The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The system changed the password for the database user

Discussion in 'General Discussion' started by F-X, Dec 17, 2014.

  1. F-X

    F-X Member

    Joined:
    Feb 17, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    I transfered my sites from an old VPS to a new VPS using the "Transfer Tool".

    Usually I do this transfer without any problem.

    But today I just did a transfer and the system showed so many warnings, beside took a long time (more than 3 hours, before it takes 20 minuts). I moved 31 cpanel accounts and I get 17 warnings.

    The old server had the version: WHM 11.46.0 (build 17) - in a VPS with 5 cores

    And the new: WHM 11.46.0 (build 12) - in a VPS with 24 cores

    As the example of one warning:
    Code:
    The system changed the password for the database user “user” to a random string because the original password used an old and insecure format that is incompatible with MySQL version (5.6.21). You must manually change the password for “user” to match the original password in order to ensure that applications that use the credentials will continue to function.
    The system changed the password for the database user “user_some_script” to a random string because the original password used an old and insecure format that is incompatible with MySQL version (5.6.21). You must manually change the password for “user_some_script” to match the original password in order to ensure that applications that use the credentials will continue to function.

    I guess, will I have to modify the 17 sites from my customers, in order to work fine?

    THE SYSTEM SHOULD NOT DO THIS. :(
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,449
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. F-X

    F-X Member

    Joined:
    Feb 17, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Yes, I appreciated that you remind me the change log.
    But not all the users are server administrators, in my case I am web designer, and I don't check those changes.

    In addition, I was checking the sites that WHM changed password, on those I had really strong passwords, for example:

    PP7n3ydB81{V - Does it looks like old and insecure format, incompatible with MySQL?

    This mean a lot of work for me, to change so many passwords on my sites (I have more than 300 sites, with different php scripts).
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,449
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  5. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    103
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    We're trying to move from MySQL 5.5 to 5.6, and it would be helpful if there were some guidance on how to deal with these password changes. We have several dozen accounts with the old hash, several dozen system databases with the old hash, and various unknown customer-related items with the old hash.

    What little information there is implies that the passwords need to be changed before updating MySQL, yet that doesn't change the hash length. Waiting until after we upgrade will result in (apparently) customers not being able to log in and/or their websites breaking. We would also anticipate server issues (cphulk, for instance, has an old hash).

    Where is there anything that explains how to have your customers update their old hash PWs, our sysadmins to update the system PWs, and the various unknown PWs without things breaking?
     
  6. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    103
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  8. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    103
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Well, actually, we seem to have gotten all the accounts' passwords rehashed using mysql commands except cphulkd, which doesn't have a password file in /var/cpanel, and /var/cpanel/cphulkd/keys/cpanelpasswd results in errors:

    Code:
    [2015-04-21 17:54:24 -0700] warn [cphulkd] 14775 Cpanel::DBI::Mysql connect('','cphulkd',...) failed: Access denied for user 'cphulkd'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Hulkd.pm line 460.
    Where is the cphulkd password and is there a WHM function, or does this also need to be changed manually?
     
  9. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The password should be in /var/cpanel/hulkd directory (in a file called password).
    Do you have an enabled file in that directory as well?
    Code:
    -bash-4.1# ll
    total 16
    drwx------ 2 root root 4096 Apr 22 08:47 cache
    drwxr-xr-x 3 root root 4096 Feb  4 13:43 Cpanel
    -rw-r--r-- 1 root root   10 Feb  4 13:17 enabled
    -rw------- 1 root root   39 Feb  4 13:06 password
    -bash-4.1# 
    
     
  10. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    103
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Holy crap. I looked all over for that (enabled is also there) - thanks.

    Is there a current list where to find things like this?
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page