Improved password usage in MySQL tools

This commit is contained in:
Alexey Pustovalov
2020-09-08 17:41:01 -04:00
13 changed files with 142 additions and 50 deletions

View File

@ -222,11 +222,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -235,8 +239,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -283,10 +291,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

View File

@ -181,11 +181,8 @@ db_tls_params() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -223,11 +220,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -236,8 +237,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -284,10 +289,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

View File

@ -218,12 +218,16 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -232,8 +236,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -280,10 +288,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}