#!/bin/bash CHRBIN=/usr/sbin/chroot CHRD=/chroot if ! [ -x /usr/bin/makepasswd ]; then echo "Error: makepasswd package not installed!" exit 7 fi if ! [ -x /usr/bin/mysql ]; then echo "Error: mysql package not installed!" exit 7 fi makepass() { echo $(makepasswd --chars=16) } # exec sql query in admin chroot exec_sql_chr() { if [ $# -lt 1 -o $# -gt 2 ]; then echo "Programing error!" exit 200 fi if [ $# -eq 1 ]; then CHRCMD="" else CHRDIR=$2 if ! [ -d $CHRDIR ]; then echo "Chroot $CHRDIR doesn't exist!" exit 201 fi CHRCMD="$CHRBIN $CHRDIR" fi $CHRCMD mysql --defaults-file=/etc/mysql/debian.cnf -ss -n <&2 exit 131 fi } # ----------------------------------------------------- # ----------- # sanity check if [ "$1" != "SURE" ]; then echo "WARNING! This script will overwrite root and debian-sys-maint system passwords." echo "If you are sure, type SURE as parameter" echo "Usage: reset-mysqlpw [SURE]" exit 7 fi # ----------------------------------------------------- showdeb="SHOW GRANTS FOR 'debian-sys-maint'@'localhost';" fixdeb="use mysql; \ UPDATE user SET \ Create_view_priv = 'Y', \ Show_view_priv = 'Y', \ Create_routine_priv = 'Y', \ Alter_routine_priv = 'Y', \ Create_tablespace_priv = 'Y', \ Create_user_priv = 'Y' \ WHERE User = 'debian-sys-maint'; \ FLUSH PRIVILEGES;" grantdeb="GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost'" # fixing debian_sys_maint privileges in root exec_sql_chr "$showdeb" |grep "$grantdeb" >/dev/null if [ $? -ne 0 ] ; then echo "Fixing mysql debian-sys-maint privileges in root..." exec_sql_chr "$fixdeb" exec_sql_chr "$grantdeb;" fi # changing root and debian_sys_maint passwords dsm_passwd=$(makepass) rootpasswd=$(makepass) echo "Resetting mysql root and debian-sys-maint passwords in root..." exec_sql_chr "update mysql.user set password = password('$rootpasswd') where user ='root';" exec_sql_chr "SET PASSWORD FOR 'debian-sys-maint'@'localhost' = PASSWORD('$dsm_passwd');" sed -i "/password =/cpassword = $dsm_passwd" /etc/mysql/debian.cnf exec_sql_chr "flush privileges;" # ----------------------------------------------------- # CHROOTs # CHRS=`ls -1 $CHRD` for CHR in $CHRS; do CHD=$CHRD/$CHR if [ -f $CHD/etc/mysql/debian.cnf ]; then # fixing debian_sys_maint privileges in chroot exec_sql_chr "$showdeb" $CHD |grep "$grantdeb" >/dev/null if [ $? -ne 0 ] ; then echo "Fixing mysql debian-sys-maint privileges in $CHR chroot..." exec_sql_chr "$fixdeb" $CHD exec_sql_chr "$grantdeb;" $CHD fi # changing root and debian_sys_maint passwords dsmc_passwd=$(makepass) rootcpasswd=$(makepass) echo "Resetting mysql root and debian-sys-maint passwords in $CHR chroot..." exec_sql_chr "update mysql.user set password = password('$rootcpasswd') where user ='root';" $CHD exec_sql_chr "SET PASSWORD FOR 'debian-sys-maint'@'localhost' = PASSWORD('$dsmc_passwd');" $CHD sed -i "/password =/cpassword = $dsmc_passwd" $CHD/etc/mysql/debian.cnf exec_sql_chr "flush privileges;" $CHD fi done