From 82cf365b2c7b4c98c84b2b1c39338fcdb33a86d9 Mon Sep 17 00:00:00 2001 From: Gabriel Filion Date: Fri, 15 Nov 2013 01:12:00 -0500 Subject: README: Mention the need for setting the path appropriately Without at least /sbin, /bin, /usr/sbin and /usr/bin, the setmysqlpass.sh script won't run correctly and the module will not set the requested root password. --- README | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README b/README index a454dbd..333b4e7 100644 --- a/README +++ b/README @@ -16,6 +16,13 @@ installed, specifically it must have nagios::plugin::deploy functionality. You will need to have activated storedconfigs on the puppetmaster. +You need to ensure that the PATH environment variable contains the appropriate +directories else the root password will not be set correctly to the requested +value. Since the variable is empty by default when running puppet, you need to +have something similar to this somewhere in your manifests: + + Exec { path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' } + Special Notes ============= -- cgit v1.2.3 From 3c93ba233924d640c77a5b4d153360d1636d0964 Mon Sep 17 00:00:00 2001 From: Gabriel Filion Date: Fri, 15 Nov 2013 03:19:40 -0500 Subject: setmysqlpass: be more careful before plundering into action Since this script is rooting the database, it'd be good to use a little more precaution so that we don't let systems be in an inconsistent case when crashing. In cases where the PATH variable is not appropriately set (variable is empty by default when script is invoked by puppet) the script shuts down mysql and then is not able to call most commands. --- files/scripts/CentOS/setmysqlpass.sh | 20 ++++++++++++++++++++ files/scripts/Debian/setmysqlpass.sh | 21 +++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/files/scripts/CentOS/setmysqlpass.sh b/files/scripts/CentOS/setmysqlpass.sh index 01d8fbf..b643edb 100644 --- a/files/scripts/CentOS/setmysqlpass.sh +++ b/files/scripts/CentOS/setmysqlpass.sh @@ -2,6 +2,26 @@ test -f /root/.my.cnf || exit 1 +must_have () +{ + # Here, using "which" would not be appropriate since it also depends on + # PATH being set correctly. The type builtin command is unaffected by the + # environment. + type $1 >/dev/null + if [ $? -ne 0 ]; then + echo "Command '$1' not found, did you correctly set PATH ? Its current value is: $PATH" >&2 + exit 1 + fi +} + +# Since this script is doing something rather unsafe with the database, we want +# to be really careful to have all the necessary tools before doing anything so +# that we don't end up in an inconsistent state. +must_have sleep +must_have mysql +must_have killall +must_have chown + rootpw=$(grep password /root/.my.cnf | sed -e 's/^[^=]*= *\(.*\) */\1/') /sbin/service mysqld stop diff --git a/files/scripts/Debian/setmysqlpass.sh b/files/scripts/Debian/setmysqlpass.sh index f7d5357..f4ebee6 100644 --- a/files/scripts/Debian/setmysqlpass.sh +++ b/files/scripts/Debian/setmysqlpass.sh @@ -2,6 +2,27 @@ test -f /root/.my.cnf || exit 1 +must_have () +{ + # Here, using "which" would not be appropriate since it also depends on + # PATH being set correctly. The type builtin command is unaffected by the + # environment. + type $1 >/dev/null + if [ $? -ne 0 ]; then + echo "Command '$1' not found, did you correctly set PATH ? Its current value is: $PATH" >&2 + exit 1 + fi +} + +# Since this script is doing something rather unsafe with the database, we want +# to be really careful to have all the necessary tools before doing anything so +# that we don't end up in an inconsistent state. +must_have sleep +must_have mysql +must_have killall +must_have ls +must_have chown + rootpw=$(grep password /root/.my.cnf | sed -e 's/^[^=]*= *\(.*\) */\1/') /etc/init.d/mysql stop -- cgit v1.2.3