The system changed the password for the database user
I transfered my sites from an old VPS to a new VPS using the "Transfer Tool".
Usually I do this transfer without any problem.
But today I just did a transfer and the system showed so many warnings, beside took a long time (more than 3 hours, before it takes 20 minuts). I moved 31 cpanel accounts and I get 17 warnings.
The old server had the version: WHM 11.46.0 (build 17) - in a VPS with 5 cores
And the new: WHM 11.46.0 (build 12) - in a VPS with 24 cores
As the example of one warning:
I guess, will I have to modify the 17 sites from my customers, in order to work fine? THE SYSTEM SHOULD NOT DO THIS. :(
The system changed the password for the database user "user" to a random string because the original password used an old and insecure format that is incompatible with MySQL version (5.6.21). You must manually change the password for "user" to match the original password in order to ensure that applications that use the credentials will continue to function.
The system changed the password for the database user "user_some_script" to a random string because the original password used an old and insecure format that is incompatible with MySQL version (5.6.21). You must manually change the password for "user_some_script" to match the original password in order to ensure that applications that use the credentials will continue to function.
I guess, will I have to modify the 17 sites from my customers, in order to work fine? THE SYSTEM SHOULD NOT DO THIS. :(
-
This change was described in the Release Notes, back in September: Secure password format required for MySQL 5.6 or later - cPanel 11.44 Release Notes 0 -
]This change was described in the Release Notes, back in September: Secure password format required for MySQL 5.6 or later - cPanel 11.44 Release Notes
Yes, I appreciated that you remind me the change log. But not all the users are server administrators, in my case I am web designer, and I don't check those changes. In addition, I was checking the sites that WHM changed password, on those I had really strong passwords, for example: PP7n3ydB81{V - Does it looks like old and insecure format, incompatible with MySQL? This mean a lot of work for me, to change so many passwords on my sites (I have more than 300 sites, with different php scripts).0 -
That setting is being removed. You can find more help in the docs to determine whether any users have old-style passwords: Use pre-4.1-style MySQL " passwords - cPanel Documentation 0 -
We're trying to move from MySQL 5.5 to 5.6, and it would be helpful if there were some guidance on how to deal with these password changes. We have several dozen accounts with the old hash, several dozen system databases with the old hash, and various unknown customer-related items with the old hash. What little information there is implies that the passwords need to be changed before updating MySQL, yet that doesn't change the hash length. Waiting until after we upgrade will result in (apparently) customers not being able to log in and/or their websites breaking. We would also anticipate server issues (cphulk, for instance, has an old hash). Where is there anything that explains how to have your customers update their old hash PWs, our sysadmins to update the system PWs, and the various unknown PWs without things breaking? 0 -
I am happy to see that document was helpful. Thank you for updating us with the outcome. 0 -
I am happy to see that document was helpful. Thank you for updating us with the outcome.
Well, actually, we seem to have gotten all the accounts' passwords rehashed using mysql commands except cphulkd, which doesn't have a password file in /var/cpanel, and /var/cpanel/cphulkd/keys/cpanelpasswd results in errors:[2015-04-21 17:54:24 -0700] warn [cphulkd] 14775 Cpanel::DBI::Mysql connect('','cphulkd',...) failed: Access denied for user 'cphulkd'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Hulkd.pm line 460.
Where is the cphulkd password and is there a WHM function, or does this also need to be changed manually?0 -
Hello, The password should be in /var/cpanel/hulkd directory (in a file called password). Do you have an enabled file in that directory as well? -bash-4.1# ll total 16 drwx------ 2 root root 4096 Apr 22 08:47 cache drwxr-xr-x 3 root root 4096 Feb 4 13:43 Cpanel -rw-r--r-- 1 root root 10 Feb 4 13:17 enabled -rw------- 1 root root 39 Feb 4 13:06 password -bash-4.1#
0 -
Hello, The password should be in /var/cpanel/hulkd directory (in a file called password). Do you have an enabled file in that directory as well?
-bash-4.1# ll total 16 drwx------ 2 root root 4096 Apr 22 08:47 cache drwxr-xr-x 3 root root 4096 Feb 4 13:43 Cpanel -rw-r--r-- 1 root root 10 Feb 4 13:17 enabled -rw------- 1 root root 39 Feb 4 13:06 password -bash-4.1#
Holy crap. I looked all over for that (enabled is also there) - thanks. Is there a current list where to find things like this?0 -
There's no list, but feel free to let us know if you have any questions about the location of specific data. Thank you. 0
Please sign in to leave a comment.
Comments
11 comments