#!/bin/bash -e. /usr/share/debconf/confmoduleif [ -n "$DEBIAN_SCRIPT_DEBUG"

1. #!/bin/bash -e
2.  
3. . /usr/share/debconf/confmodule
4.  
5. if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
6. ${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 }
7.  
8. export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin
9.  
10. # This command can be used as pipe to syslog. With "-s" it also logs to stderr.
11. ERR_LOGGER="logger -p daemon.err -t mysqld_safe -i"
12.  
13. invoke() {
14. if [ -x /usr/sbin/invoke-rc.d ]; then
15. invoke-rc.d mysql $1
16. else
17. /etc/init.d/mysql $1
18. fi
19. }
20.  
21. MYSQL_BOOTSTRAP="/usr/sbin/mysqld --bootstrap --user=mysql --skip-grant-tables --skip-bdb --skip-innodb --skip-ndbcluster"
22.  
23. test_mysql_access() {
24. mysql --no-defaults -u root -h localhost </dev/null >/dev/null 2>&1
25. }
26.  
27. # call with $1 = "online" to connect to the server, otherwise it bootstraps
28. set_mysql_rootpw() {
29. # forget we ever saw the password. don't use reset to keep the seen status
30. db_set mysql-server/root_password ""
31.  
32. tfile=`mktemp`
33. if [ ! -f "$tfile" ]; then
34. return 1
35. fi
36.  
37. # this avoids us having to call "test" or "[" on $rootpw
38. cat << EOF > $tfile
39. USE mysql;
40. UPDATE user SET password=PASSWORD("$rootpw") WHERE user='root';
41. FLUSH PRIVILEGES;
42. EOF
43. if grep -q 'PASSWORD("")' $tfile; then
44. retval=0
45. elif [ "$1" = "online" ]; then
46. mysql --no-defaults -u root -h localhost <$tfile >/dev/null
47. retval=$?
48. else
49. $MYSQL_BOOTSTRAP <$tfile
50. retval=$?
51. fi
52. rm -f $tfile
53. return $retval
54. }
55.  
56. # This is necessary because mysql_install_db removes the pid file in /var/run
57. # and because changed configuration options should take effect immediately.
58. # In case the server wasn't running at all it should be ok if the stop
59. # script fails. I can't tell at this point because of the cleaned /var/run.
60. set +e; invoke stop; set -e
61.  
62. case "$1" in
63. configure)
64. mysql_cnf=/etc/mysql/my.cnf
65. mysql_datadir=/usr/share/mysql
66. mysql_statedir=/var/lib/mysql
67. mysql_rundir=/var/run/mysqld
68. mysql_logdir=/var/log
69. mysql_cfgdir=/etc/mysql
70. mysql_newlogdir=/var/log/mysql
71. mysql_upgradedir=/var/lib/mysql-upgrade
72.  
73. # first things first, if the following symlink exists, it is a preserved
74. # copy the old data dir from a mysql upgrade that would have otherwise
75. # been replaced by an empty mysql dir. this should restore it.
76. for dir in DATADIR LOGDIR; do
77. if [ "$dir" = "DATADIR" ]; then targetdir=$mysql_statedir; else targetdir=$mysql_newlogdir; fi
78. savelink="$mysql_upgradedir/$dir.link"
79. if [ -L "$savelink" ]; then
80. # If the targetdir was a symlink before we upgraded it is supposed
81. # to be either still be present or not existing anymore now.
82. if [ -L "$targetdir" ]; then
83. rm "$savelink"
84. elif [ ! -d "$targetdir" ]; then
85. mv "$savelink" "$targetdir"
86. else
87. # this should never even happen, but just in case...
88. mysql_tmp=`mktemp -d -t mysql-symlink-restore-XXXXXX`
89. echo "this is very strange! see $mysql_tmp/README..." >&2
90. mv "$targetdir" "$mysql_tmp"
91. cat << EOF > "$mysql_tmp/README"
92.  
93. if you're reading this, it's most likely because you had replaced /var/lib/mysql
94. with a symlink, then upgraded to a new version of mysql, and then dpkg
95. removed your symlink (see #182747 and others). the mysql packages noticed
96. that this happened, and as a workaround have restored it. however, because
97. /var/lib/mysql seems to have been re-created in the meantime, and because
98. we don't want to rm -rf something we don't know as much about, we're going
99. to leave this unexpected directory here. if your database looks normal,
100. and this is not a symlink to your database, you should be able to blow
101. this all away.
102.  
103. EOF
104. fi
105. fi
106. rmdir $mysql_upgradedir 2>/dev/null || true
107. done
108.  
109. # Ensure the existence and right permissions for the database and
110. # log files.
111. if [ ! -d "$mysql_statedir" -a ! -L "$mysql_statedir" ]; then mkdir "$mysql_statedir"; fi
112. if [ ! -d "$mysql_statedir/mysql" -a ! -L "$mysql_statedir/mysql" ]; then mkdir "$mysql_statedir/mysql"; fi
113. if [ ! -d "$mysql_newlogdir" -a ! -L "$mysql_newlogdir" ]; then mkdir "$mysql_newlogdir"; fi
114. # When creating an ext3 jounal on an already mounted filesystem like e.g.
115. # /var/lib/mysql, you get a .journal file that is not modifyable by chown.
116. # The mysql_datadir must not be writable by the mysql user under any
117. # circumstances as it contains scripts that are executed by root.
118. set +e
119. chown -R 0.0 $mysql_datadir
120. chown -R mysql $mysql_statedir
121. chown -R mysql $mysql_rundir
122. chown -R mysql:adm $mysql_newlogdir; chmod 2750 $mysql_newlogdir;
123. for i in log err; do
124. touch $mysql_logdir/mysql.$i
125. chown mysql:adm $mysql_logdir/mysql.$i
126. chmod 0640 $mysql_logdir/mysql.$i
127. done
128. set -e
129.  
130. # This is important to avoid dataloss when there is a removed
131. # mysql-server version from Woody lying around which used the same
132. # data directory and then somewhen gets purged by the admin.
133. db_set mysql-server/postrm_remove_database false || true
134.  
135. # So that mysql-server (4.0) can check if it's safe to install.
136. touch $mysql_statedir/debian-5.0.flag
137.  
138. # On dist-upgrades, we ensure that the old_password setting is updated
139. # before passwords are changed. Except for that my.cnf is taboo!
140. db_get mysql-server-5.0/need_sarge_compat_done || true
141. if [ "$RET" = "false" ]; then
142. db_get mysql-server-5.0/need_sarge_compat
143. echo -e "# created by debconf\n[mysqld]\nold_passwords = $RET" > /etc/mysql/conf.d/old_passwords.cnf
144. fi
145. db_set mysql-server-5.0/need_sarge_compat_done true
146.  
147. # initiate databases. Output is not allowed by debconf :-(
148. # Debian: beware of the bashisms...
149. # Debian: can safely run on upgrades with existing databases
150. set +e
151. /bin/bash /usr/bin/mysql_install_db --rpm 2>&1 | $ERR_LOGGER
152. if [ "$?" != "0" ]; then
153. echo "ATTENTION: An error has occured. More info is in the syslog!"
154. fi
155. set -e
156.  
157. ## On every reconfiguration the maintenance user is recreated.
158. #
159. # - It is easier to regenerate the password every time but as people
160. # use fancy rsync scripts and file alteration monitors, the existing
161. # password is used and existing files not touched.
162. # - The mysqld statement is like that in mysql_install_db because the
163. # server is not already running. This has some implications:
164. # - The amount of newlines and semicolons in the query is important!
165. # - GRANT is not possible with --skipt-grant-tables and "INSERT
166. # (user,host..) VALUES" is not --ansi compliant
167. # - The echo is just for readability. ash's buildin has no "-e" so use /bin/echo.
168. # - The Super_priv, Show_db_priv, Create_tmp_table_priv and Lock_tables_priv
169. # may not be present as old Woody 3.23 databases did not have it and the
170. # admin might not already have run mysql_upgrade which adds them.
171. # As the binlog cron scripts to need at least the Super_priv, I do first
172. # the old query which always succeeds and then the new which may or may not.
173.  
174. # recreate the credentials file if not present or without mysql_upgrade stanza
175. dc=$mysql_cfgdir/debian.cnf;
176. if [ -e "$dc" -a -n "`fgrep mysql_upgrade $dc 2>/dev/null`" ]; then
177. pass="`sed -n 's/password *= *// p' $dc | head -n 1`"
178. else
179. pass=`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'`;
180. if [ ! -d "$mysql_cfgdir" ]; then install -o 0 -g 0 -m 0755 -d $mysql_cfgdir; fi
181. cat /dev/null > $dc
182. echo "# Automatically generated for Debian scripts. DO NOT TOUCH!" >>$dc
183. echo "[client]" >>$dc
184. echo "host = localhost" >>$dc
185. echo "user = debian-sys-maint" >>$dc
186. echo "password = $pass" >>$dc
187. echo "socket = $mysql_rundir/mysqld.sock" >>$dc
188. echo "[mysql_upgrade]" >>$dc
189. echo "user = debian-sys-maint" >>$dc
190. echo "password = $pass" >>$dc
191. echo "socket = $mysql_rundir/mysqld.sock" >>$dc
192. echo "basedir = /usr" >>$dc
193. fi
194. # If this dir chmod go+w then the admin did it. But this file should not.
195. chown 0:0 $dc
196. chmod 0600 $dc
197.  
198. # update privilege and timezone tables
199. password_column_fix_query=`/bin/echo -e \
200. "USE mysql\n" \
201. "ALTER TABLE user CHANGE password Password varchar(41) collate utf8_bin NOT NULL default ''"`;
202. replace_query=`/bin/echo -e \
203. "USE mysql\n" \
204. "REPLACE INTO user SET " \
205. " host='localhost', user='debian-sys-maint', password=password('$pass'), " \
206. " Select_priv='Y', Insert_priv='Y', Update_priv='Y', Delete_priv='Y', " \
207. " Create_priv='Y', Drop_priv='Y', Reload_priv='Y', Shutdown_priv='Y', " \
208. " Process_priv='Y', File_priv='Y', Grant_priv='Y', References_priv='Y', " \
209. " Index_priv='Y', Alter_priv='Y' __EXTRA_PRIVS__"`;
210. extra_privs=`/bin/echo -e \
211. ", Show_db_priv='Y' " \
212. ", Super_priv='Y' " \
213. ", Create_tmp_table_priv='Y' " \
214. ", Lock_tables_priv='Y' " \
215. ", Execute_priv='Y' " \
216. ", Repl_slave_priv='Y' " \
217. ", Repl_client_priv='Y' "`;
218.  
219. # Upgrade password column format before the root password gets set.
220. echo "$password_column_fix_query" | $MYSQL_BOOTSTRAP 2>&1 | $ERR_LOGGER
221.  
222. db_get mysql-server/root_password && rootpw="$RET"
223. if ! set_mysql_rootpw; then
224. password_error="yes"
225. fi
226.  
227. echo "$replace_query" | sed "s/__EXTRA_PRIVS__//" | $MYSQL_BOOTSTRAP 2>&1 | $ERR_LOGGER
228. set +e
229. echo "$replace_query" | sed "s/__EXTRA_PRIVS__/$extra_privs/" | $MYSQL_BOOTSTRAP 2>&1 | $ERR_LOGGER
230. set -e
231. mysql_tzinfo_to_sql /usr/share/zoneinfo/ 2>&1 | egrep -v 'Skipping it.$' | $MYSQL_BOOTSTRAP 2>&1 | $ERR_LOGGER
232.  
233. # The Sarge package "mysql-server" which used to include the mysqld daemon
234. # may still be in unselected-configured state (i.e. after a remove but not
235. # purge) in which case its now obsolete cronscript has to be moved away.
236. for i in /etc/cron.daily/mysql-server /etc/cron.daily/mysql-server-41 /etc/mysql/debian-log-rotate.conf; do
237. if [ -f $i ]; then mv $i $i.dpkg-old; fi
238. done
239.  
240. # Reload AppArmor profile
241. if [ -x /etc/init.d/apparmor ]; then
242. invoke-rc.d apparmor force-reload || true
243. fi
244. ;;
245.  
246. abort-upgrade|abort-remove|abort-configure)
247. ;;
248.  
249. *)
250. echo "postinst called with unknown argument '$1'" 1>&2
251. exit 1
252. ;;
253. esac
254.  
255. #DEBHELPER#
256.  
257. # here we check to see if we can connect as root without a password
258. # this should catch upgrades from previous verisons where the root
259. # password wasn't set. if there is a password, or if the connection
260. # fails for any other reason, nothing happens.
261. if [ "$1" = "configure" ]; then
262. if test_mysql_access; then
263. db_input medium mysql-server/root_password || true
264. db_go
265. db_get mysql-server/root_password && rootpw="$RET"
266.  
267. if ! set_mysql_rootpw "online"; then
268. password_error="yes"
269. fi
270. fi
271.  
272. if [ "$password_error" = "yes" ]; then
273. db_input high mysql-server/error_setting_password || true
274. db_go
275. fi
276.  
277. fi
278.  
279. db_stop # in case invoke failes
280.  
281. exit 0