[MDEV-13288] Regression: test plugins.cracklib_password_check fails on all platforms in downstream Debian based distributions Created: 2017-07-10  Updated: 2019-11-26  Resolved: 2019-11-25

Status: Closed
Project: MariaDB Server
Component/s: Authentication and Privilege System, Platform Debian, Tests
Affects Version/s: 10.1.25
Fix Version/s: 10.1.44

Type: Bug Priority: Critical
Reporter: Otto Kekäläinen Assignee: Vicențiu Ciorbaru
Resolution: Fixed Votes: 0
Labels: None

Sprint: 10.1.29

 Description   

See https://launchpad.net/~mysql-ubuntu/+archive/ubuntu/mariadb-10.1/+builds?build_text=&build_state=all as of today.

On all platforms we get this failure:

plugins.cracklib_password_check          w3 [ fail ]
 
        Test ended at 2017-07-10 16:09:02
 
 
 
CURRENT_TEST: plugins.cracklib_password_check
 
mysqltest: At line 30: query 'grant select on *.* to foobar identified by 'q$%^&*rty'' failed: 1819: Your password does not satisfy the current policy requirements
 
 
 
The result from queries just before the failure was:
 
< snip >
 
Error	1819	Your password does not satisfy the current policy requirements
 
grant select on *.* to foocar identified by 'racoof';
 
ERROR HY000: Your password does not satisfy the current policy requirements
 
 
 
 
 
 
 
plugins.two_password_validations         w3 [ fail ]
 
        Test ended at 2017-07-10 16:09:04
 
 
 
CURRENT_TEST: plugins.two_password_validations
 
mysqltest: At line 21: query 'grant select on *.* to foobar identified by 'q$%^&*R1234ty'' failed: 1819: Your password does not satisfy the current policy requirements
 
 
 
The result from queries just before the failure was:
 
install soname "simple_password_check";
 
grant select on *.* to Fff_fff1 identified by '1fff_ffF';
 
drop user Fff_fff1;
 
install soname "cracklib_password_check";
 
grant select on *.* to foobar identified by 'q$%^&*R1234ty';

Why is this? I don't see anything in the release notes, commits in debian/* or in other obvious places what was changed since 10.1.24 so that this started to fail.

This is blocking security uploads to Ubuntu 17.04 at the moment (https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1698689) so I marked it serious.

This is also a symptom of our long standing challenges in quality - we seem to get test suite discoverable regressions in stable releases every now and then, even though they should be easy to detect and fix before making a new release.

FYI cvicentiu and oerdnj

 Comments   
Comment by Ondřej Surý (Inactive) [ 2017-07-10 ]

That would be https://anonscm.debian.org/git/pkg-mysql/mariadb-10.1.git/commit/?id=97b43b910d4b095e16dfa7834bb0a6e059075ec9

Comment by Otto Kekäläinen [ 2017-07-10 ]

Thanks oerdnj ! All builds now green at https://launchpad.net/~mysql-ubuntu/+archive/ubuntu/mariadb-10.1/+builds?build_text=&build_state=all

Can you please also upstream that fix to https://github.com/MariaDB/server/blob/10.1/debian/control and other relevant branches (10.2, 10.3?).

Comment by Julien Fritsch [ 2019-11-25 ]

Closing it, as agreed with Vicentiu today.

Comment by Otto Kekäläinen [ 2019-11-26 ]

NOTE: cracklib-runtime was never "upstreamed"

See
https://github.com/MariaDB/server/blob/10.5/debian/control#L5-L35
https://github.com/MariaDB/server/blob/10.5/debian/autobake-deb.sh#L45-L51

This will be fixed eventually when https://salsa.debian.org/mariadb-team/mariadb-10.3/blob/master/debian/control#L9 is merged upstream (part of MDEV-6284).

You can close this or leave it open but assigned to be or faust

Comment by Vicențiu Ciorbaru [ 2019-11-26 ]

otto cracklib-runtime as part of debian/control will be part of the next 10.1 release and it will be merged into next versions as well.

Generated at Thu Feb 08 08:04:24 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.