$ cat ~/.mysql_secret # The random password set for the root user at Tue Sep 16 18:33:14 2014 (local time): 9dl}uOS35]s4pAa3
…あれ、なんか桁数とバリエーション増えてない?;
358 sub generate_random_password {
359 # On (at least) Linux and Solaris, a "random" device is available, use it:
360 # cat /dev/urandom | LC_ALL=C tr -dc "[:alnum:]" | fold -w 8 | head -1
361 # Without LC_ALL, "tr" may not know the "alnum" character class -
362 # and there are user profiles which do not have this set.
363 #
364 my $password = `cat /dev/urandom | LC_ALL=C tr -dc "[:alnum:]" | fold -w 8 | head -1`;
365 chomp ($password);
366 return $password;
367 }
mysql-5.6.16/scripts/mysql_install_db.pl.in
382 sub generate_random_password {
383 # On Linux, Solaris, Max OS X and FreeBSD we have a random device available.
384 my $randfile = "/dev/urandom";
385 open(FD, $randfile) || return "";
386 my $password = "";
387 my $pass_len = 16;
388 my $c;
389 while (length($password) < $pass_len) {
390 $c = getc(FD);
391 if ($c =~ /\w/) {
392 $password .= $c;
393 }
394 }
395 close(FD);
396 return $password;
397 }
mysql-5.6.17/scripts/mysql_install_db.pl.in
385 sub generate_random_password {
386 # On Linux, Solaris, Max OS X and FreeBSD we have a random device available.
387 my $randfile = "/dev/urandom";
388 open(FD, $randfile) || die "Can't open $randfile for reading: $!";
389 my $password = "";
390 my $pass_len = 16;
391 my $got_special= 0;
392 my $got_num= 0;
393 my $got_upper= 0;
394 my $c;
395 do
396 {
397 while (length($password) < $pass_len) {
398 $c = getc(FD);
399 if ($c =~ /\w/ || $c =~ /[,.!\$\@\{\}\=\-\+\#\[\]\(\)]/) {
400 $password .= $c;
401 if ($c =~ /[0-9]/)
402 { $got_num = 1; }
403 if ( $c =~ /[A-Z]/ )
404 { $got_upper = 1; }
405 if ($c =~ /[,.!\$\@\{\}\=\-\+\#\[\]\(\)]/)
406 { $got_special= 1; }
407 }
408 }
409 if ($got_special == 0 || $got_num == 0 || $got_upper == 0)
410 {
411 $got_special= 0;
412 $got_num= 0;
413 $got_upper= 0;
414 $password= "";
415 }
416 } while(length($password) < $pass_len);
417 close(FD);
418 return $password;
419 }
mysql-5.7.4-m14/scripts/mysql_install_db.pl.in
Σ(゚д゚lll) やっぱ増えてるー!?
記号が入るようになっているので、rpmでMySQLをインストールしたあとに先頭が"#"でないことをチェックしてパスワードを書き換えているような場合は来年あたりハマるかも知れません。
めんどくさい。
0 件のコメント :
コメントを投稿