Bug#13741677 MYSQL_SECURE_INSTALLATION DOES NOT

WORK + SAVES ROOT PASSWORD TO DISK! The secure installation scripts connect to the server by storing the password in a temporary option file. Now, if the script gets killed or fails for some reason, the removal of the option file may not take place. This patch introduces following enhancements : * (.sh) Made sure that cleanup happens at every call to 'exit 1'. This is performed implicitly by END{} in pl.in. * (.pl.in) Added a warning in case unlink fails to delete the option/query files. * (.sh/.pl.in) Added more signals to the signal handler list. SIG# 1, 3, 6, 15

Bug#13741677 MYSQL_SECURE_INSTALLATION DOES NOT
WORK + SAVES ROOT PASSWORD TO DISK! The secure installation scripts connect to the server by storing the password in a temporary option file. Now, if the script gets killed or fails for some reason, the removal of the option file may not take place. This patch introduces following enhancements : * (.sh) Made sure that cleanup happens at every call to 'exit 1'. This is performed implicitly by END{} in pl.in. * (.pl.in) Added a warning in case unlink fails to delete the option/query files. * (.sh/.pl.in) Added more signals to the signal handler list. SIG# 1, 3, 6, 15
55f3fd4d · Nirbhay Choubey · d24a78d1 · 55f3fd4d · 55f3fd4d
Commit 55f3fd4d authored Jul 26, 2012 by Nirbhay Choubey
Show whitespace changes
Inline Side-by-side

Showing with 20 additions and 8 deletions

scripts/mysql_secure_installation.pl.in scripts/mysql_secure_installation.pl.in +7 -3

scripts/mysql_secure_installation.sh scripts/mysql_secure_installation.sh +13 -5

No files found.
--- a/scripts/mysql_secure_installation.pl.in
+++ b/scripts/mysql_secure_installation.pl.in
 #!/usr/bin/perl
 # -*- cperl -*-
 #
-# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -28,7 +28,7 @@ my $mysql;  # How to call the mysql client
 my $rootpass = "";
-$SIG{QUIT} = $SIG{INT} = sub {
+$SIG{QUIT} = $SIG{INT} = $SIG{TERM} = $SIG{ABRT} = $SIG{HUP} = sub {
  print "\nAborting!\n\n";
  echo_on();
  cleanup();
@@ -242,7 +242,11 @@ sub reload_privilege_tables {
 }
 sub cleanup {
-  unlink($config,$command);
+  print "Cleaning up...\n";
+  foreach my $file ($config, $command) {
+    unlink $file or warn "Warning: Could not unlink $file: $!\n";
+  }
 }

--- a/scripts/mysql_secure_installation.sh
+++ b/scripts/mysql_secure_installation.sh
 #!/bin/sh
-# Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -19,7 +19,7 @@ config=".my.cnf.$$"
 command=".mysql.$$"
 mysql_client=""
-trap "interrupt" 2
+trap "interrupt" 1 2 3 6 15
 rootpass=""
 echo_n=
@@ -139,13 +139,16 @@ set_root_password() {
    if [ $? -eq 0 ]; then
 	echo "Password updated successfully!"
 	echo "Reloading privilege tables.."
-	reload_privilege_tables || exit 1
+	reload_privilege_tables
+	if [ $? -eq 1 ]; then
+		clean_and_exit
+	fi
 	echo
 	rootpass=$password1
 	make_config
    else
 	echo "Password update failed!"
-	exit 1
+	clean_and_exit
    fi
    return 0
@@ -157,7 +160,7 @@ remove_anonymous_users() {
 	echo " ... Success!"
    else
 	echo " ... Failed!"
-	exit 1
+	clean_and_exit
    fi
    return 0
@@ -217,6 +220,11 @@ cleanup() {
    rm -f $config $command
 }
+# Remove the files before exiting.
+clean_and_exit() {
+	cleanup
+	exit 1
+}
 # The actual script starts here