diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2010-12-16 13:48:22 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2010-12-16 13:48:22 -0200 |
commit | cd958ea3b89c93f56e4901e6fc2543d4af0e1e5b (patch) | |
tree | 7134b949df1e4fc98dcd04d3822674a593eb1aa3 | |
parent | 3b8a87f69d368f726fcff38db7a16b69f173c7bc (diff) | |
download | puppet-mysql-cd958ea3b89c93f56e4901e6fc2543d4af0e1e5b.tar.gz puppet-mysql-cd958ea3b89c93f56e4901e6fc2543d4af0e1e5b.tar.bz2 |
Avoid root password leak to process list
-rw-r--r-- | templates/setmysqlpass.sh.erb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/templates/setmysqlpass.sh.erb b/templates/setmysqlpass.sh.erb index fbca07e..1cc34db 100644 --- a/templates/setmysqlpass.sh.erb +++ b/templates/setmysqlpass.sh.erb @@ -8,5 +8,7 @@ PASSWORD="<%= mysql_rootpw %>" DEFAULTS="/etc/mysql/debian.cnf" # Run -echo "USE mysql; UPDATE user SET Password=PASSWORD('$PASSWORD') WHERE User='root' AND Host='localhost'; flush privileges;" | \ - /usr/bin/mysql --defaults-file=$DEFAULTS +/usr/bin/mysql --defaults-file=$DEFAULTS <<EOF +UPDATE mysql.user SET Password=PASSWORD('$PASSWORD') WHERE User='root' AND Host='localhost'; +FLUSH PRIVILEGES; +EOF |