You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@brooklyn.apache.org by m4rkmckenna <gi...@git.apache.org> on 2016/11/25 10:30:21 UTC
[GitHub] brooklyn-library pull request #76: Tweak to password change effector so that...
GitHub user m4rkmckenna opened a pull request:
https://github.com/apache/brooklyn-library/pull/76
Tweak to password change effector so that sed identifier is escaped
*Previously*
`s@<regex>@<replace>@g` would not work for a password with an `@`
*Now*
`s/<regex>/<replace>/g` `/` values are escaped in the replace value
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/m4rkmckenna/brooklyn-library bugfix/mysql-node-password-effector
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/brooklyn-library/pull/76.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #76
----
commit 465e1b2be1de64706797e08d390401c212f453da
Author: Mark McKenna <m4...@gmail.com>
Date: 2016-11-25T10:25:17Z
Tweak to password change effector so that sed identifier is escaped
*Previously*
`s@<regex>@<replace>@g` would not work for a password with an `@`
*Now*
`s/<regex>/<replace>/g` `/` values are escaped in the replace value
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by m4rkmckenna <gi...@git.apache.org>.
Github user m4rkmckenna commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
@neykov IMO sed is not the correct tool.
I know if i was writing a blueprint that was touching any config files id just install [Augeas](http://augeas.net/) and use it.
I really think brooklyn should be using this for any edit
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library pull request #76: Tweak to password change effector so that...
Posted by m4rkmckenna <gi...@git.apache.org>.
Github user m4rkmckenna closed the pull request at:
https://github.com/apache/brooklyn-library/pull/76
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by m4rkmckenna <gi...@git.apache.org>.
Github user m4rkmckenna commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
@tbouron It would be better to create a pure yaml implementation of this blueprint
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by geomacy <gi...@git.apache.org>.
Github user geomacy commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
+1 for Svet's suggestion about encoding it in some way - far better than trying to catch all the possible cases.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by neykov <gi...@git.apache.org>.
Github user neykov commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
+1 makes sense
Still can't explain to myself why I used the `@` delimited, but then didn't escape the password for it. I had a good reason not to use `/` but can't remember now.
Looking at @geomacy's exmples above I think adding single quote to the escape list is needed as well. Something like:
```
sed -i'' -e 's/^\(\s*password\s*=\s*\).*$/\1te'sty/g' mymysql.cnf
```
where the new password is `te'sty` will break it as well.
A new line is another potential failure point. But I'm fine not coding around this one.
Taking a step back, is `sed` the only option for updating the password? Can we delete the line (with sed) and then append it by other means safely? The only way I could think of dealing with random strings and not going through escape hell is base64'ing it so it goes through bash unaffected. Something like:
```
cat > new_password.tmp <<EOF
base64'ed password from java
EOF
echo -n "password=" >> mysql.cnf
base64 --decode new_password.tmp >> mysql.cnf
```
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by geomacy <gi...@git.apache.org>.
Github user geomacy commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
\U0001f44d LGTM, tested the sed commands generated by the above with values `te\sty` and `te/sty` and both are handled correctly:
```
vagrant@byon5:~$ sed -i'' -e 's/^\(\s*password\s*=\s*\).*$/\1te\\sty/g' mymysql.cnf
vagrant@byon5:~$
vagrant@byon5:~$
vagrant@byon5:~$ cat mymysql.cnf
password = te\sty
vagrant@byon5:~$ sed -i'' -e 's/^\(\s*password\s*=\s*\).*$/\1te\/sty/g' mymysql.cnf
vagrant@byon5:~$
vagrant@byon5:~$ cat mymysql.cnf
password = te/sty
```
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by tbouron <gi...@git.apache.org>.
Github user tbouron commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
@m4rkmckenna `Augeas` seems like a idea. Is it possible to update this blueprint to use this tool?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] brooklyn-library issue #76: Tweak to password change effector so that sed id...
Posted by geomacy <gi...@git.apache.org>.
Github user geomacy commented on the issue:
https://github.com/apache/brooklyn-library/pull/76
Good catch @drigodwin I was only testing the sed
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---