Last active
August 29, 2015 14:02
-
-
Save pichuang/b5030671aa324d6a78cd to your computer and use it in GitHub Desktop.
auto_mysql_secure_installation.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Maintainer: Roan Huang <pichuang@cs.nctu.edu.tw> | |
Automating mysql_secure_installation | |
In this patch, MySQL default password is "ARCHLNMP" | |
default password is NOT safe to your system, Please use | |
/usr/bin/mysqladmin -u root -p'ARCHLNMP' password 'YOUR_NEW_PASSWORD' | |
change any password if you need. | |
Remember backup mysql_secure_installation. | |
Install: | |
patch -p1 /usr/bin/mysql_secure_installation < Support_auto_mysql_secure_installation.patch | |
--- origin/mysql_secure_installation 2014-06-11 18:59:38.445190132 +0800 | |
+++ new/mysql_secure_installation 2014-06-11 19:50:35.850781867 +0800 | |
@@ -20,6 +20,7 @@ | |
trap "interrupt" 1 2 3 6 15 | |
+MYSQL_ROOT_PASSWORD="ARCHLNMP" | |
rootpass="" | |
echo_n= | |
echo_c= | |
@@ -240,11 +241,7 @@ | |
get_root_password() { | |
status=1 | |
while [ $status -eq 1 ]; do | |
- stty -echo | |
- echo $echo_n "Enter current password for root (enter for none): $echo_c" | |
- read password | |
- echo | |
- stty echo | |
+ password=$MYSQL_ROOT_PASSWORD | |
if [ "x$password" = "x" ]; then | |
hadpass=0 | |
else | |
@@ -260,27 +257,8 @@ | |
} | |
set_root_password() { | |
- stty -echo | |
- echo $echo_n "New password: $echo_c" | |
- read password1 | |
- echo | |
- echo $echo_n "Re-enter new password: $echo_c" | |
- read password2 | |
- echo | |
- stty echo | |
- | |
- if [ "$password1" != "$password2" ]; then | |
- echo "Sorry, passwords do not match." | |
- echo | |
- return 1 | |
- fi | |
- | |
- if [ "$password1" = "" ]; then | |
- echo "Sorry, you can't use an empty password here." | |
- echo | |
- return 1 | |
- fi | |
- | |
+ echo "!!!WARNING!!! default password is NOT safe, please change root password before running" | |
+ password1=$MYSQL_ROOT_PASSWORD | |
esc_pass=`basic_single_escape "$password1"` | |
do_query "UPDATE mysql.user SET Password=PASSWORD('$esc_pass') WHERE User='root';" | |
if [ $? -eq 0 ]; then | |
@@ -376,7 +354,7 @@ | |
# The actual script starts here | |
prepare | |
-find_mysql_client | |
+#find_mysql_client | |
set_echo_compat | |
echo | |
@@ -401,14 +379,14 @@ | |
echo | |
if [ $hadpass -eq 0 ]; then | |
- echo $echo_n "Set root password? [Y/n] $echo_c" | |
+ echo "Set root password" | |
else | |
echo "You already have a root password set, so you can safely answer 'n'." | |
echo | |
echo $echo_n "Change the root password? [Y/n] $echo_c" | |
fi | |
-read reply | |
+reply = "y" | |
if [ "$reply" = "n" ]; then | |
echo " ... skipping." | |
else | |
@@ -432,14 +410,8 @@ | |
echo "production environment." | |
echo | |
-echo $echo_n "Remove anonymous users? [Y/n] $echo_c" | |
- | |
-read reply | |
-if [ "$reply" = "n" ]; then | |
- echo " ... skipping." | |
-else | |
- remove_anonymous_users | |
-fi | |
+echo "Remove anonymous users" | |
+remove_anonymous_users | |
echo | |
@@ -451,13 +423,8 @@ | |
echo "ensures that someone cannot guess at the root password from the network." | |
echo | |
-echo $echo_n "Disallow root login remotely? [Y/n] $echo_c" | |
-read reply | |
-if [ "$reply" = "n" ]; then | |
- echo " ... skipping." | |
-else | |
- remove_remote_root | |
-fi | |
+echo "Disallow root login remote" | |
+remove_remote_root | |
echo | |
@@ -470,13 +437,8 @@ | |
echo "before moving into a production environment." | |
echo | |
-echo $echo_n "Remove test database and access to it? [Y/n] $echo_c" | |
-read reply | |
-if [ "$reply" = "n" ]; then | |
- echo " ... skipping." | |
-else | |
- remove_test_database | |
-fi | |
+echo "Remove test database and access to it" | |
+remove_test_database | |
echo | |
@@ -488,13 +450,8 @@ | |
echo "will take effect immediately." | |
echo | |
-echo $echo_n "Reload privilege tables now? [Y/n] $echo_c" | |
-read reply | |
-if [ "$reply" = "n" ]; then | |
- echo " ... skipping." | |
-else | |
- reload_privilege_tables | |
-fi | |
+echo "Reload privilege tables now" | |
+reload_privilege_tables | |
echo | |
cleanup | |
@@ -504,3 +461,8 @@ | |
echo "installation should now be secure." | |
echo | |
echo "Thanks for using MariaDB!" | |
+echo "If you dont want to use default password ARCHLNMP, You can use " | |
+echo | |
+echo " /usr/bin/mysqladmin -u root -p'ARCHLNMP' password 'YOUR_NEW_PASSWORD' " | |
+echo | |
+echo "to change your root password" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment