On 2005-10-17 Chris Chiappa wrote:
> On Tue, Oct 18, 2005 at 12:55:58AM +0200, Christian Hammers wrote:
> > What does
> > USE mysql;
> > SELECT * FROM user;
> > look like? (you do not need to make passwords public here just give me an
> > idea if the server stored old or new style passwords in the passwd field).
> How would one tell? The root password is a 16 character mix of numbers and
> lower case letters; the hordemgr account (presumably what imp is using since
> it's part of the horde framework) has a password that starts with a * and
> then has a mix of 40 numbers and upper case characters.
The length of the password tells me which password scheme is in use. The horde
probably did not use the standard passwd() function but tried to be more
clever and just used the new md5 like passwords.
> Would simply resetting the passwords help? something like
> update user set password = old_password('whatever') where user='hordemgr';
Yes, exactly.
> Anyway, we will soon upgrade every package to the new libraries...
> A little distressing to see a bug in php4-mysql from > 100 days ago saying
> "I can't think of a reason NOT to recompile it" and then nothing since then,
> but that's what I get for running unstable. :)
There is a reason. If you link e.h. php4-mysql against libmysqlclient14 and
have your system passwd database in MySQL, too, (libnss-mysql) where
libnss-mysql is linked against libmysqlclient12 then you end up with a binary
that has calls to both libraries. The linker then does not know if
mysql_connect refers to which of the two and guesses... wrong -> segfault :)
So the transition has to be planned a bit more carefully (e.g. by patching
MySQL to use something called "versioned symbols")
Anyway, if horde insists to use new style passwords although you have the
old_passwords=1 activated, tell me then I reassign the bug. Horde should honor
the admins whish.
bye,
-christian-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
