Closed
Bug 109802
Opened 23 years ago
Closed 23 years ago
checksetup.pl fails to connect to mysql database - password not escaped in localconfig
Categories
(Bugzilla :: Installation & Upgrading, defect, P1)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.16
People
(Reporter: chris-bugzilla, Assigned: zach)
Details
Attachments
(1 file)
600 bytes,
patch
|
ddkilzer
:
review+
luis
:
review+
|
Details | Diff | Splinter Review |
I'm currently trying to install bugzilla 2.14. I've installed all the prerequisites, and all seems happy, until I go to run ./checksetup.pl ... It seems that the checksetup scripts is ignoring the values in the config file, and is connecting as root@localhost to mysql, with no password (which fails, strangely enough). When doing so, it says: [root@gemini bugzilla-2.14]# ./checksetup.pl Checking perl modules ... Checking for DBI (v1.13) ok: found v1.20 Checking for Data::Dumper (any) ok: found v2.101 Checking for DBD::mysql (v1.2209) ok: found v2.0416 Checking for Date::Parse (any) ok: found v2.20 Checking for CGI::Carp (any) ok: found v1.14 The following Perl modules are optional: Checking for GD (v1.19) ok: found v1.33 Checking for Chart::Base (v0.99) ok: found v0.99 Checking for XML::Parser (any) not found If you want to use the bug import/export feature to move bugs to or from other bugzilla installations, you will need to install the XML::Parser module by running (as root) perl -MCPAN -e'install "XML::Parser"' Checking user setup ... Use of uninitialized value in concatenation (.) at ./checksetup.pl line 802 (#1) (W uninitialized) An undefined value was used as if it were already defined. It was interpreted as a "" or a 0, but maybe it was a mistake. To suppress this warning assign a defined value to your variables. DBI->connect(:host=:port=) failed: Access denied for user: 'root@localhost' (Using password: NO) a t ./checksetup.pl line 803 Uncaught exception from user code: Can't connect to the table 'dbi:mysql::host=:port='. Have you read the Bugzilla Guide in the doc directory? Have you read the doc of 'mysql'? ------------------------------------ Now, not wishing to appear too stupid... I did read the mysql guide, and in fact had a previously functioning mysql server, strangely enough, with a root password set <g>. Sorry, I couldn't resist after the tongue in check instructions. I've updated my localconfig file as follows: $db_host = "localhost"; # where is the database? $db_port = 3306; # which port to use $db_name = "bugs"; # name of the MySQL database $db_user = "bugs"; # user to attach to the MySQL database # # Some people actually use passwords with their MySQL database ... # $db_pass = "my secret password"; # # Should checksetup.pl try to check if your MySQL setup is correct? # (with some combinations of MySQL/Msql-mysql/Perl/moonphase this doesn't work) # $db_check = 1; ---------------------------------------- If i log in manually using the above details, no problem - can create / drop etc etc in the bugs db. If I look at the error message though, it doesn't appear to be picking up these values from localconfig, rather, is attempting to connect as root@localhost with no password. I tried substituting line 803 for my own... #my $dbh = DBI->connect($connectstring, $my_db_user, $my_db_pass) my $dbh = DBI->connect($connectstring, 'bugs', 'my secret password') which then appeared to get past this stage, but bombs out again around line 1137: [root@gemini bugzilla-2.14]# ./checksetup.pl Checking user setup ... Use of uninitialized value in concatenation (.) at ./checksetup.pl line 802 (#1) (W uninitialized) An undefined value was used as if it were already defined. It was interpreted as a "" or a 0, but maybe it was a mistake. To suppress this warning assign a defined value to your variables. DBD::mysql::db tables failed: No Database Selected at ./checksetup.pl line 1137. Creating table tokens ... DBD::mysql::db do failed: No Database Selected at ./checksetup.pl line 1160. Uncaught exception from user code: Could not create table 'tokens'. Please check your 'mysql' access. --------------------------- I'm afraid that my perl hacking status kind of ends there...
Comment 1•23 years ago
|
||
I'm unable to reproduce this with the current cvs code... it works just fine for me, and I'm using a database that's locked down and requires passwords for everything. I do seem to recall fixing this at some point... but I could swear it was in 2.12.... bug 44622 to be specific. If anyone can reproduce this on current bugzilla code, please reopen.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Comment 2•23 years ago
|
||
For future reference, the reporter mailed me his localconfig file privately... the problem was that he had "$" and "@" characters in his database password, which were not escaped in the variable declaration in localconfig. Reopening, since using special characters in a password is something people are pretty likely to do, and not everyone editing that file is going to know Perl. Suggested fix: the comment that is generated with the $db_pass variable should indicate that special characters need to be escaped in the string.
Status: RESOLVED → REOPENED
OS: Linux → All
Priority: -- → P1
Hardware: PC → All
Resolution: WORKSFORME → ---
Summary: checksetup.pl fails to connect to mysql database → checksetup.pl fails to connect to mysql database - password not escaped in localconfig
Target Milestone: --- → Bugzilla 2.16
Comment 3•23 years ago
|
||
I changed the quoting to use single-quotes, which requires nothing to be escaped except the single quote character and the backslash character, and added a comment indicating that you needed to escape ' and \
Comment 4•23 years ago
|
||
Comment on attachment 58555 [details] [diff] [review] Change quoting and comments in default $db_pass definition r=ddk Looks good. Need a second?
Attachment #58555 -
Flags: review+
Comment 5•23 years ago
|
||
Comment on attachment 58555 [details] [diff] [review] Change quoting and comments in default $db_pass definition r=louie; looks fine here.
Attachment #58555 -
Flags: review+
Comment 6•23 years ago
|
||
Checking in checksetup.pl; /cvsroot/mozilla/webtools/bugzilla/checksetup.pl,v <-- checksetup.pl new revision: 1.111; previous revision: 1.110 done
Status: REOPENED → RESOLVED
Closed: 23 years ago → 23 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•