Package: debian-edu-config Version: 2.12.33 Severity: important
The script share/debian-edu-config/tools/edu-icinga-setup helps us with setting up an Icinga2 system on the Debian Edu main server for the Debian Edu network. I that script, the MySQL DB for Icinga2 is set up with a hard-coded password (which is equal across all tjener installations).
From my understanding, this can be avoided by uses pwgen for each individual script run, so all icinga2 setups on the various tjener installations becomes unique.
See grep -r v64nhbe27dfBjR3T in d-e-c's base folder:share/debian-edu-config/tools/edu-icinga-setup: IDENTIFIED BY 'v64nhbe27dfBjR3T'; share/debian-edu-config/tools/edu-icinga-setup: sed -i "/password/ s%\".*\"%\"v64nhbe27dfBjR3T\"%" "/etc/icinga2/features-available/ido-mysql.conf" share/debian-edu-config/tools/edu-icinga-setup: IDENTIFIED BY 'v64nhbe27dfBjR3T';
share/debian-edu-config/tools/edu-icinga-setup: password = "v64nhbe27dfBjR3T" share/debian-edu-config/tools/edu-icinga-setup: password = "v64nhbe27dfBjR3T" light+love Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net
pgpf76Lx6TftJ.pgp
Description: Digitale PGP-Signatur
