severity 418672 grave tags 418672 + security confirmed tags 418672 - unreproducible moreinfo stop
Hello On 2007-04-11 Olaf van der Spek wrote: > > severity 418672 normal > Why? Standard procedure for bugs that are unreproducible on the first try so that security team & co do not waste time on them. > > Anyway, I cannot reproduce a reset of the users passwords during a mysql > > upgrade or "dpkg --reconfigure mysql-server-5.0". Can you try to > > reproduce it yourself? > Sure. Thanks for the detailed trace. The symptom did not appear for me as I had a different mysql.user table on which the INSERTs silently failed. I can confirm it however for fresh installs on etch and above (didn't try sarge yet). The root of the problem is that the mysql_install_db script which gets called in postinst changed its behaviour and the comment "save to use on existing tables" is no longer true - it now unconditionally installs the three new entries. Sean, do you have time do deal with this as I'm away from tomorrow evening? The first idea for a fix would be to only call mysql_install_db if no $datadir/mysql/user.frm exists. We call mysql_upgrade somewhen in /etc/mysql/debian-start IIRC so an upgrade from 4.0/4.1 to 5.0 table format should be made (better check if our format from postinst is really the same than that in mysql_upgrade. bye, -christian-
signature.asc
Description: PGP signature
