search

welaika / wordmove

Multi-stage command line deploy/mirroring and task runner for Wordpress
https://wptools.it/wordmove
MIT License
1.87k stars 165 forks source link

Problem with some special chars in databse passwords. #339

Closed veganista closed 6 years ago

veganista commented 8 years ago

I've just ran into an issue that seemed to be down to the password used for connecting to the database.

The original password i was using was &Bk_qR]fJnW! which was being used in the mysqldump command as --password=\&Bk_qR\]fJnW\!

It looks some of the characters in the above password are causing some escaping to happen which is breaking the authentication.

endorama commented 8 years ago

Hello! I'm guessing you are using this password in the Movefile.
If this is the case the Movefile is a YAML file, so the password should not be escaped in it:

[...]
production:
  database:
    name: "database_name"
    user: "user"
    password: "&Bk_qR]fJnW!"
    host: "host"

I suggest you to wrap the password in double quotes in the Movefile, to avoid any YAML parsing issues.

The password provided this way is escaped when used as mysqldump argument at line 178 of lib/wordmove/deployer/base.rb and is escaped as:

Shellwords.escape('&Bk_qR]fJnW!') # => "\\&Bk_qR\\]fJnW\\!"

In case this configuration does not work please provide more information as in the Contributor Guide bug reporting wiki page. Thank you.

veganista commented 8 years ago

Yes i was using it in the YAML file and i had it wrapped in doubles.

It looks like in my set up that the escaping isn't working as expected as it passes through the password originally mentioned.

Here are some details about my set up

OS: Linux scotchbox 3.13.0-55-generic #94-Ubuntu SMP Thu Jun 18 00:27:10 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Ruby: ruby 2.2.2p95 (2015-04-13 revision 50295) [x86_64-linux]
rbenv: 0.4.0-151-g83ac0fb
wordmove: 2.0.0
veganista commented 8 years ago

I should note that i have just changed my password so everything is working. I just wanted to report that there may be an issue.

endorama commented 8 years ago

Escape is done with Shellwords ( a module in the ruby stdlib ), which is working as expected ( see documentation ).

Just to clarify: your password was &Bk_qR]fJnW!, should have been passed to mysqldump as \&Bk_qR\]fJnW\! but instead was passed as \\&Bk_qR\\]fJnW\\!. Correct?

If that is the case maybe the password should be passed in quotes instead than escaped. For the dev team, see this SO answer.

veganista commented 7 years ago

Apologies for the delay here. I completely forgot about this issue.

The behaviour you have described is correct.

mukkoo commented 6 years ago

I've tested the behaviour and it works correctly. If we have no more malfunctions reports we can consider this issue resolved. Feel free to reopen it.