summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2010-12-16 13:48:22 -0200
committerSilvio Rhatto <rhatto@riseup.net>2010-12-16 13:48:22 -0200
commitcd958ea3b89c93f56e4901e6fc2543d4af0e1e5b (patch)
tree7134b949df1e4fc98dcd04d3822674a593eb1aa3
parent3b8a87f69d368f726fcff38db7a16b69f173c7bc (diff)
downloadpuppet-mysql-cd958ea3b89c93f56e4901e6fc2543d4af0e1e5b.tar.gz
puppet-mysql-cd958ea3b89c93f56e4901e6fc2543d4af0e1e5b.tar.bz2
Avoid root password leak to process list
-rw-r--r--templates/setmysqlpass.sh.erb6
1 files changed, 4 insertions, 2 deletions
diff --git a/templates/setmysqlpass.sh.erb b/templates/setmysqlpass.sh.erb
index fbca07e..1cc34db 100644
--- a/templates/setmysqlpass.sh.erb
+++ b/templates/setmysqlpass.sh.erb
@@ -8,5 +8,7 @@ PASSWORD="<%= mysql_rootpw %>"
DEFAULTS="/etc/mysql/debian.cnf"
# Run
-echo "USE mysql; UPDATE user SET Password=PASSWORD('$PASSWORD') WHERE User='root' AND Host='localhost'; flush privileges;" | \
- /usr/bin/mysql --defaults-file=$DEFAULTS
+/usr/bin/mysql --defaults-file=$DEFAULTS <<EOF
+UPDATE mysql.user SET Password=PASSWORD('$PASSWORD') WHERE User='root' AND Host='localhost';
+FLUSH PRIVILEGES;
+EOF