diff options
| author | Gabriel Filion <gabster@lelutin.ca> | 2015-05-13 16:02:36 -0400 |
|---|---|---|
| committer | Gabriel Filion <gabster@lelutin.ca> | 2015-05-13 16:02:36 -0400 |
| commit | 1522deafdad1d34562d8daa21ba218fc8f395d83 (patch) | |
| tree | 5707b2a37c4c5edd457028e7b453859c31b2c2d5 /files/scripts/CentOS/setmysqlpass.sh | |
| parent | 85514f6febcfd93766509f9c529598a7ce5c11e2 (diff) | |
mysql root password is leaked to the process list
Every time the root password reset is used we're leaking the password to
the process list. If we use the already present /root/.my.cnf for
credentials then it has the same effect for verification and we avoid
leaking the password.
Diffstat (limited to 'files/scripts/CentOS/setmysqlpass.sh')
| -rw-r--r-- | files/scripts/CentOS/setmysqlpass.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/files/scripts/CentOS/setmysqlpass.sh b/files/scripts/CentOS/setmysqlpass.sh index 6876cb9..62b5b2f 100644 --- a/files/scripts/CentOS/setmysqlpass.sh +++ b/files/scripts/CentOS/setmysqlpass.sh @@ -24,7 +24,7 @@ must_have chown rootpw=$(grep password /root/.my.cnf | sed -e 's/^[^=]*= *\(.*\) */\1/') -/usr/bin/mysqladmin -uroot --password="${rootpw}" status > /dev/null && echo "Nothing to do as the password already works" && exit 0 +/usr/bin/mysqladmin --defaults-file=/root/.my.cnf status > /dev/null && echo "Nothing to do as the password already works" && exit 0 /usr/bin/systemctl stop mariadb |