mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
d949302d0f
* DB : Add support for MySQL 8
- Splits commands to create user and grant access on database, the old
statement is no longer supported by MySQL 8.x
- `NO_AUTO_CREATE_USER` is no longer supported by MySQL 8.x so remove
that from db.properties conn parameters
For mysql-server 8.x setup the following changes were added/tested to
make it work with CloudStack in /etc/mysql/mysql.conf.d/mysqld.cnf and
then restart the mysql-server process:
server_id = 1
sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION,ERROR_FOR_DIVISION_BY_ZERO,NO_ZERO_DATE,NO_ZERO_IN_DATE,NO_ENGINE_SUBSTITUTION"
innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
max_connections=1000
log-bin=mysql-bin
binlog-format = 'ROW'
default-authentication-plugin=mysql_native_password
Notice the last line above, this is to reset the old password based
authentication used by MySQL 5.x.
Developers can set empty password as follows:
> sudo mysql -u root
ALTER USER 'root'@'localhost' IDENTIFIED BY '';
In libvirt repository, there are two related commits
2019-08-23 13:13 Daniel P. Berrangé ● rpm: don't enable socket activation in upgrade if --listen present
2019-08-22 14:52 Daniel P. Berrangé ● remote: forbid the --listen arg when systemd socket activation
In libvirt.spec.in
/bin/systemctl mask libvirtd.socket >/dev/null 2>&1 || :
/bin/systemctl mask libvirtd-ro.socket >/dev/null 2>&1 || :
/bin/systemctl mask libvirtd-admin.socket >/dev/null 2>&1 || :
/bin/systemctl mask libvirtd-tls.socket >/dev/null 2>&1 || :
/bin/systemctl mask libvirtd-tcp.socket >/dev/null 2>&1 || :
Co-authored-by: Wei Zhou <w.zhou@global.leaseweb.com>
Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com>
131 lines
3.4 KiB
Bash
131 lines
3.4 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Init file for Password Download Client
|
|
#
|
|
# chkconfig: 345 98 02
|
|
# description: Password Download Client
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
# Modify this line to specify the user (default is root)
|
|
user=root
|
|
|
|
mountdir=$(mktemp -d)
|
|
|
|
# If lable name is other than config, please change the below line as required
|
|
DefaultDisk=/dev/disk/by-label/config-2
|
|
|
|
|
|
Password_File=$mountdir/cloudstack/password/vm_password.txt
|
|
password_received=0
|
|
|
|
function prepare_mount
|
|
{
|
|
if [ ! -e $mountdir ]; then
|
|
mkdir $mountdir
|
|
chmod 700 $mountdir
|
|
fi
|
|
|
|
if [ -e $DefaultDisk ]; then
|
|
Disk=$DefaultDisk
|
|
else
|
|
BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? /dev/vd? -o device)
|
|
if [ -n $BLOCK_DEVICE ]; then
|
|
Disk=$BLOCK_DEVICE
|
|
else
|
|
logger -t "cloud" "Unable to set password to VM: Config drive not found"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
mount -r $Disk $mountdir
|
|
if [ $? -ne 0 ]; then
|
|
echo "Failed mounting $Disk to /mnt/configdrive"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
function remove_mount
|
|
{
|
|
umount $mountdir
|
|
}
|
|
|
|
prepare_mount
|
|
|
|
|
|
if [ -f $Password_File ]
|
|
then
|
|
password=$(cat $Password_File)
|
|
password=$(echo $password | tr -d '\r')
|
|
remove_mount
|
|
|
|
case $password in
|
|
|
|
"") logger -t "cloud" "Config drive did not have any password for the VM"
|
|
exit 0
|
|
;;
|
|
|
|
"saved_password") logger -t "cloud" "VM has already saved a password"
|
|
exit 0
|
|
;;
|
|
|
|
*) logger -t "cloud" "VM got a valid password"
|
|
password_received=1
|
|
;;
|
|
esac
|
|
else
|
|
remove_mount
|
|
logger -t "cloud" "Password set failed on VM: password file not found in config drive"
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$password_received" = "1" ]; then
|
|
|
|
newmd5sum=$(echo $password | md5sum | awk '{print $1}')
|
|
if [ -f /var/vmpasswordmd5sum ]
|
|
then
|
|
oldsum=$(cat /var/vmpasswordmd5sum)
|
|
|
|
if [ "$newmd5sum" == "$oldsum" ]
|
|
then
|
|
logger -t "cloud" "There is no update of VM password from cloudstack, returning true"
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
logger -t "cloud" "Changing password ..."
|
|
echo $user:$password | chpasswd
|
|
|
|
if [ $? -gt 0 ]
|
|
then
|
|
usermod -p `mkpasswd -m SHA-512 $password` $user
|
|
|
|
if [ $? -gt 0 ]
|
|
then
|
|
logger -t "cloud" "Failed to change password for user $user"
|
|
exit 1
|
|
else
|
|
logger -t "cloud" "Successfully changed password for user $user"
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
echo $newmd5sum > /var/vmpasswordmd5sum
|
|
exit 0
|