bash 使用 shell 中的变量将密码传递给 mysql_config_editor
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/42232310/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Pass password to mysql_config_editor using variable in shell
提问by Saurabh Shrivastava
I have password stored in a variable $db_pwd and I want to pass it to mysql_config_editor in a shell script. I can not use config file or db_pwd environment variable.
我将密码存储在变量 $db_pwd 中,我想在 shell 脚本中将其传递给 mysql_config_editor。我不能使用配置文件或 db_pwd 环境变量。
I am doing this
我在做这个
mysql_config_editor set --login-path=local --host=localhost --user=username --password
(https://stackoverflow.com/a/20854048/6487831) .
(https://stackoverflow.com/a/20854048/6487831)。
What it does is ask for password "Enter Password", but I wish to supply the password using variable.
它的作用是要求输入密码“输入密码”,但我希望使用变量提供密码。
I tried this :
我试过这个:
mysql_config_editor set --login-path=local --host=localhost --user=username --password $db_pwd
and
和
mysql_config_editor set --login-path=local --host=localhost --user=username --password | echo $db_pwd
and
和
echo "$db_pwd" | mysql_config_editor set --login-path=local --host=localhost --user=username --password
and
和
expect. But this leads to error in case there are warnings like "This path already exists, rewrite (y/n).- options file, but they still give me variable not found error even when I am using it as the first argument. Is options file compatible with mysql config editor?
expect. 但是,如果出现“此路径已存在,请重写(y/n)”等警告,则会导致错误。- options 文件,但即使我将它用作第一个参数,它们仍然给我变量未找到错误。选项文件是否与 mysql 配置编辑器兼容?
Any way to do this? Or should I revert to using mysqlinstead of mysql_config_editor?
有什么办法可以做到这一点?或者我应该恢复使用mysql而不是 mysql_config_editor?
回答by Chris Leavoy
I found the other suggested answer did not work when there was no TTY. So I used this bash script that works in places like Terraform/ssh that doesn't have a terminal:
当没有 TTY 时,我发现另一个建议的答案不起作用。所以我使用了这个 bash 脚本,它在 Terraform/ssh 等没有终端的地方工作:
#!/bin/bash
if [ $# -ne 4 ]; then
echo "Incorrect number of input arguments: ./mysql_config.sh login 10.1.2.3 myuser mypass < /dev/null
$*"
echo "Usage: echo "$db_pwd" | mysql_config_editor set --login-path=local --host=localhost --user=username --password
<login> <host> <username> <password>"
echo "Example: echo "$db_pwd" | unbuffer -p mysql_config_editor set --login-path=local --host=localhost --user=username --password
test 10.1.2.3 myuser mypassword"
exit 1
fi
login=
host=
user=
pass=
unbuffer expect -c "
spawn mysql_config_editor set --login-path=$login --host=$host --user=$user --password
expect -nocase \"Enter password:\" {send \"$pass\r\"; interact}
"
Test it:
测试一下:
mysql_config_editor set --login-path=local --host=localhost --user=username --password
回答by Sir Athos
The --passwordargument is designed to explicitly avoid passing a password on the command line, as this is considered bad security.
该--password参数旨在明确避免在命令行上传递密码,因为这被认为是不安全的。
That being said, you could try to feed the password to mysql_config_editoranyway:
话虽如此,您仍然可以尝试将密码提供给mysql_config_editor:
(This may not work if mysql_config_editor insists on getting input from the current terminal instead of standard in; if that is the case, you don't have a way to provide the password from a variable).
(如果 mysql_config_editor 坚持从当前终端而不是标准输入获取输入,这可能不起作用;如果是这种情况,您将无法从变量中提供密码)。
As the answer you linked to states, you can use mysqldirectly to supply the password. Using mysql_config_editoris meant for storing the password in .mylogin.cnfin an encrypted form (i.e. you supply the password once from the terminal, it is then encrypted and saved in the config file, and mysql can use it from there).
作为您链接到状态的答案,您可以mysql直接使用来提供密码。Usingmysql_config_editor意味着以.mylogin.cnf加密形式存储密码(即您从终端提供一次密码,然后加密并保存在配置文件中,mysql 可以从那里使用它)。
Reference: https://dev.mysql.com/doc/refman/5.7/en/mysql-config-editor.html
参考:https: //dev.mysql.com/doc/refman/5.7/en/mysql-config-editor.html
Update: You may be able to trick mysql_config_editorinto thinking it is reading from an interactive terminal, by using the unbufferutility:
更新:mysql_config_editor通过使用该unbuffer实用程序,您可能会误以为它是从交互式终端读取的:
回答by Frogo
Ran into this problem as well. My solution was to run the command once, and supply the password on prompt
也遇到了这个问题。我的解决方案是运行一次命令,并在提示时提供密码
##代码##This generates the file .mylogin.cnf in users home directory. Just copying this file (can be done from a bash script) to the user you want to give access using the --login-path option does the trick.
这会在用户主目录中生成文件 .mylogin.cnf。只需将此文件(可以从 bash 脚本完成)复制到您想要使用 --login-path 选项授予访问权限的用户即可。
As I understand .mylogin.cnf is just an obfuscated way of storing a username and password for that particular --login-path
据我了解 .mylogin.cnf 只是一种为该特定 --login-path 存储用户名和密码的混淆方式
