diff options
author | Joerg Steffens <joerg.steffens@bareos.com> | 2014-04-09 14:52:47 +0400 |
---|---|---|
committer | Marco van Wieringen <marco.van.wieringen@bareos.com> | 2015-02-17 18:27:02 +0300 |
commit | 34cb41d97791c7bb811fcc62b9f6c067b40e0836 (patch) | |
tree | 9b3be990dc2a7ea41f08d441d7adb1e5a43217c6 | |
parent | 72d84e111ba9d5158c379b7852a1f8015735e993 (diff) |
Use config file settings to configure databaseRelease/13.2.3
Let the database configuration scripts get the configuration parameter from the director config file.
Now, the scripts try to get there values in following order:
1. environment variable (db_name, db_user, db_password)
2. director config file
3. fallback value (from configure)
Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
-rw-r--r-- | scripts/bareos-config-lib.sh.in | 127 | ||||
-rw-r--r-- | src/cats/create_bareos_database.in | 4 | ||||
-rw-r--r-- | src/cats/ddl/creates/mysql.sql | 3 | ||||
-rw-r--r-- | src/cats/ddl/creates/postgresql.sql | 4 | ||||
-rw-r--r-- | src/cats/ddl/creates/sqlite3.sql | 3 | ||||
-rw-r--r-- | src/cats/ddl/grants/mysql-readonly.sql | 5 | ||||
-rw-r--r-- | src/cats/ddl/grants/mysql.sql | 5 | ||||
-rw-r--r-- | src/cats/ddl/updates/mysql.2001_2002.sql | 6 | ||||
-rw-r--r-- | src/cats/drop_bareos_database.in | 4 | ||||
-rw-r--r-- | src/cats/drop_bareos_tables.in | 4 | ||||
-rw-r--r-- | src/cats/grant_bareos_privileges.in | 7 | ||||
-rw-r--r-- | src/cats/make_bareos_tables.in | 4 | ||||
-rw-r--r-- | src/cats/update_bareos_tables.in | 4 |
13 files changed, 143 insertions, 37 deletions
diff --git a/scripts/bareos-config-lib.sh.in b/scripts/bareos-config-lib.sh.in index 507c79664..d9e8327b2 100644 --- a/scripts/bareos-config-lib.sh.in +++ b/scripts/bareos-config-lib.sh.in @@ -1,8 +1,10 @@ #!/bin/sh +CONFIG_LIB=@scriptdir@/bareos-config-lib.sh DIR_CFG=@sysconfdir@ CFG_DIR=${DIR_CFG}/bareos-dir.conf DIR_SCRIPTS=@scriptdir@ +DBCHECK="@sbindir@/bareos-dbcheck -B -c ${CFG_DIR}" SEC_GROUPS="tape disk" @@ -52,6 +54,24 @@ is_function() # fi # } +warn() +{ + echo "Warning: $@" >&2 +} + +error() +{ + echo "Error: $@" >&2 +} + +get_config_lib_file() +{ + # can be used in following way: + # LIB=`bareos-config get_config_lib_file` + # . $LIB + echo "${CONFIG_LIB}" +} + get_user_fd() { echo "${FILE_DAEMON_USER}" @@ -190,33 +210,99 @@ setup_sd_user() exit 1 } -get_database_driver() +get_config_param() { - if ! [ -r "${CFG_DIR}" ]; then - return + # + # get parameter values from a Bareos configuration file + # + + # configuration file + CFG_FILE="$1" + # section, currently ignored + SECTION="$2" + # name of the section, currently ignored + NAME="$3" + # parameter to get from config file + PARAM="$4" + # default value, if parameter is not found + DEFAULT="$5" + + if ! [ -r "${CFG_FILE}" ]; then + warn "failed to get parameter ${SECTION} ${NAME} ${PARAM}: can't read ${CFG_FILE}" + # if default value is given, return it anyway + [ "$DEFAULT" ] && echo "$DEFAULT" + return 1 fi - # get dbdriver, that is defined in director configuration. - # If string is still set to default, return nothing - DBDRIVER=`egrep -i '^[ ]*dbdriver[ ]*=' ${CFG_DIR} |\ + # get parameter from configuration file + VALUE=`egrep -i "^[ ]*${PARAM}[ ]*=" ${CFG_FILE} |\ cut -d'=' -f2 | \ - sed -e 's/[ ]*"//' -e 's/"//' | \ - grep -v "XXX_REPLACE_WITH_DATABASE_DRIVER_XXX"` + sed -e 's/[ ]*"//' -e 's/"//'` + [ "$VALUE" ] || VALUE="$DEFAULT" + echo "$VALUE" +} - echo "$DBDRIVER" +get_database_param() +{ + PARAM="$1" + DEFAULT="$2" + + DBCHECK_OUTPUT=`$DBCHECK` + rc=$? + if [ $rc != 0 ]; then + temp_log="/tmp/bareos-config.$$.log" + echo "executing: $DBCHECK" >> $temp_log + echo "${DBCHECK_OUTPUT}" >> $temp_log + echo "" >> $temp_log + + # if default value is given, return it anyway + if [ -n "$DEFAULT" ]; then + warn "failed to get \"${PARAM}\" from config, using default value \"${DEFAULT}\", see $temp_log" + echo "$DEFAULT" + else + warn "failed to get \"${PARAM}\" from config, see $temp_log" + fi + + return 1 + fi + + # DBCHECK gets the database parameter from the Director config file in a standard format, + # however, it writes "db_name" (like the environment variables) + # instead of "dbname" like in the config file. + # Replace "db_" by "db" to be compatible with the config file. + VALUE=`echo "$DBCHECK_OUTPUT" | sed "s/^db_/db/" | sed -n "s/^${PARAM}=//p"` + + [ -z "$VALUE" ] && VALUE="$DEFAULT" + echo "$VALUE" + return $rc +} + +get_database_driver() +{ + DEFAULT="$1" + get_database_param "dbdriver" "$DEFAULT" | grep -v "XXX_REPLACE_WITH_DATABASE_DRIVER_XXX" + return $? } get_database_name() { - if ! [ -r "${CFG_DIR}" ]; then - return - fi + DEFAULT="$1" + get_database_param "dbname" "$DEFAULT" + return $? +} - # get dbname, that is defined in director configuration. - DBNAME=`egrep -i '^[ ]*dbname[ ]*=' ${CFG_DIR} |\ - cut -d'=' -f2 | \ - sed -e 's/[ ]*"//' -e 's/"//'` - echo "$DBNAME" +get_database_user() +{ + DEFAULT="$1" + get_database_param "dbuser" "$DEFAULT" + return $? +} + +get_database_password() +{ + DEFAULT="$1" + get_database_param "dbpassword" "$DEFAULT" + return $? } get_databases_installed() @@ -282,9 +368,10 @@ get_translated_sql_file() fi db_type="${db_type:-`get_database_driver_default`}" - db_name="${db_name:-@db_name@}" - db_user="${db_user:-@db_user@}" - db_password="${db_password:-@db_password@}" + db_name="${db_name:-`get_database_name @db_name@`}" + db_user="${db_user:-`get_database_user @db_user@`}" + # if $db_password is defined but empty, an empty password will be used ("-" instead of ":-") + db_password="${db_password-`get_database_password @db_password@`}" db_version=`get_database_version` case ${db_type} in diff --git a/src/cats/create_bareos_database.in b/src/cats/create_bareos_database.in index 3b53547f5..e02b9cbac 100644 --- a/src/cats/create_bareos_database.in +++ b/src/cats/create_bareos_database.in @@ -29,8 +29,8 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" dir_user=`get_user_dir` dir_group=`get_group_dir` default_db_type=`get_database_driver_default` diff --git a/src/cats/ddl/creates/mysql.sql b/src/cats/ddl/creates/mysql.sql index 705c8e826..87cc1963e 100644 --- a/src/cats/ddl/creates/mysql.sql +++ b/src/cats/ddl/creates/mysql.sql @@ -451,4 +451,7 @@ INSERT INTO Status (JobStatus,JobStatusLong,Severity) VALUES ('a', 'SD despooling attributes', 15); -- Initialize Version +-- DELETE should not be required, +-- but prevents errors if create script is called multiple times +DELETE FROM Version WHERE VersionId<=2002; INSERT INTO Version (VersionId) VALUES (2002); diff --git a/src/cats/ddl/creates/postgresql.sql b/src/cats/ddl/creates/postgresql.sql index 63bdc1e5f..e63e42563 100644 --- a/src/cats/ddl/creates/postgresql.sql +++ b/src/cats/ddl/creates/postgresql.sql @@ -472,6 +472,10 @@ INSERT INTO Status (JobStatus,JobStatusLong,Severity) VALUES INSERT INTO Status (JobStatus,JobStatusLong,Severity) VALUES ('i', 'Doing batch insert file records',15); +-- Initialize Version +-- DELETE should not be required, +-- but prevents errors if create script is called multiple times +DELETE FROM Version WHERE VersionId<=2002; INSERT INTO Version (VersionId) VALUES (2002); -- Make sure we have appropriate permissions diff --git a/src/cats/ddl/creates/sqlite3.sql b/src/cats/ddl/creates/sqlite3.sql index def95513f..9c8db85af 100644 --- a/src/cats/ddl/creates/sqlite3.sql +++ b/src/cats/ddl/creates/sqlite3.sql @@ -461,6 +461,9 @@ INSERT INTO Status (JobStatus,JobStatusLong,Severity) VALUES ('i', 'Doing batch insert file records',15); -- Initialize Version +-- DELETE should not be required, +-- but prevents errors if create script is called multiple times +DELETE FROM Version WHERE VersionId<=2002; INSERT INTO Version (VersionId) VALUES (2002); PRAGMA default_cache_size = 100000; diff --git a/src/cats/ddl/grants/mysql-readonly.sql b/src/cats/ddl/grants/mysql-readonly.sql index 57f193180..15c47c274 100644 --- a/src/cats/ddl/grants/mysql-readonly.sql +++ b/src/cats/ddl/grants/mysql-readonly.sql @@ -1,5 +1,6 @@ USE mysql -- read-only access for third party applications -GRANT SELECT PRIVILEGES ON @DB_NAME@.* TO @DB_USER@@localhost @DB_PASS@; -GRANT SELECT PRIVILEGES ON @DB_NAME@.* TO @DB_USER@@"%" @DB_PASS@; +GRANT SELECT ON TABLE @DB_NAME@.* TO @DB_USER@@localhost @DB_PASS@; +GRANT SELECT ON TABLE @DB_NAME@.* TO @DB_USER@@'127.0.0.1' @DB_PASS@; +GRANT SELECT ON TABLE @DB_NAME@.* TO @DB_USER@@'::1' @DB_PASS@; FLUSH PRIVILEGES; diff --git a/src/cats/ddl/grants/mysql.sql b/src/cats/ddl/grants/mysql.sql index 7b7143b63..3aa4fb4c2 100644 --- a/src/cats/ddl/grants/mysql.sql +++ b/src/cats/ddl/grants/mysql.sql @@ -1,4 +1,5 @@ USE mysql -GRANT ALL PRIVILEGES ON @DB_NAME@.* TO @DB_USER@@localhost @DB_PASS@; -GRANT ALL PRIVILEGES ON @DB_NAME@.* TO @DB_USER@@"%" @DB_PASS@; +GRANT ALL PRIVILEGES ON TABLE @DB_NAME@.* TO @DB_USER@@localhost @DB_PASS@; +GRANT ALL PRIVILEGES ON TABLE @DB_NAME@.* TO @DB_USER@@'127.0.0.1' @DB_PASS@; +GRANT ALL PRIVILEGES ON TABLE @DB_NAME@.* TO @DB_USER@@'::1' @DB_PASS@; FLUSH PRIVILEGES; diff --git a/src/cats/ddl/updates/mysql.2001_2002.sql b/src/cats/ddl/updates/mysql.2001_2002.sql index 547832b7a..4b0dd4744 100644 --- a/src/cats/ddl/updates/mysql.2001_2002.sql +++ b/src/cats/ddl/updates/mysql.2001_2002.sql @@ -35,3 +35,9 @@ ALTER TABLE Pool ADD COLUMN MinBlockSize INTEGER UNSIGNED DEFAULT 0; ALTER TABLE Pool ADD COLUMN MaxBlockSize INTEGER UNSIGNED DEFAULT 0; UPDATE Version SET VersionId = 2002; + +-- remove unsecure user entry, +-- created by older Bareos versions, +-- if configured to run without password +DELETE FROM mysql.user where User='bareos' and Host="%" and Password=""; +FLUSH PRIVILEGES; diff --git a/src/cats/drop_bareos_database.in b/src/cats/drop_bareos_database.in index 7638d1107..8b41c9579 100644 --- a/src/cats/drop_bareos_database.in +++ b/src/cats/drop_bareos_database.in @@ -28,8 +28,8 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" default_db_type=`get_database_driver_default` working_dir=`get_working_dir` diff --git a/src/cats/drop_bareos_tables.in b/src/cats/drop_bareos_tables.in index e7de49bce..b5329c837 100644 --- a/src/cats/drop_bareos_tables.in +++ b/src/cats/drop_bareos_tables.in @@ -29,8 +29,8 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" db_version=`get_database_version` bareos_sql_ddl=`get_database_ddl_dir` temp_sql_schema="/tmp/drops.sql.$$" diff --git a/src/cats/grant_bareos_privileges.in b/src/cats/grant_bareos_privileges.in index 4b3bae363..5b9f4989d 100644 --- a/src/cats/grant_bareos_privileges.in +++ b/src/cats/grant_bareos_privileges.in @@ -29,9 +29,10 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" -db_password="${db_password:-@db_password@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" +# if $db_password is defined but empty, an empty password will be used ("-" instead of ":-") +db_password="${db_password-`get_database_password @db_password@`}" db_version=`get_database_version` bareos_sql_ddl=`get_database_ddl_dir` temp_sql_grants="/tmp/grants.sql.$$" diff --git a/src/cats/make_bareos_tables.in b/src/cats/make_bareos_tables.in index 01c8bb4da..fdf1798dd 100644 --- a/src/cats/make_bareos_tables.in +++ b/src/cats/make_bareos_tables.in @@ -29,8 +29,8 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" db_version=`get_database_version` bareos_sql_ddl=`get_database_ddl_dir` temp_sql_schema="/tmp/creates.sql.$$" diff --git a/src/cats/update_bareos_tables.in b/src/cats/update_bareos_tables.in index f4e9aa96f..bb9255cf1 100644 --- a/src/cats/update_bareos_tables.in +++ b/src/cats/update_bareos_tables.in @@ -28,8 +28,8 @@ # . @scriptdir@/bareos-config-lib.sh -db_name="${db_name:-@db_name@}" -db_user="${db_user:-@db_user@}" +db_name="${db_name:-`get_database_name @db_name@`}" +db_user="${db_user:-`get_database_user @db_user@`}" db_version=`get_database_version` bareos_sql_ddl=`get_database_ddl_dir` temp_sql_schema="/tmp/tables.sql.$$" |