Menu
I have password stored in a variable $db_pwd and I want to pass it to mysql_config_editor in a shell script. I can not use config file or db_pwd environment variable.
I am doing this
mysql_config_editor set --login-path=local --host=localhost --user=username --password
(https://stackoverflow.com/a/20854048/6487831) .
What it does is ask for password "Enter Password", but I wish to supply the password using variable.
I tried this :
mysql_config_editor set --login-path=local --host=localhost --user=username --password $db_pwd
and
mysql_config_editor set --login-path=local --host=localhost --user=username --password | echo $db_pwd
and
echo "$db_pwd" | mysql_config_editor set --login-path=local --host=localhost --user=username --password
and
expect. But this leads to error in case there are warnings like "This path already exists, rewrite (y/n).Any way to do this? Or should I revert to using mysql instead of mysql_config_editor?
981
The mysql client utility can take a password on the command line with either the -p or --password= options.
The mysql_config_editor utility enables you to store authentication credentials in an obfuscated login path file named . mylogin. cnf . The file location is the %APPDATA%\MySQL directory on Windows and the current user's home directory on non-Windows systems.
I found the other suggested answer did not work when there was no TTY. So I used this bash script that works in places like Terraform/ssh that doesn't have a terminal:
#!/bin/bash
if [ $# -ne 4 ]; then
echo "Incorrect number of input arguments: $0 $*"
echo "Usage: $0 <login> <host> <username> <password>"
echo "Example: $0 test 10.1.2.3 myuser mypassword"
exit 1
fi
login=$1
host=$2
user=$3
pass=$4
unbuffer expect -c "
spawn mysql_config_editor set --login-path=$login --host=$host --user=$user --password
expect -nocase \"Enter password:\" {send \"$pass\r\"; interact}
"
Test it:
./mysql_config.sh login 10.1.2.3 myuser mypass < /dev/null
The --password argument is designed to explicitly avoid passing a password on the command line, as this is considered bad security.
That being said, you could try to feed the password to mysql_config_editor anyway:
echo "$db_pwd" | mysql_config_editor set --login-path=local --host=localhost --user=username --password
(This may not work if mysql_config_editor insists on getting input from the current terminal instead of standard in; if that is the case, you don't have a way to provide the password from a variable).
As the answer you linked to states, you can use mysql directly to supply the password. Using mysql_config_editor is meant for storing the password in .mylogin.cnf in an encrypted form (i.e. you supply the password once from the terminal, it is then encrypted and saved in the config file, and mysql can use it from there).
Reference: https://dev.mysql.com/doc/refman/5.7/en/mysql-config-editor.html
Update: You may be able to trick mysql_config_editor into thinking it is reading from an interactive terminal, by using the unbuffer utility:
echo "$db_pwd" | unbuffer -p mysql_config_editor set --login-path=local --host=localhost --user=username --password
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
