Percona Toolkit moved to https://jira.percona.com/projects/PT

pt-config-diff ignores --ask-pass option

Bug #915598 reported by seattlegaucho
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Percona Toolkit moved to https://jira.percona.com/projects/PT
Fix Released
Medium
Daniel Nichter
Percona Toolkit moved to https://jira.percona.com/projects/PT 2.0.3
1.0
Won't Fix
Wishlist
Unassigned
2.0
Fix Released
Medium
Daniel Nichter
Percona Toolkit moved to https://jira.percona.com/projects/PT 2.0.3

Bug Description

A number of pt-* utilities in version 2.0.2 installed from the .deb package in your web site seem to ignore the *--ask-pass* option to ask for the user's password. I tried mostly the pt-config-diff using --ask-pass in different positions in the list of options:

Here are a few examples:
gerry@server-01:~$ pt-config-diff /etc/mysql/my.cnf --ask-pass --user=root h=localhost
DBI connect(';host=localhost;mysql_read_default_group=client','root',...) failed: Access denied for user 'root'@'localhost' (using password: NO) at /usr/bin/pt-config-diff line 1261
gerry@server-01:~$ pt-config-diff --ask-pass /etc/mysql/my.cnf --user=root h=localhost
DBI connect(';host=localhost;mysql_read_default_group=client','root',...) failed: Access denied for user 'root'@'localhost' (using password: NO) at /usr/bin/pt-config-diff line 1261
gerry@server-01:~$ pt-config-diff /etc/mysql/my.cnf --user=root h=localhost --ask-pass
DBI connect(';host=localhost;mysql_read_default_group=client','root',...) failed: Access denied for user 'root'@'localhost' (using password: NO) at /usr/bin/pt-config-diff line 1261

OS info:
uname -a; cat /etc/issue
Linux server-01 3.0.0-14-server #23-Ubuntu SMP Mon Nov 21 20:49:05 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Ubuntu 11.10 \n \l

MySQL server info:
mysqladmin Ver 8.42 Distrib 5.1.58, for debian-linux-gnu on x86_64
Copyright 2000-2008 MySQL AB, 2008 Sun Microsystems, Inc.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license

Server version 5.1.58-1ubuntu1-log
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/run/mysqld/mysqld.sock
Uptime: 1 hour 42 min 52 sec

Threads: 1 Questions: 3578 Slow queries: 0 Opens: 408 Flush tables: 1 Open tables: 64 Queries per second avg: 0.579

All other relevant packages are up to date.

Cheers,
G

Daniel Nichter (daniel-nichter)
tags: added: pt-config-diff
removed: doc
Changed in percona-toolkit:
status: New → Confirmed
importance: Undecided → High
importance: High → Critical
milestone: none → 2.0.3
Revision history for this message
Daniel Nichter (daniel-nichter) wrote :

Fix and will be released with 2.0.3. We may or may not backport this fix to the 1.0 series because the 2.0 fix uses a module (Cxn) that's not in 1.0.

Revision history for this message
Baron Schwartz (baron-xaprb) wrote :

WontFix in 1.0 series; this is minor. I also disagree this is critical; nothing bad happens, you just don't get to specify a password to log in. Nobody dies, no data is deleted, etc.

Revision history for this message
seattlegaucho (gnarvaja) wrote :

Thank you very much for the fix. I'll upgrade it as soon as 2.0.3 hits the repositories.

BTW, this bug can easily be considered a show stopper in a secure environment like PCI depending on the organization. I wouldn't take its severity too lightly.

Cheers,
G

Revision history for this message
Shahriyar Rzayev (rzayev-sehriyar) wrote :

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PT-449

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.