diff --git a/sbin/ngcp-sync-constants b/sbin/ngcp-sync-constants index 3783f30e..5356d397 100755 --- a/sbin/ngcp-sync-constants +++ b/sbin/ngcp-sync-constants @@ -76,22 +76,28 @@ sub pwgen { return join "", @randoms; } -sub get_mysql_credentials { - - return ('root', '') if $mysql_root; - - my $mysql_user = $DEFAULT_MYSQL_USER; - my $mysql_pass; +sub get_sipwise_db_password { my $mysql_creds = Config::Tiny->read($MYSQL_CREDENTIALS) or die "Cannot open $MYSQL_CREDENTIALS: $ERRNO"; - if ($mysql_pass = $mysql_creds->{_}{SIPWISE_DB_PASSWORD}) { + if (my $mysql_pass = $mysql_creds->{_}{SIPWISE_DB_PASSWORD}) { $mysql_pass =~ s/^['"]|['"]$//g; + return $mysql_pass; } else { die "Cannot parse mysql credentials file $MYSQL_CREDENTIALS"; } + return; +} + +sub get_mysql_credentials { + + return ('root', '') if $mysql_root; + + my $mysql_user = $DEFAULT_MYSQL_USER; + my $mysql_pass = get_sipwise_db_password(); + return ($mysql_user, $mysql_pass); } @@ -191,6 +197,7 @@ SQL UPDATE user SET Password=PASSWORD(?) WHERE User = ? + AND Password != PASSWORD(?) SQL $sth_sel->execute($pass, $user) @@ -204,11 +211,11 @@ SQL log_info(sprintf "%s", $user); } unless ($test_mode) { - my $rows = $sth_upd->execute($pass, $user) + my $rows = $sth_upd->execute($pass, $user, $pass) or die "Cannot update: ".$DBI::errstr; if ($rows != $count) { log_warn(sprintf - "User update was supposed to affect %d rows but changed only %d", + "User update was supposed to affect %d rows but changed %d", $count, $rows); } if ($user eq 'replicator') { @@ -233,6 +240,10 @@ sub sync_mysql_data { my $data = get_user_pass($yml->[0]->{credentials}{mysql}); + # special handling for user sipwise as it is not in constants.yml + push @$data, { user => $DEFAULT_MYSQL_USER, + pass => get_sipwise_db_password() }; + foreach my $pair (@{$data}) { if (defined $pair->{user} and defined $pair->{pass}) { unless ($pair->{pass}) { diff --git a/sbin/ngcp-sync-grants b/sbin/ngcp-sync-grants index 60e823a3..563f0df5 100755 --- a/sbin/ngcp-sync-grants +++ b/sbin/ngcp-sync-grants @@ -183,10 +183,16 @@ sub apply_grants { } } $rc++; - foreach my $grant (@{$ptr->{$key}}) { + for (my $i=0;$i<=$#{$ptr->{$key}};$i++) { + my $grant = $ptr->{$key}[$i]; $log_offset = 2; - log_info(sprintf "grant %s to %s\@%s", $grant, $user, $host); - $dbh->do("GRANT $grant TO $user\@$host"); + my $grant_extras = ""; + if ($grant =~ s/\s+with\s+grant\s+option//) { + $grant_extras = "with grant option"; + } + log_info(sprintf "grant %s to %s\@%s %s", + $grant, $user, $host, $grant_extras); + $dbh->do("GRANT $grant TO $user\@$host $grant_extras"); if ($DBI::errstr && $DBI::errstr !~ /Table\s+'\S+\.\S+'\s+doesn't\s+exist/) { die "Cannot grant privileges: ".$DBI::errstr; @@ -302,12 +308,16 @@ SQL sub normalise_grant_str { my $grant = shift; + $grant = lc $grant; + my $suffix = ""; + if ($grant =~ s/\s+with\s+grant\s+option//) { + $suffix = "with grant option"; + } $grant =~ s/^grant\s+//i; - $grant =~ s/^(.+)\s+TO.+$/$1/i; + $grant =~ s/^(.+)\s+to.+$/$1/i; $grant =~ s/`//g; $grant =~ s/,\s+/,/g; $grant =~ s/all\s+on/all privileges on/; - $grant = lc $grant; if ($grant =~ /,/) { $grant =~ /^(.+)\s+(on\s+.+)$/i; my $allow = $1; @@ -334,6 +344,11 @@ sub normalise_grant_str { $grant = join ',', map { $sorted{$_} } sort { $a <=> $b } keys %sorted; $grant .= ' '.$on; } + if ($suffix) { + $grant =~ s/\s+$//; + $suffix =~ s/\s+/ /; + $grant = sprintf "%s %s", $grant, $suffix; + } return $grant; }