[MB-5385] make ebucketmigrator support sasl auth Created: 26/May/12 Updated: 29/May/12 Resolved: 26/May/12 |
|
| Status: | Resolved |
| Project: | Couchbase Server |
| Component/s: | ns_server |
| Affects Version/s: | 1.8.1-release-candidate |
| Fix Version/s: | 1.8.1 |
| Security Level: | Public |
| Type: | Bug | Priority: | Major |
| Reporter: | Aleksey Kondratenko | Assignee: | Aleksey Kondratenko |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | customer | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
SUBJ
|
| Comments |
| Comment by Aleksey Kondratenko [ 26/May/12 ] |
| http://review.couchbase.org/16447 |
| Comment by Farshid Ghods [ 26/May/12 ] |
|
Aliaksey,
bucket sasl password can also be an empty string ? does this change consider that as well ? |
| Comment by Aleksey Kondratenko [ 26/May/12 ] |
|
Yes. Note however that password is read from stdin. So you'll need something like
(auth as admin and then select particular bucket) echo _admin | ./ebucketmigrator -a _admin --bucket-name my-bucket or (auth as user = bucket name that'll automagically select bucket) echo | ./ebucketmigrator -a my-bucket |
| Comment by Farshid Ghods [ 26/May/12 ] |
|
it makes it hard for scripting doesn't it ?
memcached commands cbstats for instance allows the user to pass the bucket name and password in the command line without having to enter it through stdin |
| Comment by Aleksey Kondratenko [ 26/May/12 ] |
|
Disagree. Its still pretty simple to script. Its kind of insecure to have password on cmdline. Ie it'll be visible to all users of system.
Let me know however if you insist. |
| Comment by Farshid Ghods [ 26/May/12 ] |
|
i can agree with you but all our memcached command lines allow the user to pass the password as an argument.
in any case this is a one time patch i am going to give to the customer so appreciate if you can add the option to read the password from the cli. also i noticed that if bucket name is != default and sasl password is empty string ebucketmigrator does not work. in my case i changed the password to be non-empty and after that script worked but not sure if we can ask the customer to also change their password if its empty string PATH=/opt/couchbase/bin:$PATH /opt/couchbase/bin/ebucketmigrator -h 10.1.2.31:11210 -A -V -t -b 778 -d 10.1.2.35:11210 -a third -v Ignoring "-A" flag ... Unknown error {'EXIT',<0.57.0>, {badmatch,{memcached_error,auth_error,<<"Auth failure">>}}} |
| Comment by Thuan Nguyen [ 29/May/12 ] |
|
Integrated in github-ns-server-2-0 #357 (See [http://qa.hq.northscale.net/job/github-ns-server-2-0/357/]) Result = SUCCESS Aliaksey Kandratsenka : Files : * src/ebucketmigrator.erl Aliaksey Kandratsenka : Files : * src/ebucketmigrator.erl |