I have a Flyway migration script that creates a role with a password. This password is retrieved from AWS secretsmanager. The issue I face is if the value in secrets manager is updated I obviously get password incorrect error when the user tried to connect to database.
Since writing sql.statements altering the role and updating the password everytime the password is rotated in AWS is not acceptable, can you please suggest how do I manage this seamlessly.
Related
The default Ubuntu phpMyAdmin install asks whether dbconfig-common should be used. If you answer Yes, then:
the install creates a new (MySQL) user named phpmyadmin with the password you supply
this user is given rights only to the phpmyadmin database (with only usage on everything else)
the new user's username and password are stored in /etc/dbconfig-common/phpmyadmin.conf, with the passsword in clear
phpMyAdmin is actually installed with auth_type=cookie, so it doesn't need any new users. You can log in as any existing MySQL user.
I'm having trouble understanding what the point of dbconfig-common actually is. User phpmyadmin doesn't appear to be needed, and only has rights on a database that isn't important to the end-user, and creating a new user increases the attack surface. If I drop the phpmyadmin user from MySQL, it doesn't seem to affect phpmyadmin functionality at all, except that I get a warning (access denied for user 'phpmyadmin'#'localhost').
Is dbconfig-common doing something else that's important, or should I try to set up the phpmyadmin config file manually? The current docs appear to be here, but they don't answer the question.
I just installed sonarqube. As part of automation i am required to change the admin password through command line. I see there is a document to reset the admin credentials by running the query. I am wondering where do i run the query.
update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin'
I am using official docker image for sonarqube. I logged into container and don't see any mysql, sql, psql installed. So i which DB exactly i need to login and run the query.
You might want to refer this for your question - Installing the Server.
Basically, <install_directory>/conf/sonar.properties has instructions for setting up the database if required.
SonarQube Docker images are using the H2 embedded database, and this one must not be used for production, you should configure SonarQube to use another database (MySQL, Postgresql, Microsoft SQL Server or Oracle).
Then you can run the query in one of those database.
You can also use Web API to change the password of a user such as https://sonarcloud.io/web_api/api/users (this will work with any database)
We have a monetdb database which we can no longer get in to. The password we have recorded and also stored in the user's SQL client no longer works. Is there any way to bypass this and recover the password or the data?
You can reset your password by executing following MAL commands in mserver prompt:
oldp:=clients.getPasswordHash("username");
newp:=clients.backendsum("newpassword");
clients.changePassword(oldp, newp);
I'm configuring an Oracle VM taken from here and want to tweak the default schema generated there as an example of the Flyway integration.
The Flyway is used there to create a new Oracle schema called MYSCHEMA. So the Flyway user is system (default Oracle dba) and the password is system's password, that is:
<flyway.user>system</flyway.user>
<flyway.password>manager</flyway.password>
<flyway.schemas>MYSCHEMA</flyway.schemas>
Now I have two tasks:
I need to set a specific password for MYSCHEMA or at least to know what password has the Flyway set for it.
I need to set specific user permissions (GRANTs) for the MYSCHEMA user.
Both tasks should be executed by system user. Besides, there is no point to run them on every migration. Once is enough.
Can I do it inside the Flyway using callbacks or migrations?
Update: default password seem to be "flyway", but the MYSCHEMA lacks CREATE SESSION privilege.
We are cleaning up servers for a customer and have stumbled upon an old application using an H2 database. While the accessing applications have credentials in their configuration files, none of them seem to work.
Even the "sa" user access is not known. As far as I can see, the password for "sa" defaults to an empty string, but access with "sa"/"" is denied (Wrong user name or password [28000-182] 28000/28000 (Help)).
As said, the database is not encrypted. Looking at the file, I can see the SQL statements for the tables, even some table contents.
Is there any way to gain access to that database? As far as my searches have shown it's only possible using the "sa" user. I'm looking for something along the lines of "--skip-grant-tables" from MySQL.
The easiest solution is probably:
Try to login to the database without password. This will fail (wrong user name or password), but it will run transaction log recovery so that the database is in a consistent state.
Then, use the Recover tool (org.h2.tools.Recover) to generate a SQL script.
Edit the script: Change the password for the default user.
Run the script. That way you get a new database.