[MXS-2368] maxctrl requires password on command line and cannot change user password - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.4
Fix Version/s: 2.2.20, 2.3.5
Component/s: maxctrl
Labels:
None
Environment:
centos-7

Description

Two issues with maxctrl:

1. maxctrl requires the maxadmin user password to be provided on command line (--password). A simple more secure solution would be to allow the password to be provided via an environment variable, but that is not totally secure since it is visible in /proc. Best solution would be to allow it to be passed via stdin, but that is currently not supported via tools (ie., not a TTY).

2. maxctrl does not have an interface (eg., maxctrl alter user) to allow changing the password of an existing user. The user must be destroyed and re-created with new password.

Attachments

Issue Links

relates to

MXS-3896 When reading password from stdin via redirect, interactive use is no longer possible

Closed

MXS-2381 Admin user passwords cannot be changed

Closed

Activity

People

Assignee:: markus makela

Reporter:: Richard Lane

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-03-06 21:20

Updated:: 2021-11-30 13:55

Resolved:: 2019-03-13 11:46

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.