Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow empty user passwords #1075

Merged
merged 4 commits into from
Jul 11, 2018
Merged

Allow empty user passwords #1075

merged 4 commits into from
Jul 11, 2018

Conversation

ThoTischner
Copy link
Contributor

https://tickets.puppetlabs.com/browse/MODULES-7187

Changes: Allow empty user / root password.

Before this PR: Can`t set empty passwords cause of the mysql_user provider failure:
Error: Only mysql_native_password (*ABCD...XXX) hashes are supported.
Error: /Stage[main]/Mysql::Server::Root_password/Mysql_user[root@localhost]/password_hash: change from [old password hash redacted] to [new password hash redacted] failed: Only mysql_native_password (*ABCD...XXX) hashes are supported.

After this PR: Can set empty passwords cause regex of mysql_user providers password check extended:
Info: /Stage[main]/Mysql::Server::Root_password/File[/root/.my.cnf]: Filebucketed /root/.my.cnf to puppet with sum 9d96b07caeee3d0e3e7fb49e0f891860
Notice: /Stage[main]/Mysql::Server::Root_password/File[/root/.my.cnf]/content: content changed '{md5}9d96b07caeee3d0e3e7fb49e0f891860' to '{md5}337598bf15a160df1e57d2d90d5bc426'
[root@vmxxxxxx ~]# cat /root/.my.cnf

MANAGED BY PUPPET

[mysql]
user=root
host=localhost
password=''
socket=/tmp/mysql.sock

@david22swan
Copy link
Member

@disappear89 Please add a test to account for an empty password

@ThoTischner
Copy link
Contributor Author

ThoTischner commented Jun 27, 2018
edited
Loading

@david22swan
Tried to add a test but unfortunately it does not fail without the inital regex fix.
Can anyone support me by writing the test?

@david22swan
Copy link
Member

@disappear89 The test looks good, but your changes seem to have disappeared

@ThoTischner
Copy link
Contributor Author

@david22swan That was by purpose to see if the test works. But travis build does not detect an error but it should.

@ThoTischner
Copy link
Contributor Author

@david22swan Any idea? Someone else that could have a look at the test :) ?

@david22swan
Copy link
Member

@disappear89 Have you tried manually setting an empty password to see what happens?

@ThoTischner
Copy link
Contributor Author

@david22swan That`s working. We use the forged repo with my changes on our puppet setup and empty mysql passwords are possible ;)

@david22swan
Copy link
Member

@disappear89 Have you tried entering an empty password without your changes?

@ThoTischner
Copy link
Contributor Author

@david22swan Yes than the error Error:
Only mysql_native_password (*ABCD...XXX) hashes are supported
will appear.

@david22swan
Copy link
Member

@disappear89 Can you recommit the actual changes so that I can see them

@ThoTischner
Copy link
Contributor Author

@david22swan Done =)

@david22swan
Copy link
Member

@disappear89 I apologize but after conferring with members of my team there has been some question on why you wish this functionality to be added.

@ThoTischner
Copy link
Contributor Author

@david22swan No problem. We have setups where some users can connect without password but only via localhost.

@david22swan
Copy link
Member

@disappear89 Could you add a docs change to reflect this added functionality??

@ThoTischner
Copy link
Contributor Author

@david22swan
Done ;)

@david22swan david22swan merged commit 51bd650 into puppetlabs:master Jul 11, 2018
@ThoTischner
Copy link
Contributor Author

@david22swan Thanks

@pmcmaw pmcmaw added the feature label Jul 19, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
feature needs-docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ThoTischner @david22swan @pmcmaw