From 05ac720712f47c09f2df11ff970c801803373aaa Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Mon, 10 Oct 2022 08:02:28 -0400 Subject: [PATCH 1/4] remove escape logic for passwords if https://github.com/linuxserver/docker-bookstack/pull/140 works, we should replicate. do not merge until we consider the above PR to be sufficiently tested (but before end of month so i can get a tshirt ;) --- root/etc/cont-init.d/40-initialise-db | 2 -- 1 file changed, 2 deletions(-) diff --git a/root/etc/cont-init.d/40-initialise-db b/root/etc/cont-init.d/40-initialise-db index d566804..9ab0acc 100644 --- a/root/etc/cont-init.d/40-initialise-db +++ b/root/etc/cont-init.d/40-initialise-db @@ -44,7 +44,6 @@ if [ -z "${MYSQL_ROOT_PASSWORD}" ]; then else TEST_LEN=${#MYSQL_ROOT_PASSWORD} fi -MYSQL_ROOT_PASSWORD=$(sed -E 's/('\'')/\\\1/g' <<< "${MYSQL_ROOT_PASSWORD}") if [ "${TEST_LEN}" -lt "4" ]; then MYSQL_PASS="CREATE USER 'root'@'%' IDENTIFIED BY '' ;" else @@ -57,7 +56,6 @@ if [ "${MYSQL_USER+x}" ] && \ [ "${MYSQL_DATABASE+x}" ] && \ [ "${MYSQL_PASSWORD+x}" ] && \ [ "${#MYSQL_PASSWORD}" -gt "3" ]; then -MYSQL_PASSWORD=$(sed -E 's/('\'')/\\\1/g' <<< "${MYSQL_PASSWORD}") read -r -d '' MYSQL_DB_SETUP << EOM CREATE DATABASE \`${MYSQL_DATABASE}\`; CREATE USER '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; From e0b6c1483ea44d8edd422ade6f1f33c42ca082ee Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Mon, 10 Oct 2022 10:01:54 -0400 Subject: [PATCH 2/4] Update readme-vars.yml --- readme-vars.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/readme-vars.yml b/readme-vars.yml index d6efd13..bbd0808 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -25,7 +25,7 @@ param_container_name: "{{ project_name }}" param_usage_include_net: false param_usage_include_env: true param_env_vars: - - { env_var: "MYSQL_ROOT_PASSWORD", env_value: "ROOT_ACCESS_PASSWORD", desc: "Set this to root password for installation (minimum 4 characters)." } + - { env_var: "MYSQL_ROOT_PASSWORD", env_value: "ROOT_ACCESS_PASSWORD", desc: "Set this to root password for installation (minimum 4 characters & non-alphanumeric passwords must be properly escaped)." } - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London." } param_usage_include_vols: true param_volumes: @@ -96,6 +96,7 @@ app_setup_block: | # changelog changelogs: + - { date: "10.10.22:", desc: "Remove password escape logic which caused problems for a small subset of users." } - { date: "06.07.21:", desc: "Rebase master to alpine." } - { date: "03.07.21:", desc: "Rebase to 3.14." } - { date: "08.02.21:", desc: "Fix new installs." } From a9d2b550e9d608eec71ac7a270f0b7ea7138f6e9 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Mon, 10 Oct 2022 10:02:21 -0400 Subject: [PATCH 3/4] Update readme-vars.yml --- readme-vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme-vars.yml b/readme-vars.yml index bbd0808..73e9aeb 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -41,7 +41,7 @@ opt_param_usage_include_env: true opt_param_env_vars: - { env_var: "MYSQL_DATABASE", env_value: "USER_DB_NAME", desc: "Specify the name of a database to be created on image startup." } - { env_var: "MYSQL_USER", env_value: "MYSQL_USER", desc: "This user will have superuser access to the database specified by MYSQL_DATABASE (do not use root here)." } - - { env_var: "MYSQL_PASSWORD", env_value: "DATABASE_PASSWORD", desc: "Set this to the password you want to use for you MYSQL_USER (minimum 4 characters)." } + - { env_var: "MYSQL_PASSWORD", env_value: "DATABASE_PASSWORD", desc: "Set this to the password you want to use for you MYSQL_USER (minimum 4 characters & non-alphanumeric passwords must be properly escaped)." } - { env_var: "REMOTE_SQL", env_value: "http://URL1/your.sql,https://URL2/your.sql", desc: "Set this to ingest sql files from an http/https endpoint (comma seperated array)." } opt_param_usage_include_vols: false opt_param_usage_include_ports: false From 8a00b51126ffb0a070f99b71478fb06131c7d7b3 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Mon, 10 Oct 2022 10:03:57 -0400 Subject: [PATCH 4/4] Update README.md --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 66d8d0a..49ecd7b 100644 --- a/README.md +++ b/README.md @@ -159,11 +159,11 @@ Container images are configured using parameters passed at runtime (such as thos | `-p 3306` | Mariadb listens on this port. | | `-e PUID=1000` | for UserID - see below for explanation | | `-e PGID=1000` | for GroupID - see below for explanation | -| `-e MYSQL_ROOT_PASSWORD=ROOT_ACCESS_PASSWORD` | Set this to root password for installation (minimum 4 characters). | +| `-e MYSQL_ROOT_PASSWORD=ROOT_ACCESS_PASSWORD` | Set this to root password for installation (minimum 4 characters & non-alphanumeric passwords must be properly escaped). | | `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London. | | `-e MYSQL_DATABASE=USER_DB_NAME` | Specify the name of a database to be created on image startup. | | `-e MYSQL_USER=MYSQL_USER` | This user will have superuser access to the database specified by MYSQL_DATABASE (do not use root here). | -| `-e MYSQL_PASSWORD=DATABASE_PASSWORD` | Set this to the password you want to use for you MYSQL_USER (minimum 4 characters). | +| `-e MYSQL_PASSWORD=DATABASE_PASSWORD` | Set this to the password you want to use for you MYSQL_USER (minimum 4 characters & non-alphanumeric passwords must be properly escaped). | | `-e REMOTE_SQL=http://URL1/your.sql,https://URL2/your.sql` | Set this to ingest sql files from an http/https endpoint (comma seperated array). | | `-v /config` | Contains the db itself and all assorted settings. | @@ -276,6 +276,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **10.10.22:** - Remove password escape logic which caused problems for a small subset of users. * **06.07.21:** - Rebase master to alpine. * **03.07.21:** - Rebase to 3.14. * **08.02.21:** - Fix new installs.