#!/usr/bin/sh #---------------------------------------------------------------------------- # /var/install/bin/mysql-common-tools-useradd - MariaDB/MySQL SQL Server add user # # Creation: 2004-01-12 jv # Last Update: $Id$ # # Copyright (c) 2004 Jens Vehlhaber, jvehlhaber(at)buchenwald(dot)de # Copyright (c) 2012-@@YEAR@@ Holger Bruenjes, holgerbruenjes(at)gmx(dot)net # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #---------------------------------------------------------------------------- # Parameter: # -nu= new user # -np= new password # -hn= hostname # -ar= access rights # -u= user name for mysql access # -p= user password for mysql access #---------------------------------------------------------------------------- #include eislib . /var/install/include/eislib #debug=true if ${debug:-false} then exec 2>/tmp/$(basename ${0})-trace$$.log set -x ask_debug=true export ask_debug fi run_user='mysql' user_name='' host_name='' NewPass='' password='' access_right=99 admin_user='root' PasswordParam='' MKTEMP=/usr/bin/mktemp CAT=/usr/bin/cat RM=/usr/bin/rm ASK=/var/install/bin/ask # --------------------------------------------------------------------------- # defaults # --------------------------------------------------------------------------- get_defaults() { # default values . /srv/mysql/defaults.info } # --------------------------------------------------------------------------- # check status and access of MariaDB/MySQL Database # --------------------------------------------------------------------------- check_status() { if [ ! -f ${mysql_pid_file} ] then echo mecho --error 'MariaDB/MySQL Server is not running.' echo exit 1 fi ${mysql_basedir}/${db_mysqladmin} --socket=${mysql_socket} \ status >/dev/null 2>&1 if [ ${?} -ne 0 ] then echo mecho -n --error 'MariaDB/MySQL Server' mecho -n --std " 'root' " mecho --error 'password is required.' mecho --info 'Please set the root password.' echo exit 1 fi } ## --------------------------------------------------------------------------- ## check if there is a root password required ## --------------------------------------------------------------------------- #${base_dir}/mysqladmin \ # -u $admin_user $PasswordParam status >/dev/null 2>&1 #if [ $? -eq 1 ] #then # AdminUser="root" # echo # _ask_tmpfile=$(${MKTEMP} -t .XXXXXXXXXXXXX) # ${ASK} "MariaDB/MySQL root password required:" "" "+hidden+" >${_ask_tmpfile} # rc=${?} # read passwd < ${_ask_tmpfile} # ${RM} -f ${_ask_tmpfile} # # # if ask break, ask returned 255 # if [ ${rc} = 255 ] # then # exit 127 # fi # echo # PasswordParam="-p${passwd}" #fi # --------------------------------------------------------------------------- # get user rights if empty # --------------------------------------------------------------------------- get_accessrights() { echo access_right=0 _ask_tmpfile=$( ${MKTEMP} -t .XXXXXXXXXXXXX ) ${ASK} "Give user Administrator rights " >${_ask_tmpfile} rc=${?} read answer < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} # if ask break, ask returned 255 if [ ${rc} = 255 ] then exit 127 fi if [ "${answer}" = "yes" ] then access_right=12 else _ask_tmpfile=$(${MKTEMP} -t .XXXXXXXXXXXXX) ${ASK} "Give user write rights " >${_ask_tmpfile} rc=${?} read answer < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} # if ask break, ask returned 255 if [ ${rc} = 255 ] then exit 127 fi if [ "${answer}" = "yes" ] then access_right=6 fi fi } # --------------------------------------------------------------------------- # get username if empty # --------------------------------------------------------------------------- get_username() { clrhome mecho --info 'Add new MariaDB/MySQL user' echo _ask_tmpfile=$(${MKTEMP} -t .XXXXXXXXXXXXX) ${ASK} "Username:" "" "+" >${_ask_tmpfile} rc=${?} read user_name < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} # if ask break, ask returned 255 if [ ${rc} = 255 ] then exit 127 fi } # --------------------------------------------------------------------------- # get password if empty # --------------------------------------------------------------------------- get_password() { if [ -f /usr/bin/pwgen ] then _ask_tmpfile=$(${MKTEMP} -t .XXXXXXXXXXXXX) ${ASK} "Create password with pwgen" "yes" >${_ask_tmpfile} rc=${?} read _passwd_pwgen < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} if [ ${rc} = 255 ] then exit 127 fi fi if [ "${_passwd_pwgen:-no}" = "yes" ] then # entry in passwdlib # create password # pwgen --help # return password get_pwgen_passwd else # entry in passwdlib # get password from cmdline get_passwd --check fi } # --------------------------------------------------------------------------- # get hostname if empty # --------------------------------------------------------------------------- get_hostname() { . /etc/config.d/base echo mecho 'Enter the allowed host - Example:' echo techo --begin '3 32 23' techo --row "" "localhost" "- spezific host" techo --row "" "127.0.0.1" "- spezific host" techo --row "" "%" "- all host" techo --row "" "${IP_ETH_1_IP_1_NETWORK}/${IP_ETH_1_IP_1_NETMASK}" "- all host of subnet" techo --row "" "${IP_ETH_1_IP_1_IPADDR}" "- spezific host" techo --row "" "${HOSTNAME}.${DOMAIN_NAME}" "- spezific host" techo --row "" "%.${DOMAIN_NAME}" "- all host of domain" techo --end echo _ask_tmpfile=$( ${MKTEMP} -t .XXXXXXXXXXXXX ) ${ASK} "host:" "" "+" >${_ask_tmpfile} rc=${?} read host_name < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} # if ask break, ask returned 255 if [ ${rc} = 255 ] then exit 127 fi } # --------------------------------------------------------------------------- # send mail # --------------------------------------------------------------------------- send_mail() { _ask_tmpfile=$(${MKTEMP} -t .XXXXXXXXXXXXX) echo 'Send e-mail with [ENTER] to the given user' ${ASK} 'or type in the address:' "${user_name}@$(hostname -d)" "*" > ${_ask_tmpfile} rc=${?} read _send_mail < ${_ask_tmpfile} ${RM} -f ${_ask_tmpfile} if [ ${rc} = 255 ] then exit 127 fi eval send_from='${'${project_name}'_SEND_MAIL_FROM}' # entry in passwdlib send_passwd --user ${user_name} \ --realm ${project_name} \ --passwd ${password} \ --mail ${_send_mail:-root} \ --sender ${send_from:-root} } # --------------------------------------------------------------------------- # add user to mysql # --------------------------------------------------------------------------- add_user() { case ${access_right} in 0 ) options='GRANT SELECT' options2='' # ${mysql_basedir}/${db_mysql} --port=${mysql_port} \ # --host=127.0.0.1 --database=mysql --user=root \ # -e "GRANT SELECT ON *.* TO '${user_name}'@'${host_name}' \ # IDENTIFIED BY '${password}';FLUSH PRIVILEGES;" # n_ret=${?} ;; 6 ) options='GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP' options2='' # ${mysql_basedir}/${db_mysql} --port=${mysql_port} \ # --host=127.0.01 --database=mysql --user=root \ # -e "GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON *.* \ # TO '${user_name}'@'${host_name}' \ # IDENTIFIED BY '${password}';FLUSH PRIVILEGES;" # n_ret=${?} ;; 12 ) options='GRANT ALL PRIVILEGES' options2='WITH GRANT OPTION' # ${mysql_basedir}/${db_mysql} --port=${mysql_port} \ # --host=127.0.0.1 --database=mysql --user=root \ # -e "GRANT ALL PRIVILEGES ON *.* TO '${user_name}'@'${host_name}' \ # IDENTIFIED BY '${password}' WITH GRANT OPTION;FLUSH PRIVILEGES;" # n_ret=${?} ;; esac ${mysql_basedir}/${db_mysql} --socket=${mysql_socket} \ --database=mysql --user=root ${skip_ssl} \ -e "${options} ON *.* TO '${user_name}'@'${host_name}' \ IDENTIFIED BY '${password}' ${options2};FLUSH PRIVILEGES;" n_ret=${?} if [ ${n_ret} -eq 0 ] then if ${interactive:-true} then mecho --info "done" fi eval send_from='${'${project_name}'_SEND_MAIL_FROM}' if [ -n "${send_from}" ] && [ "${user_name}" != "root" ] then send_mail fi fi } # --------------------------------------------------------------------------- # cmd line parser # --------------------------------------------------------------------------- get_parameter() { while [ ${#} -ne 0 ] do case "${1}" in -nu=*) interactive='false' user_name=$(echo "${1}" | sed -e "s;-nu=;;") shift ;; -np=*) interactive='false' password=$(echo "${1}" | sed -e "s;-np=;;") shift ;; -hn=*) interactive='false' host_name=$(echo "${1}" | sed -e "s;-hn=;;") shift ;; -ar=*) interactive='false' AccessRight=$(echo "${1}" | sed -e "s;-ar=;;") shift ;; -u=*) interactive='false' admin_user=$(echo "${1}" | sed -e "s;-u=;;") shift ;; -p=*) interactive='false' passwd=$(echo "${1}" | sed -e "s;-p=;;") if [ -n "${passwd}" ] then PasswordParam="-p${passwd}" fi shift ;; mariadb*|mysql*) package_name="${1}" project_name=$(echo ${package_name} | tr [:lower:] [:upper:]) my_path=$(echo "${package_name}" | sed 's|[^[:digit:]]||g') shift ;; *) echo "Unknown argument '${1}'" exit 1 ;; esac done } # --------------------------------------------------------------------------- # main # --------------------------------------------------------------------------- main() { get_parameter "${@}" # include passwdlib . /var/install/include/passwdlib # include config . /etc/config.d/${package_name} eval ssl_use='${'${project_name}'_SSL_USE:-no}' if [ ${my_path:-110} = 114 ] && [ "${ssl_use}" != "yes" ] then skip_ssl='--skip-ssl' fi get_defaults check_status if [ -z "${user_name}" ] then get_username fi if [ -z "${password}" ] then get_password fi if [ -z "${host_name}" ] then get_hostname fi if [ ${access_right} = 99 ] then get_accessrights fi add_user if ${interactive:-true} then echo anykey fi exit 0 } # --------------------------------------------------------------------------- # call function main # --------------------------------------------------------------------------- main "${@}" # --------------------------------------------------------------------------- # end # ---------------------------------------------------------------------------