[Koha-bugs] [Bug 17237] New: Stop koha-create from creating MySQL users without host restriction
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Sep 2 08:11:22 CEST 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17237
Bug ID: 17237
Summary: Stop koha-create from creating MySQL users without
host restriction
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P5 - low
Component: Packaging
Assignee: magnus at libriotech.no
Reporter: magnus at libriotech.no
QA Contact: testopia at bugs.koha-community.org
CC: mirko at abunchofthings.net
I am trying to tune MySQL using MySQLTuner (http://mysqltuner.com/). When I run
it on my Koha server I get a bunch of warnings like this:
[!!] User 'koha_x@%' hasn't specific host restriction.
[!!] User 'koha_y@%' hasn't specific host restriction.
[!!] User 'koha_z@%' hasn't specific host restriction.
And in mysql.user I have:
| % | koha_x |
| % | koha_y |
| % | koha_z |
| localhost | koha_x |
| localhost | koha_y |
| localhost | koha_z |
The code that creates these users is in koha-create, line 654 an onwards:
# Set up MySQL database for this instance.
if [ "$op" = create ]
then
mysql --defaults-extra-file=/etc/mysql/koha-common.cnf <<eof
CREATE DATABASE \`$mysqldb\`;
CREATE USER \`$mysqluser\`@'$mysql_hostname' IDENTIFIED BY '$mysqlpwd';
CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
FLUSH PRIVILEGES;
eof
fi #`
if [ "$op" = use ]
then
mysql --defaults-extra-file=/etc/mysql/koha-common.cnf --force <<eof
CREATE USER \`$mysqluser\`@'$mysql_hostname' IDENTIFIED BY '$mysqlpwd';
CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
FLUSH PRIVILEGES;
eof
fi #`
Perhaps it is just a lack of imagination, but I can't really think of a use for
the @% unrestricted user. Am I missing something, or can we just get rid of it?
Or if they are needed in some scenarios, can we be more clever about when we
create unrestricted users, so they are only created when needed?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list