diff --git a/BARRACUDA.sh.txt b/BARRACUDA.sh.txt index 8312363e3bc90c853325f24f16df5b094f8b355a..3db613bbc17cca51d71613bf41697a9799dada3f 100755 --- a/BARRACUDA.sh.txt +++ b/BARRACUDA.sh.txt @@ -3161,8 +3161,8 @@ check_apt_updates () { done } # -# Generate new secure password. -main_dbuser_reborn () { +# Generate provision backend db_passwd. +provision_backend_dbpass_generate () { _ESC_APASS="" _LEN_APASS=0 if [ "$_STRONG_PASSWORDS" = "YES" ] ; then @@ -3187,30 +3187,59 @@ main_dbuser_reborn () { msg "FATAL ERROR:: Aborting Barracuda installer NOW!" touch /opt/tmp/status-Barracuda-FAIL exit 1 - else - _AEGIR_HOST_IP="$_RESOLVEIP" fi mysql -uroot mysql< /dev/null } # -# Sync new secure password. -main_dbpass_sync () { +# Sync provision backend db_passwd. +provision_backend_dbpass_sync () { + msg "INFO: Syncing provision backend db_passwd, please wait..." + mrun "sleep 1" _ADBU=aegir_root _L_SYS="/var/aegir/backups/system/.$_ADBU.pass.txt" mv -f $_L_SYS $_L_SYS-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null - main_dbuser_reborn - if [ ! -z "$_ESC_APASS" ] ; then + provision_backend_dbpass_generate + if [ ! -z "$_ESC_APASS" ] && [ ! -z "$_ENC_APASS" ] ; then su -s /bin/bash - aegir -c "drush @hostmaster sqlq \"UPDATE hosting_db_server SET db_passwd='$_ESC_APASS' WHERE db_user='$_ADBU'\" &> /dev/null" - mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_ESC_APASS') WHERE User='$_ADBU';" &> /dev/null - mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null sed -i "s/mysql:\/\/$_ADBU:.*/mysql:\/\/$_ADBU:$_ENC_APASS@localhost',/g" /var/aegir/.drush/server_localhost.alias.drushrc.php &> /dev/null sed -i "s/mysql:\/\/$_ADBU:.*/mysql:\/\/$_ADBU:$_ENC_APASS@localhost',/g" /var/aegir/.drush/server_master.alias.drushrc.php &> /dev/null fi + mysqladmin flush-privileges &> /dev/null + if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then + su -s /bin/bash - aegir -c "drush cache-clear drush &> /dev/null" + fi + if [ -e "/var/aegir/.drush/server_localhost.alias.drushrc.php" ] ; then + su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_localhost verify --force &> /dev/null" + else + su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_master verify --force &> /dev/null" + fi + msg "INFO: Running hosting-dispatch (1/3), please wait..." + su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" + mrun "sleep 5" + msg "INFO: Running hosting-dispatch (2/3), please wait..." + su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" + mrun "sleep 5" + msg "INFO: Running hosting-dispatch (3/3), please wait..." + su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" +} +# +# Sync hostmaster frontend db_passwd. +hostmaster_frontend_dbpass_sync () { + msg "INFO: Syncing hostmaster frontend db_passwd, please wait..." + mrun "sleep 1" + _THIS_HM_SPTH=`cat /var/aegir/.drush/hostmaster.alias.drushrc.php | grep "site_path'" | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,']//g"` + _THIS_HM_DBUR=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_user'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"` + _THIS_HM_DBPD=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_passwd'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"` + if [ -e "$_THIS_HM_SPTH" ] && [ ! -z "$_THIS_HM_DBUR" ] && [ ! -z "$_THIS_HM_DBPD" ] ; then + mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_THIS_HM_DBPD') WHERE User='$_THIS_HM_DBUR';" &> /dev/null + fi + mysqladmin flush-privileges &> /dev/null } # # Upgrade Aegir Master Instance. @@ -3254,7 +3283,9 @@ upgrade_aegir_master () { sed -i "s/EDIT_STRONG_PASSWORDS/$_STRONG_PASSWORDS/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null sed -i "s/EDIT_THIS_DB_HOST/$_THIS_DB_HOST/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null sed -i "s/EDIT_USE_STOCK/$_USE_STOCK/g" /var/aegir/AegirUpgrade.sh.txt &> /dev/null - main_dbpass_sync + mysqladmin flush-hosts &> /dev/null + provision_backend_dbpass_sync + hostmaster_frontend_dbpass_sync su -s /bin/bash - aegir -c "bash AegirUpgrade.sh.txt" if [ -e "/opt/tmp/status-AegirUpgrade-FAIL" ] ; then msg "FATAL ERROR: AegirUpgrade installer failed" @@ -3262,22 +3293,7 @@ upgrade_aegir_master () { touch /opt/tmp/status-Barracuda-FAIL exit 1 else - if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then - su -s /bin/bash - aegir -c "drush cache-clear drush &> /dev/null" - fi - if [ -e "/var/aegir/.drush/server_localhost.alias.drushrc.php" ] ; then - su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_localhost verify --force &> /dev/null" - else - su -s /bin/bash aegir -c "drush @hostmaster hosting-task @server_master verify --force &> /dev/null" - fi - msg "INFO: Running hosting-dispatch (1/3), please wait..." - su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" - mrun "sleep 5" - msg "INFO: Running hosting-dispatch (2/3), please wait..." - su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" - mrun "sleep 5" - msg "INFO: Running hosting-dispatch (3/3), please wait..." - su -s /bin/bash - aegir -c "drush @hostmaster hosting-dispatch &> /dev/null" + hostmaster_frontend_dbpass_sync fi mv -f /var/aegir/config/includes/global.inc /var/aegir/config/includes/global.inc-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null if [ -e "/var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf" ] ; then @@ -6827,6 +6843,7 @@ if [ ! -e "/root/.my.cnf" ] ; then PXSWD="$_ESC_PASS" fi PASWD=`echo -n $PXSWD | tr -d "\n"` + mysql -u root -e "FLUSH HOSTS;" &> /dev/null mysql -u root -e "DELETE FROM mysql.user WHERE User='';" &> /dev/null mysql -u root -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" &> /dev/null mysql -u root -e "DROP DATABASE test;" &> /dev/null @@ -6870,6 +6887,7 @@ else if [ ! -z "$_ESC_PASS" ] ; then cp -af /root/.my.cnf /root/.my.cnf-pre-$_INSTALLER_VERSION-$_NOW cp -af /root/.my.pass.txt /root/.my.pass.txt-pre-$_INSTALLER_VERSION-$_NOW + mysql -u root -e "FLUSH HOSTS;" &> /dev/null mysql -u root -e "DELETE FROM mysql.user WHERE User='';" &> /dev/null mysql -u root -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" &> /dev/null mysql -u root -e "DROP DATABASE test;" &> /dev/null diff --git a/aegir/scripts/AegirSetupA.sh.txt b/aegir/scripts/AegirSetupA.sh.txt index 237bd8adddac98daeecf649d4d1f0224bb09adb5..296e96a789da8bae3bd2e1e1aee02dda391faad2 100644 --- a/aegir/scripts/AegirSetupA.sh.txt +++ b/aegir/scripts/AegirSetupA.sh.txt @@ -845,7 +845,8 @@ chown $_USER:$_USRG $_ROOT/AegirSetupC.sh.txt &> /dev/null ###---### Run standard pre-install # -main_dbuser_reborn () { +# Generate provision backend db_passwd. +provision_backend_dbpass_generate () { touch $_ROOT/.$_USER.pass.txt chmod 0600 $_ROOT/.$_USER.pass.txt _ESC_PASS="" @@ -872,44 +873,65 @@ main_dbuser_reborn () { touch /opt/tmp/status-AegirSetupA-FAIL exit 1 fi -/usr/bin/mysql -h localhost --port=3306 -u root mysql< /dev/null } -if [ ! -e "$_ROOT/.$_USER.pass.txt" ] ; then - main_dbuser_reborn - echo "$_USER ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers -else - if [ ! -e "$_ROOT/.$_USER.pass.txt-pre-$_INSTALLER_VERSION-$_NOW" ] ; then - mv -f $_ROOT/.$_USER.pass.txt $_ROOT/.$_USER.pass.txt-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null - main_dbuser_reborn +# +# Sync provision backend db_passwd. +provision_backend_dbpass_sync () { + msg "$_STATUS A: Syncing provision backend db_passwd, please wait..." + mrun "sleep 1" + _L_SYS="$_ROOT/.$_USER.pass.txt" + mv -f $_L_SYS $_L_SYS-pre-$_INSTALLER_VERSION-$_NOW &> /dev/null + provision_backend_dbpass_generate + if [ ! -z "$_ESC_APASS" ] && [ ! -z "$_ENC_APASS" ] ; then su -s /bin/bash - $_USER -c "$_DRUSHCMD @hostmaster sqlq \"UPDATE hosting_db_server SET db_passwd='$_ESC_PASS' WHERE db_user='$_USER'\" &> /dev/null" mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_ESC_PASS') WHERE User='$_USER';" &> /dev/null sed -i "s/mysql:\/\/$_USER:.*/mysql:\/\/$_USER:$_ENC_PASS@localhost',/g" $_ROOT/.drush/server_localhost.alias.drushrc.php &> /dev/null sed -i "s/mysql:\/\/$_USER:.*/mysql:\/\/$_USER:$_ENC_PASS@localhost',/g" $_ROOT/.drush/server_master.alias.drushrc.php &> /dev/null - mysql -u root -e "FLUSH PRIVILEGES;" &> /dev/null - if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then - $_DRUSHCMD cache-clear drush &> /dev/null - fi - if [ -e "$_ROOT/.drush/server_localhost.alias.drushrc.php" ] ; then - su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_localhost verify --force &> /dev/null" - else - su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_master verify --force &> /dev/null" - fi - msg "$_STATUS A: Running hosting-dispatch (1/3), please wait..." - $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null - mrun "sleep 5" - msg "$_STATUS A: Running hosting-dispatch (2/3), please wait..." - $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null - mrun "sleep 5" - msg "$_STATUS A: Running hosting-dispatch (3/3), please wait..." - $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null fi + mysqladmin flush-privileges &> /dev/null + if [ "$_USE_STOCK" = "YES" ] || [ "$_DRUSH_CC_REQ" = "YES" ] ; then + $_DRUSHCMD cache-clear drush &> /dev/null + fi + if [ -e "$_ROOT/.drush/server_localhost.alias.drushrc.php" ] ; then + su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_localhost verify --force &> /dev/null" + else + su -s /bin/bash $_USER -c "$_DRUSHCMD @hostmaster hosting-task @server_master verify --force &> /dev/null" + fi + msg "$_STATUS A: Running hosting-dispatch (1/3), please wait..." + $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null + mrun "sleep 5" + msg "$_STATUS A: Running hosting-dispatch (2/3), please wait..." + $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null + mrun "sleep 5" + msg "$_STATUS A: Running hosting-dispatch (3/3), please wait..." + $_DRUSHCMD '@hostmaster' hosting-dispatch &> /dev/null +} +# +# Sync hostmaster frontend db_passwd. +hostmaster_frontend_dbpass_sync () { + msg "$_STATUS A: Syncing hostmaster frontend db_passwd, please wait..." + mrun "sleep 1" + _THIS_HM_SPTH=`cat $_ROOT/.drush/hostmaster.alias.drushrc.php | grep "site_path'" | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,']//g"` + _THIS_HM_DBUR=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_user'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"` + _THIS_HM_DBPD=`cat $_THIS_HM_SPTH/drushrc.php | grep "options\['db_passwd'\] = " | cut -d: -f2 | awk '{ print $3}' | sed "s/[\,';]//g"` + if [ -e "$_THIS_HM_SPTH" ] && [ ! -z "$_THIS_HM_DBUR" ] && [ ! -z "$_THIS_HM_DBPD" ] ; then + mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD('$_THIS_HM_DBPD') WHERE User='$_THIS_HM_DBUR';" &> /dev/null + fi + mysqladmin flush-privileges &> /dev/null +} +if [ "$_STATUS" = "INIT" ] ; then + mysqladmin flush-hosts &> /dev/null + provision_backend_dbpass_generate + echo "$_USER ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers +else + mysqladmin flush-hosts &> /dev/null + provision_backend_dbpass_sync fi cd $_ROOT @@ -961,6 +983,7 @@ else chmod -R 2770 $_THIS_HM_SITE/files chown root:$_USRG /data/u &> /dev/null chmod 0771 /data/u &> /dev/null + hostmaster_frontend_dbpass_sync su -s /bin/bash - $_USER -c "/bin/bash AegirSetupB.sh.txt" if [ -e "/opt/tmp/status-AegirSetupB-FAIL" ] ; then msg "$_STATUS A: FATAL ERROR: AegirSetupB installer failed" @@ -973,6 +996,7 @@ else chmod 700 $_ROOT/backups/system mv -f $_ROOT/backups/*host8* $_ROOT/backups/system/old_hostmaster/ &> /dev/null chmod 600 $_ROOT/backups/system/old_hostmaster/* &> /dev/null + hostmaster_frontend_dbpass_sync fi chmod 0700 /data/u &> /dev/null chown root:root /data/u &> /dev/null