Re: [Savannah-hackers] Cron <address@hidden> sf

savannah-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --passwo

From:	Loic Dachary
Subject:	Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????
Date:	Tue, 27 Feb 2001 08:46:46 +0100 (CET)

 > 
 > Okay, I looked into it, and that was apparently not root's login
 > password, it was just the mysql password, or at least I'm not able to
 > su using it.
 > 
 > For now, I changed /etc/cron.d/savannah to run scripts with no
 > parameters.  These scripts are readable only by root, and they contain
 > the password.  This will at least prevent the password from going out in
 > email, but it will still be in the command line.

 I changed it back, it was only necessary to remove the arguments. The 
necessary information is found in the ~/.my.cnf which is only root readable.
Sorry for the trouble.

 > That password is being passed to the mysql command line.  I know next to
 > nothing about mysql, but based on the output of "mysql --help", it looks
 > at though the password must either be given via a command line or else it
 > is read from the tty.  Perhaps the password could just be piped into it,
 > or perhaps we need to use something more fancy like expect(1).

 It can also be used over the network, provided the mysql permission tables
allow connections from remote machines using this password. The current tables
are like this:
+-------------+------+
| host        | user |
+-------------+------+
| localhost   |      |
| localhost   | root |
| subversions |      |
| subversions | root |
+-------------+------+
 And only localhost/root has a password allowing connection. The others are
stubs that do not allow connection.

 > In the meantime, could someone please change root's mysql password to
 > something else, since the old one is now sitting on a bunch of
 > people's hard drives by now?  Once you've done that, please change the
 > scripts in /subversions/sourceforge/bin/*_daily appropriately, and there
 > are probably other places that need to changed as well.

 I did that and checked the other places.

 Cheers,

-- 
Loic   Dachary         http://www.dachary.org/  address@hidden
24 av Secretan         http://www.senga.org/      address@hidden
75019    Paris         Tel: 33 1 42 45 09 16        address@hidden
        GPG Public Key: http://www.dachary.org/loic/gpg.txt

[Prev in Thread]

Current Thread

[Next in Thread]

[Savannah-hackers] Cron <address@hidden> sf_www --user root --password yawn72, Cron Daemon, 2001/02/26
- Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Hugo Gayosso, 2001/02/26
  - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Mark H. Weaver, 2001/02/27
  - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Mark H. Weaver, 2001/02/27
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Jeff Bailey, 2001/02/27
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Loic Dachary, 2001/02/27
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Mark H. Weaver, 2001/02/27
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Mark H. Weaver, 2001/02/27
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Loic Dachary <=
    - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Mark H. Weaver, 2001/02/27
  - Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????, Loic Dachary, 2001/02/27

Prev by Date: [Savannah-hackers] savannah/etc local.inc
Next by Date: [Savannah-hackers] Away
Previous by thread: Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????
Next by thread: Re: [Savannah-hackers] Cron <address@hidden> sf_www --user root --password ?????
Index(es):
- Date
- Thread