sipwise
/
ngcpcfg
mirror of https://github.com/sipwise/ngcpcfg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#22235 ngcp-sync-grants improvements, ngcp-sync-constants sipwise user

Browse Source 
* ngcp-sync-grants now works with the extra suffix
      "with grant option"
    * ngcp-sync-constants also syncs user "user" sipwise from
     /etc/mysql/sipwise.cnf

Change-Id: I6159257e3c9d34cb674e003e910535807c4e841b
changes/55/7855/1
Kirill Solomko 10 years ago
parent 9e32e4ffac
commit dd08fcd8c5
2 changed files with 40 additions and 14 deletions
Show Stats Download Patch File Download Diff File

29
sbin/ngcp-sync-constants
Unescape View File

@ -76,22 +76,28 @@ sub pwgen {
return join "", @randoms;
}
sub get_mysql_credentials {
return ('root', '') if $mysql_root;
my $mysql_user = $DEFAULT_MYSQL_USER;
my $mysql_pass;
sub get_sipwise_db_password {
my $mysql_creds = Config::Tiny->read($MYSQL_CREDENTIALS)
or die "Cannot open $MYSQL_CREDENTIALS: $ERRNO";
if ($mysql_pass = $mysql_creds->{_}{SIPWISE_DB_PASSWORD}) {
if (my $mysql_pass = $mysql_creds->{_}{SIPWISE_DB_PASSWORD}) {
$mysql_pass =~ s/^['"]|['"]$//g;
return $mysql_pass;
} else {
die "Cannot parse mysql credentials file $MYSQL_CREDENTIALS";
}
return;
}
sub get_mysql_credentials {
return ('root', '') if $mysql_root;
my $mysql_user = $DEFAULT_MYSQL_USER;
my $mysql_pass = get_sipwise_db_password();
return ($mysql_user, $mysql_pass);
}
@ -191,6 +197,7 @@ SQL
UPDATE user
SET Password=PASSWORD(?)
WHERE User = ?
AND Password != PASSWORD(?)
SQL
$sth_sel->execute($pass, $user)
@ -204,11 +211,11 @@ SQL
log_info(sprintf "%s", $user);
}
unless ($test_mode) {
my $rows = $sth_upd->execute($pass, $user)
my $rows = $sth_upd->execute($pass, $user, $pass)
or die "Cannot update: ".$DBI::errstr;
if ($rows != $count) {
log_warn(sprintf
"User update was supposed to affect %d rows but changed only %d",
"User update was supposed to affect %d rows but changed %d",
$count, $rows);
}
if ($user eq 'replicator') {
@ -233,6 +240,10 @@ sub sync_mysql_data {
my $data = get_user_pass($yml->[0]->{credentials}{mysql});
# special handling for user sipwise as it is not in constants.yml
push @$data, { user => $DEFAULT_MYSQL_USER,
pass => get_sipwise_db_password() };
foreach my $pair (@{$data}) {
if (defined $pair->{user} and defined $pair->{pass}) {
unless ($pair->{pass}) {

25
sbin/ngcp-sync-grants
Unescape View File

@ -183,10 +183,16 @@ sub apply_grants {
}
}
$rc++;
foreach my $grant (@{$ptr->{$key}}) {
for (my $i=0;$i<=$#{$ptr->{$key}};$i++) {
my $grant = $ptr->{$key}[$i];
$log_offset = 2;
log_info(sprintf "grant %s to %s\@%s", $grant, $user, $host);
$dbh->do("GRANT $grant TO $user\@$host");
my $grant_extras = "";
if ($grant =~ s/\s+with\s+grant\s+option//) {
$grant_extras = "with grant option";
}
log_info(sprintf "grant %s to %s\@%s %s",
$grant, $user, $host, $grant_extras);
$dbh->do("GRANT $grant TO $user\@$host $grant_extras");
if ($DBI::errstr &&
$DBI::errstr !~ /Table\s+'\S+\.\S+'\s+doesn't\s+exist/) {
die "Cannot grant privileges: ".$DBI::errstr;
@ -302,12 +308,16 @@ SQL
sub normalise_grant_str {
my $grant = shift;
$grant = lc $grant;
my $suffix = "";
if ($grant =~ s/\s+with\s+grant\s+option//) {
$suffix = "with grant option";
}
$grant =~ s/^grant\s+//i;
$grant =~ s/^(.+)\s+TO.+$/$1/i;
$grant =~ s/^(.+)\s+to.+$/$1/i;
$grant =~ s/`//g;
$grant =~ s/,\s+/,/g;
$grant =~ s/all\s+on/all privileges on/;
$grant = lc $grant;
if ($grant =~ /,/) {
$grant =~ /^(.+)\s+(on\s+.+)$/i;
my $allow = $1;
@ -334,6 +344,11 @@ sub normalise_grant_str {
$grant = join ',', map { $sorted{$_} } sort { $a <=> $b } keys %sorted;
$grant .= ' '.$on;
}
if ($suffix) {
$grant =~ s/\s+$//;
$suffix =~ s/\s+/ /;
$grant = sprintf "%s %s", $grant, $suffix;
}
return $grant;
}

Write Preview
Loading…
Cancel
Save