0

I am trying to wrap up one of our projects in Ubuntu/CentOS packages. The project is a typical web framework which requires to deploy a tomcat war file, create some directories and run a mysql script that creates a new user + database with some tables, etc.

Now I am not sure how to package up the mysql script. It should work either way if mysql has not yet been installed on the machine, or when the user already has a working mysql installed. The thing I am uncertain about is how to login in mysql with root so that I can add a new user and table.

Should I prompt the user for his mysql-root password during installation? This might add confusion. Or can I just bypass authentication? Assuming the process is executed as sudo either way, I might be able to do a mysqld_safe --skip-grant-tables &, and login with mysql-root without any password.

What is common practice when it comes to running a mysql script during the installation of a package?

Jeroen Ooms
  • 2,187
  • 7
  • 32
  • 51

1 Answers1

0

Common practice is not to do it at install time. There's 3 good reasons I can think of:

  • For security reasons it's not a good idea to even attempt to ship default username/password combinations with packages as they'll become a weakness for many installs. It makes a little more work for the end user, but it's much safer to insist they set up their own credentials for the service.
  • You can't know in advance that the user will want to host the DB on the same server as the application, so attempting to set it up during install would be annoying and invasive for some users.
  • Prompting for a superuser password during the install is a massive no-no. I'd Ctrl+C right there and run a mile if I saw that. Attempting to bypass it by abusing elevated privileges is even worse.

If you want to make your setup process easier, you can do what a lot of packages do and ship with a default configuration. On first access the site can check for whether or not the defaults are still set and displaying the initial setup instructions if they are.

If you want to roll out the red carpet, you can write a separate setup script that does most of the work, or even code the process into your application; prompting for new the MySQL credentials, server and DB name. You should encourage users to make them unique and not offer defaults. Once you got those details, you can use those to load the initial schema and data.

SmallClanger
  • 8,947
  • 1
  • 31
  • 45