summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBarracuda Team2013-04-13 20:48:34 (GMT)
committer Barracuda Team2013-04-13 20:48:34 (GMT)
commitd4538e90b03c2cb4499007d9ffc4b48c33070dba (patch)
treeb631936b1841136179f9307752fa505292b01e1a
parenta8dc531ef0286f207b4a50621eee9fd4894592da (diff)
Sync both Hostmaster (before and after the upgrade) and Provision (before the upgrade) db_passwd to avoid issues with duplicate leftover grants.
-rwxr-xr-xBARRACUDA.sh.txt74
-rw-r--r--aegir/scripts/AegirSetupA.sh.txt82
2 files changed, 99 insertions, 57 deletions
diff --git a/BARRACUDA.sh.txt b/BARRACUDA.sh.txt
index 8312363..3db613b 100755
--- a/BARRACUDA.sh.txt
+++ b/BARRACUDA.sh.txt
@@ -3161,8 +3161,8 @@ check_apt_updates () {
done
}
#
-# Generate new secure password.
-main_dbuser_reborn () {
+# Generate provision backend db_passwd.
+provision_backend_dbpass_generate () {
_ESC_APASS=""
_LEN_APASS=0
if [ "$_STRONG_PASSWORDS" = "YES" ] ; then
@@ -3187,30 +3187,59 @@ main_dbuser_reborn () {
msg "FATAL ERROR:: Aborting Barracuda installer NOW!"
touch /opt/tmp/status-Barracuda-FAIL
exit 1
- else
- _AEGIR_HOST_IP="$_RESOLVEIP"
fi
mysql -uroot mysql<<EOFMYSQL
GRANT ALL PRIVILEGES ON *.* TO '$_ADBU'@'$_AEGIR_HOST' IDENTIFIED BY '$_ESC_APASS' WITH GRANT OPTION;
-GRANT ALL PRIVILEGES ON *.* TO '$_ADBU'@'$_AEGIR_HOST_IP' IDENTIFIED BY '$_ESC_APASS' WITH GRANT OPTION;
+GRANT ALL PRIVILEGES ON *.* TO '$_ADBU'@'$_RESOLVEIP' IDENTIFIED BY '$_ESC_APASS' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO '$_ADBU'@'localhost' IDENTIFIED BY '$_ESC_APASS' WITH GRANT OPTION;
EOFMYSQL
+mysqladmin flush-privileges &> /dev/null
}
#
-# Sync new secure password.
-main_dbpass_sync () {
+# Sync provision backend db_passwd.
+provision_backend_dbpass_sync () {
+ msg "INFO: Syncing provision backend db_passwd, please wait..."
+ mrun "sleep 1"
_ADBU=aegir_root
_L_SYS="/var/aegir/backups/system/.$_ADBU.pass.txt"
mv -f $_L_SYS $_L_SYS-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null
- main_dbuser_reborn
- if [ ! -z "$_ESC_APASS" ] ; then
+ provision_backend_dbpass_generate
+ if [ ! -z "$_ESC_APASS" ] && [ ! -z "$_ENC_APASS" ] ; then
su -s /bin/bash - aegir -c "drush @hostmaster sqlq \"UPDATE hosting_db_server SET db_passwd='$_ESC_APASS' WHERE db_user='$_ADBU'\" &> /dev/null"
- mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null
mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_ESC_APASS') WHERE User='$_ADBU';" &> /dev/null
- mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null
sed -i "s/mysql:\/\/$_ADBU:.*/mysql:\/\/$_ADBU:$_ENC_APASS@localhost',/g" /var/aegir/.drush/server_localhost.alias.drushrc.php &> /dev/null
sed -i "s/mysql:\/\/$_ADBU:.*/mysql:\/\/$_ADBU:$_ENC_APASS@localhost',/g" /var/aegir/.drush/server_master.alias.drushrc.php &> /dev/null
fi
+ mysqladmin flush-privileges &> /dev/null
+ if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then
+ su -s /bin/bash - aegir -c "drush cache-clear drush &> /dev/null"
+ fi
+ if [ -e "/var/aegir/.drush/server_localhost.alias.drushrc.php" ] ; then
+ su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_localhost verify --force &> /dev/null"
+ else
+ su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_master verify --force &> /dev/null"
+ fi
+ msg "INFO: Running hosting-dispatch (1/3), please wait..."
+ su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
+ mrun "sleep 5"
+ msg "INFO: Running hosting-dispatch (2/3), please wait..."
+ su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
+ mrun "sleep 5"
+ msg "INFO: Running hosting-dispatch (3/3), please wait..."
+ su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
+}
+#
+# Sync hostmaster frontend db_passwd.
+hostmaster_frontend_dbpass_sync () {
+ msg "INFO: Syncing hostmaster frontend db_passwd, please wait..."
+ mrun "sleep 1"
+ _THIS_HM_SPTH=`cat /var/aegir/.drush/hostmaster.alias.drushrc.php | grep "site_path'" | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,']//g"`
+ _THIS_HM_DBUR=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_user'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"`
+ _THIS_HM_DBPD=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_passwd'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"`
+ if [ -e "$_THIS_HM_SPTH" ] && [ ! -z "$_THIS_HM_DBUR" ] && [ ! -z "$_THIS_HM_DBPD" ] ; then
+ mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_THIS_HM_DBPD') WHERE User='$_THIS_HM_DBUR';" &> /dev/null
+ fi
+ mysqladmin flush-privileges &> /dev/null
}
#
# Upgrade Aegir Master Instance.
@@ -3254,7 +3283,9 @@ upgrade_aegir_master () {
sed -i "s/EDIT_STRONG_PASSWORDS/$_STRONG_PASSWORDS/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null
sed -i "s/EDIT_THIS_DB_HOST/$_THIS_DB_HOST/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null
sed -i "s/EDIT_USE_STOCK/$_USE_STOCK/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null
- main_dbpass_sync
+ mysqladmin flush-hosts &> /dev/null
+ provision_backend_dbpass_sync
+ hostmaster_frontend_dbpass_sync
su -s /bin/bash - aegir -c "bash AegirUpgrade.sh.txt"
if [ -e "/opt/tmp/status-AegirUpgrade-FAIL" ] ; then
msg "FATAL ERROR: AegirUpgrade installer failed"
@@ -3262,22 +3293,7 @@ upgrade_aegir_master () {
touch /opt/tmp/status-Barracuda-FAIL
exit 1
else
- if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then
- su -s /bin/bash - aegir -c "drush cache-clear drush &> /dev/null"
- fi
- if [ -e "/var/aegir/.drush/server_localhost.alias.drushrc.php" ] ; then
- su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_localhost verify --force &> /dev/null"
- else
- su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_master verify --force &> /dev/null"
- fi
- msg "INFO: Running hosting-dispatch (1/3), please wait..."
- su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
- mrun "sleep 5"
- msg "INFO: Running hosting-dispatch (2/3), please wait..."
- su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
- mrun "sleep 5"
- msg "INFO: Running hosting-dispatch (3/3), please wait..."
- su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null"
+ hostmaster_frontend_dbpass_sync
fi
mv -f /var/aegir/config/includes/global.inc /var/aegir/config/includes/global.inc-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null
if [ -e "/var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf" ] ; then
@@ -6827,6 +6843,7 @@ if [ ! -e "/root/.my.cnf" ] ; then
PXSWD="$_ESC_PASS"
fi
PASWD=`echo -n $PXSWD | tr -d "\n"`
+ mysql -u root -e "FLUSH HOSTS;" &> /dev/null
mysql -u root -e "DELETE FROM mysql.user WHERE User='';" &> /dev/null
mysql -u root -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" &> /dev/null
mysql -u root -e "DROP DATABASE test;" &> /dev/null
@@ -6870,6 +6887,7 @@ else
if [ ! -z "$_ESC_PASS" ] ; then
cp -af /root/.my.cnf /root/.my.cnf-pre-$_INSTALLER_VERSION-$_NOW
cp -af /root/.my.pass.txt /root/.my.pass.txt-pre-$_INSTALLER_VERSION-$_NOW
+ mysql -u root -e "FLUSH HOSTS;" &> /dev/null
mysql -u root -e "DELETE FROM mysql.user WHERE User='';" &> /dev/null
mysql -u root -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" &> /dev/null
mysql -u root -e "DROP DATABASE test;" &> /dev/null
diff --git a/aegir/scripts/AegirSetupA.sh.txt b/aegir/scripts/AegirSetupA.sh.txt
index 237bd8a..296e96a 100644
--- a/aegir/scripts/AegirSetupA.sh.txt
+++ b/aegir/scripts/AegirSetupA.sh.txt
@@ -845,7 +845,8 @@ chown $_USER:$_USRG $_ROOT/AegirSetupC.sh.txt &> /dev/null
###---### Run standard pre-install
#
-main_dbuser_reborn () {
+# Generate provision backend db_passwd.
+provision_backend_dbpass_generate () {
touch $_ROOT/.$_USER.pass.txt
chmod 0600 $_ROOT/.$_USER.pass.txt
_ESC_PASS=""
@@ -872,44 +873,65 @@ main_dbuser_reborn () {
touch /opt/tmp/status-AegirSetupA-FAIL
exit 1
fi
-/usr/bin/mysql -h localhost --port=3306 -u root mysql<<EOFMYSQL
-FLUSH PRIVILEGES;
-GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_DOMAIN' IDENTIFIED BY '$_ESC_PASS' WITH GRANT OPTION;
+mysql -uroot mysql<<EOFMYSQL
GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_AEGIR_HOST' IDENTIFIED BY '$_ESC_PASS' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_RESOLVEIP' IDENTIFIED BY '$_ESC_PASS' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'localhost' IDENTIFIED BY '$_ESC_PASS' WITH GRANT OPTION;
-FLUSH PRIVILEGES;
EOFMYSQL
+mysqladmin flush-privileges &> /dev/null
}
-if [ ! -e "$_ROOT/.$_USER.pass.txt" ] ; then
- main_dbuser_reborn
- echo "$_USER ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers
-else
- if [ ! -e "$_ROOT/.$_USER.pass.txt-pre-$_INSTALLER_VERSION-$_NOW" ] ; then
- mv -f $_ROOT/.$_USER.pass.txt $_ROOT/.$_USER.pass.txt-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null
- main_dbuser_reborn
+#
+# Sync provision backend db_passwd.
+provision_backend_dbpass_sync () {
+ msg "$_STATUS A: Syncing provision backend db_passwd, please wait..."
+ mrun "sleep 1"
+ _L_SYS="$_ROOT/.$_USER.pass.txt"
+ mv -f $_L_SYS $_L_SYS-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null
+ provision_backend_dbpass_generate
+ if [ ! -z "$_ESC_APASS" ] && [ ! -z "$_ENC_APASS" ] ; then
su -s /bin/bash - $_USER -c "$_DRUSHCMD @hostmaster sqlq \"UPDATE hosting_db_server SET db_passwd='$_ESC_PASS' WHERE db_user='$_USER'\" &> /dev/null"
mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_ESC_PASS') WHERE User='$_USER';" &> /dev/null
sed -i "s/mysql:\/\/$_USER:.*/mysql:\/\/$_USER:$_ENC_PASS@localhost',/g" $_ROOT/.drush/server_localhost.alias.drushrc.php &> /dev/null
sed -i "s/mysql:\/\/$_USER:.*/mysql:\/\/$_USER:$_ENC_PASS@localhost',/g" $_ROOT/.drush/server_master.alias.drushrc.php &> /dev/null
- mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null
- if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then
- $_DRUSHCMD cache-clear drush &> /dev/null
- fi
- if [ -e "$_ROOT/.drush/server_localhost.alias.drushrc.php" ] ; then
- su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_localhost verify --force &> /dev/null"
- else
- su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_master verify --force &> /dev/null"
- fi
- msg "$_STATUS A: Running hosting-dispatch (1/3), please wait..."
- $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
- mrun "sleep 5"
- msg "$_STATUS A: Running hosting-dispatch (2/3), please wait..."
- $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
- mrun "sleep 5"
- msg "$_STATUS A: Running hosting-dispatch (3/3), please wait..."
- $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
fi
+ mysqladmin flush-privileges &> /dev/null
+ if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then
+ $_DRUSHCMD cache-clear drush &> /dev/null
+ fi
+ if [ -e "$_ROOT/.drush/server_localhost.alias.drushrc.php" ] ; then
+ su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_localhost verify --force &> /dev/null"
+ else
+ su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_master verify --force &> /dev/null"
+ fi
+ msg "$_STATUS A: Running hosting-dispatch (1/3), please wait..."
+ $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
+ mrun "sleep 5"
+ msg "$_STATUS A: Running hosting-dispatch (2/3), please wait..."
+ $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
+ mrun "sleep 5"
+ msg "$_STATUS A: Running hosting-dispatch (3/3), please wait..."
+ $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null
+}
+#
+# Sync hostmaster frontend db_passwd.
+hostmaster_frontend_dbpass_sync () {
+ msg "$_STATUS A: Syncing hostmaster frontend db_passwd, please wait..."
+ mrun "sleep 1"
+ _THIS_HM_SPTH=`cat $_ROOT/.drush/hostmaster.alias.drushrc.php | grep "site_path'" | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,']//g"`
+ _THIS_HM_DBUR=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_user'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"`
+ _THIS_HM_DBPD=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_passwd'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"`
+ if [ -e "$_THIS_HM_SPTH" ] && [ ! -z "$_THIS_HM_DBUR" ] && [ ! -z "$_THIS_HM_DBPD" ] ; then
+ mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_THIS_HM_DBPD') WHERE User='$_THIS_HM_DBUR';" &> /dev/null
+ fi
+ mysqladmin flush-privileges &> /dev/null
+}
+if [ "$_STATUS" = "INIT" ] ; then
+ mysqladmin flush-hosts &> /dev/null
+ provision_backend_dbpass_generate
+ echo "$_USER ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers
+else
+ mysqladmin flush-hosts &> /dev/null
+ provision_backend_dbpass_sync
fi
cd $_ROOT
@@ -961,6 +983,7 @@ else
chmod -R 2770 $_THIS_HM_SITE/files
chown root:$_USRG /data/u &> /dev/null
chmod 0771 /data/u &> /dev/null
+ hostmaster_frontend_dbpass_sync
su -s /bin/bash - $_USER -c "/bin/bash AegirSetupB.sh.txt"
if [ -e "/opt/tmp/status-AegirSetupB-FAIL" ] ; then
msg "$_STATUS A: FATAL ERROR: AegirSetupB installer failed"
@@ -973,6 +996,7 @@ else
chmod 700 $_ROOT/backups/system
mv -f $_ROOT/backups/*host8* $_ROOT/backups/system/old_hostmaster/ &> /dev/null
chmod 600 $_ROOT/backups/system/old_hostmaster/* &> /dev/null
+ hostmaster_frontend_dbpass_sync
fi
chmod 0700 /data/u &> /dev/null
chown root:root /data/u &> /dev/null