We are now also telling the user where we are looking for the password and where we found one. In addition this commit adds a sanity check for newline to catch scenarios where the user for example has inadvertently set multiple password options in one section which we can't handle: In that case it is better to prompt for a password like no password was set in my.cnf instead of initializing mysqld with a mysql root password the user is not expecting. Gentoo-Bug: https://bugs.gentoo.org/510724 eclass/mysql-multilib-r1.eclass | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/eclass/mysql-multilib-r1.eclass b/eclass/mysql-multilib-r1.eclass index 3f7372c..ebf89f2 100644 --- a/eclass/mysql-multilib-r1.eclass +++ b/eclass/mysql-multilib-r1.eclass @@ -817,11 +817,29 @@ mysql-multilib-r1_pkg_config() { local maxtry=15 if [ -z "${MYSQL_ROOT_PASSWORD}" ]; then - MYSQL_ROOT_PASSWORD="$(mysql-multilib-r1_getoptval 'client mysql' password)" + local tmp_mysqld_password_source= + + for tmp_mysqld_password_source in mysql client; do + einfo "Trying to get password for mysql 'root' user from '${tmp_mysqld_password_source}' section ..." + MYSQL_ROOT_PASSWORD="$(mysql-multilib-r1_getoptval "${tmp_mysqld_password_source}" password)" + if [[ -n "${MYSQL_ROOT_PASSWORD}" ]]; then + if [[ ${MYSQL_ROOT_PASSWORD} == *$'\n'* ]]; then + ewarn "Ignoring password from '${tmp_mysqld_password_source}' section due to newline character (do you have multiple password options set?)!" + MYSQL_ROOT_PASSWORD= + continue + fi + + einfo "Found password in '${tmp_mysqld_password_source}' section!" + break + fi + done + # Sometimes --show is required to display passwords in some implementations of my_print_defaults if [[ "${MYSQL_ROOT_PASSWORD}" == '*****' ]]; then - MYSQL_ROOT_PASSWORD="$(mysql-multilib-r1_getoptval 'client mysql' password --show)" + MYSQL_ROOT_PASSWORD="$(mysql-multilib-r1_getoptval "${tmp_mysqld_password_source}" password --show)" fi + + unset tmp_mysqld_password_source fi MYSQL_TMPDIR="$(mysql-multilib-r1_getoptval mysqld tmpdir)" # These are dir+prefix
