diff --git a/root/etc/e-smith/db/configuration/migrate/phpmyadmin b/root/etc/e-smith/db/configuration/migrate/phpmyadmin index 01732ae..f4c0a23 100644 --- a/root/etc/e-smith/db/configuration/migrate/phpmyadmin +++ b/root/etc/e-smith/db/configuration/migrate/phpmyadmin @@ -3,9 +3,18 @@ || $DB->new_record('phpmyadmin', {type => 'webapp'}); my $pw = $rec->prop('DbPassword'); if (not $pw or length($pw) < 57){ - use MIME::Base64 qw(encode_base64); + my $pw = gen_pw(); + $rec->set_prop('DbPassword', $pw); + } + $pw = $rec->prop('AdminPassword'); + if (not $pw or length($pw) < 57){ + my $pw = gen_pw(); + $rec->set_prop('AdminPassword', $pw); + } - $pw = "not set due to error"; + sub gen_pw { + use MIME::Base64 qw(encode_base64); + my $p = "not set due to error"; if ( open( RANDOM, "/dev/urandom" ) ){ my $buf; # 57 bytes is a full line of Base64 coding, and contains @@ -14,15 +23,15 @@ warn("Short read from /dev/random: $!"); } else{ - $pw = encode_base64($buf); - chomp $pw; + $p = encode_base64($buf); + chomp $p; } close RANDOM; } else{ warn "Could not open /dev/urandom: $!"; } - $rec->set_prop('DbPassword', $pw); + return $p; } } diff --git a/root/etc/e-smith/templates/etc/e-smith/sql/init/phpmyadmin b/root/etc/e-smith/templates/etc/e-smith/sql/init/phpmyadmin index ebe8922..bd862c0 100644 --- a/root/etc/e-smith/templates/etc/e-smith/sql/init/phpmyadmin +++ b/root/etc/e-smith/templates/etc/e-smith/sql/init/phpmyadmin @@ -2,6 +2,7 @@ my $db = $phpmyadmin{'DbName'} || 'phpmyadmin'; my $user = $phpmyadmin{'DbUser'} || 'phpmyadmin'; my $pass = $phpmyadmin{'DbPassword'} || 'phpmyadmin'; +my $admpass = $phpmyadmin{'AdminPassword'} || 'adminpass'; my $dbstruct = `rpm -qd ipasserelle-phpmyadmin | grep phpmyadmin.sql`; @@ -40,8 +41,10 @@ REPLACE INTO db ( 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'Y', 'Y'); +GRANT ALL ON *.* TO 'sqladmin'\@'localhost' IDENTIFIED BY '$admpass' + WITH GRANT OPTION; + FLUSH PRIVILEGES; EOF END } - diff --git a/root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All b/root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All index 1a6c975..cf0a363 100644 --- a/root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All +++ b/root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All @@ -1,7 +1,7 @@ { use esmith::AccountsDB; -use esmith::util; +my $admpass = $phpmyadmin{'AdminPassword'} || 'admpass'; my $a = esmith::AccountsDB->open_ro or die "Couldn't open AccountsDB\n"; $OUT .= "// login and password for MySQL access\n"; @@ -13,8 +13,8 @@ foreach my $u ($a->users,$a->get('admin')){ # Members of the admins group automatically have # full privileges on MySQL if (($a->is_user_in_group($user,'admins')) || ($a->is_user_in_group($user,'mysqladmins'))){ - $login = 'root'; - $pass = esmith::util::LdapPassword(); + $login = 'sqladmin'; + $pass = $admpass; } next unless (($login ne '') && ($pass ne '')); $OUT .= "// Credentials for $user\n";