import doesn't escape characters in db_url
anarcat - June 17, 2009 - 16:58
| Project: | Provision |
| Version: | 6.x-0.2 |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | anarcat |
| Status: | closed |
| Issue tags: | aegir-0.2-hotfix |
Description
So I have just seen a backup fail because of escaped characters in the db_url:
Generating mysql dump for default. [0.063 sec] [backup]
mysqldump -hexample.koumbit.net -uaegir [notice]
-p%40... -rsites/default/database.sql aegir
[0.063 sec]
Executing: mysqldump -hmysql.koumbit.net -uaegir -p%40... -rsites/default/database.sql aegir
mysqldump: Got error: 1045: Access denied for user 'aegir'@'example.koumbit.net' (using password: YES) when trying to connect
Adding sites directory to /var/aegir/backups/default-2009-06-17_3.tar [backup]
[0.074 sec](Some parameters were changed to protect our security.)
I'll try to track this down, but it's rather annoying since it's in 0.2 and we'll need to hotfix...
#1
Okay, so the problem seems to be related with the import mechanism, because the install functions have the urldecode() calls hooked in properly and they are nowhere to be found in import.
#2
Here's a patch I'm going to test in prod. It fixes the dburl parts on import.
#3
The patch works and I can now backup the site after importing again. I committed the patch as is. However, I'm worried that the backup said it succeeded when it wasn't actually able to connect to the database backend, is that a feature we want?! I have opened #494376: backup succeeds even if database connexion fails to make sure I look into this.
#4
So the committed fix works great, except verify writes back the db_url without urlencoding it (ugh!). So this breaks the site altogether.
#5
So this patch works better: I urlencode the various parts before injecting them back, directly in the template.
#6
I committed the fix already.
#7
Automatically closed -- issue fixed for 2 weeks with no activity.