Details
-
Bug
-
Status: Open (View Workflow)
-
Minor
-
Resolution: Unresolved
-
10.3.31, 10.3.32
-
None
-
None
Description
In this piece of code:
it says:
pass="`sed -n 's/^[ ]*password *= *// p' $dc | head -n 1`"
|
But if – for some reason – the password ends in whitespace, this whitespaces is included in the password later on:
https://github.com/MariaDB/server/blob/3fbe30024ff0b4e3f6e63027a988564a96b40bc6/debian/mariadb-server-10.3.postinst#L204
"REPLACE INTO user SET " \
|
" host='localhost', user='debian-sys-maint', password=password('$pass'), " \
|
But all the mysql tools ignore this whitespace. So any attempt to log in using the debian.cnf fails.
Suggested fix:
pass="`sed -n 's/^[[:blank:]]*password[[:blank:]]*=[[:blank:]]*\([^[:blank:]]*\).*/\1/ p' $dc | head -n 1`"
|
Test:
# pass="`sed -n 's/^[ ]*password *= *// p' /etc/mysql/debian.cnf | head -n 1`"; echo "$pass" | cat -A
|
example_pass $
|
|
|
# pass="`sed -n 's/^[[:blank:]]*password[[:blank:]]*=[[:blank:]]*\([^[:blank:]]*\).*/\1/ p' /etc/mysql/debian.cnf | head -n 1`"; echo "$pass" | cat -A
|
example_pass$
|
Cheers,
Walter
P.S. 10.4+ is unaffected, as it uses passwordless login.