uapi mysql create_user password issues

katmai

Well-Known Member
Mar 13, 2006
562
2
168
Brno, Czech Republic
It seems like the uapi password function doesn't properly sanitize the password input. If i create an account with this complex password:

uapi --user=katmai Mysql create_user name=katmai_user password=__87%smiled%TASTE%fiji%13__

ill get an access denied trying to login to the database.

If i make the password slightly less complex such as:
uapi --user=katmai Mysql create_user name=katmai_user [email protected]

it all works just fine.
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,126
667
263
Houston
cPanel Access Level
DataCenter Provider
Hi @katmai

This is because you're not properly URI encoding the password. The % is a reserved character and needs to be represented as %25 when creating the password. So on creation it should look as follows:

Code:
__87%25smiled%25TASTE%25fiji%2513__
Then when logging in you can use the password as you originally intended:


Code:
__87%smiled%TASTE%fiji%13__
I tested this on my server and it worked without issues

Code:
[[email protected] ~]# uapi --user=myuser Mysql create_user name=myuser_atest3 password="__87%25smiled%25TASTE%25fiji%2513__"
[2019-06-10 12:34:51 -0500] info [uapi] ---debug_hooks---
[2019-06-10 12:34:51 -0500] info [uapi]             msg: No hooks found for traversed context
[2019-06-10 12:34:51 -0500] info [uapi]         context: Cpanel::UAPI::Mysql::create_user
[2019-06-10 12:34:51 -0500] info [uapi]           stage: pre
[2019-06-10 12:34:51 -0500] info [uapi] ---debug_hooks---
[2019-06-10 12:34:51 -0500] info [uapi]             msg: No hooks found for traversed context
[2019-06-10 12:34:51 -0500] info [uapi]         context: Cpanel::UAPI::Mysql::create_user
[2019-06-10 12:34:51 -0500] info [uapi]           stage: post
---
apiversion: 3
func: create_user
module: Mysql
result:
  data: ~
  errors: ~
  messages: ~
  metadata: {}

  status: 1
  warnings: ~
Then logged in:

Code:
[[email protected] ~]# mysql -u myuser_atest3 -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 351215
Server version: 10.3.13-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
This is noted in the UAPI documentation here: UAPI Functions - Mysql::create_user - Developer Documentation - cPanel Documentation

Notes:

  • You must URI-encode values.
  • username represents your account-level username.
  • For more information and additional output options, read our Guide to UAPI documentation or run the uapi --help command.
  • If you run CloudLinux™, you must use the full path of the uapi command:

    /usr/local/cpanel/bin/uapi