#!/bin/bash

set -e

. /usr/share/debconf/confmodule

if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 }
 
export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin

# This command can be used as pipe to syslog. With "-s" it also logs to stderr.
ERR_LOGGER="logger -p daemon.err -t mysqld_safe -i"

# Start the server with networking disabled and socket in a temporary location
# Usage: start_server <datadir> <tmpdir> <skip_grant>
# Params:
# datadir - Location of database files
# tmpdir - Used to store temporary pid and socket files
# skip_grant - If set, the server will be started with --skip-grant-tables
start_server() {
  local datadir=$1
  local tmpdir=$2
  local skip_grant=$3
  # If a database is already running, mysqld will keep trying to lock the files for ~100 seconds before failing.
  # If the ibdata1 file is locked we fail immediately
  if fuser "$datadir/ibdata1"; then
    echo "ERROR: Database files are locked. Daemon already running?" >&2
    return 1
  fi
  # The --daemonize flag makes the process fork, with the original exiting once the database is ready for use
  if [ ! -z "$skip_grant" ]; then
    mysqld --user=mysql --daemonize --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" --skip-networking --skip-grant-tables
  else
    mysqld --user=mysql --daemonize --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" --skip-networking
  fi
}

# Shut down the server by sending a kill signal to the process
# Usage: stop_server <tmpdir>
# Params:
# tmpdir - Location of temporary pid-file
# Returns:
# 0 - Shutdown successful
# 1 - Shutdown took longer than 3 minutes
stop_server(){
  local tmpdir=$1

  # Check if pid file still exists before attempting to get the pid
  local server_pid=$(cat "$tmpdir/mysqld.pid" 2>/dev/null || true)
  if [ "$server_pid" = "" ]; then
    return 0
  fi

  # Send kill signal
  kill "$server_pid"

  for i in $(seq 1 180); do
    sleep 0.1 # A full second is too long, but we need to give the server _some_ time.
    if ! $(ps $server_pid >/dev/null 2>&1); then
      return 0
    fi
    sleep 0.9
  done
  # The server hasn't shut down in a timely manner
  echo "Error: Unable to shut down server with process id $server_pid" >&2
  return 1
}

# Runs an arbitrary init sql file supplied in $1. Does not require login access
run_init_sql() {
  tmpdir=`mktemp -d`
  chown mysql:mysql "$tmpdir"
  mysqld --user=mysql --init-file="$1" --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" > /dev/null 2>&1
  result=$?
  # Enforce server shutdown, waiting for it to complete so there are no conflicts over port 3306
  stop_server "$tmpdir"
  rm -rf "$tmpdir"
  return $result
}

# To avoid having hardcoded paths in the script, we do a search on the path, as suggested at:
# https://www.debian.org/doc/manuals/developers-reference/ch06.en.html#bpp-debian-maint-scripts
pathfind() {
  OLDIFS="$IFS"
  IFS=:
  for p in $PATH; do
    if [ -x "$p/$*" ]; then
      IFS="$OLDIFS"
      return 0
    fi
  done
  IFS="$OLDIFS"
  return 1
}

invoke() {
  if pathfind invoke-rc.d; then
    invoke-rc.d mysql $1
  else
    /etc/init.d/mysql $1
  fi
}

# Check if server is able to start. If it fails we abort early and refer
# the user to a wiki page with solutions for common configuration problems.
test_mysqld_startup() {
  # mysqld --verbose --help will output a full listing of settings and plugins.
  # To do so it needs to initialize the database, so it can be used as a test
  # for whether or not the server can start. We redirect stdout to /dev/null so
  # only the error messages are left.
  result=0
  output=$(mysqld --verbose --help --innodb-read-only 2>&1 > /dev/null) || result=$?
  if [ ! "$result" = "0" ]; then
    echo "ERROR: Unable to start MySQL server:" >&2
    echo "$output" >&2
    echo "Please take a look at https://wiki.debian.org/Teams/MySQL/FAQ for tips on fixing common upgrade issues." >&2
    echo "Once the problem is resolved, run apt-get --fix-broken install to retry." >&2
  fi
  return $result
}

# The query cache feature has been removed in 8.0, but the 5.7 default config has settings
# for it, causing errors when starting the 8.0 server.
# To work around this we comment out these options if an old 5.7 config file is present.
fix_old_config_options() {
  sed -e 's/[[:space:]]*query\_cache*/# Deprecated query cache option disabled by maintainer script\n#query\_cache/' \
  /etc/mysql/mysql.conf.d/mysqld.cnf --in-place=.bak
  # If nothing was changed, remove the new file
  if cmp -s /etc/mysql/mysql.conf.d/mysqld.cnf /etc/mysql/mysql.conf.d/mysqld.cnf.bak; then
    mv /etc/mysql/mysql.conf.d/mysqld.cnf.bak /etc/mysql/mysql.conf.d/mysqld.cnf
  fi
}

# Check if there is passwordless root login
# Usage: test_mysql_access <tmpdir>
# Params:
# tmpdir - Location of mysqld.sock file
test_mysql_access() {
  local tmpdir=$1
  mysql --no-defaults -u root --socket="$tmpdir/mysqld.sock" </dev/null >/dev/null 2>&1
}

this_version=5.7

# This is necessary because mysql_install_db removes the pid file in /var/run
# and because changed configuration options should take effect immediately.
# In case the server wasn't running at all it should be ok if the stop
# script fails. I can't tell at this point because of the cleaned /var/run.
set +e; invoke stop; set -e
    
case "$1" in
  configure)
    # INSERT ANY VERSIONED UPGRADE PATH HANDLING HERE AND NO LATER

    # Versioned upgrade path handling must be done before freeze mode detection;
    # otherwise the following freeze mode handling may cause upgrade path
    # handling to be skipped over multiple version upgrades, meaning that the
    # upgrade path handling never runs on some systems where freeze mode
    # remains active for a long period.

    if [ -e /etc/mysql/FROZEN -o -h /etc/mysql/FROZEN ]; then
      error_message="MySQL has been frozen to prevent damage to your system. Please see /etc/mysql/FROZEN for help."
      logger -p daemon.err -t /etc/init.d/mysql -i "$error_message"
      db_input critical mysql-server-$this_version/installation_freeze_mode_active || true
      db_go
      db_stop
      echo "$error_message" 1>&2
      exit 0
    fi

    mysql_datadir=/usr/share/mysql
    mysql_statedir=/var/lib/mysql
    mysql_rundir=/var/run/mysqld
    mysql_logdir=/var/log/mysql
    mysql_cfgdir=/etc/mysql
    mysql_upgradedir=/var/lib/mysql-upgrade
    mysql_filesdir=/var/lib/mysql-files
    mysql_keyringdir=/var/lib/mysql-keyring

    # mysqld gets called during postinst configure, so any
    # updates to the AppArmor profile must be loaded first (before the
    # dh_apparmor snippet added by debhelper does it properly at the end of
    # this script). Otherwise, mysqld cannot for example load
    # /etc/mysql/mysqld.conf.d/ on upgrade from 5.5 to 5.6, which was added in
    # 5.6 packaging but not present in the AppArmor profile shipped with 5.5
    # packaging.
    #
    # This a workaround. Status is tracked at https://launchpad.net/bugs/1435368
    if aa-status --enabled 2>/dev/null; then
      # It is common for this to fail because
      # /etc/apparmor.d/local/usr.sbin.mysqld doesn't exist (eg. on first
      # install). But if this happens, then the workaround is not required,
      # so it doesn't matter. If instead it causes a security issue, then
      # that doesn't really matter here as dh_apparmor should handle that
      # correctly later on.
      apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.mysqld 2>/dev/null || true
    fi

    # New packaging paradigm for my.cnf as of Dec-2014 for sharing mysql
    # variants in Ubuntu.
    /usr/share/mysql-common/configure-symlinks install mysql "$mysql_cfgdir/mysql.cnf"

    # Ensure the existence and right permissions for the database, socket
    # folder, and log files.
    for d in $mysql_statedir $mysql_filesdir $mysql_keyringdir $mysql_logdir $mysql_rundir
    do
      if [ ! -d "$d" -a ! -L "$d" ]; then mkdir "$d"; fi
      chown -R mysql:mysql $d
      chmod 0700 $d
    done

    # When creating an ext3 jounal on an already mounted filesystem like e.g.
    # /var/lib/mysql, you get a .journal file that is not modifyable by chown.
    # The mysql_datadir must not be writable by the mysql user under any
    # circumstances as it contains scripts that are executed by root.
    set +e
    chown -R 0:0 $mysql_datadir
    touch $mysql_logdir/error.log
    chown -R mysql:adm $mysql_logdir
    chmod 0750 $mysql_logdir
    chmod 0640 $mysql_logdir/error.log
    set -e

    # This is important to avoid dataloss when there is a removed
    # mysql-server version from Woody lying around which used the same
    # data directory and then somewhen gets purged by the admin.
    db_set mysql-server/postrm_remove_database false || true

    # Fix old options that were deprecated in 5.5 and removed in 5.7
    if dpkg --compare-versions "$2" le "8.0.16-0ubuntu3~"; then
      echo "Renaming removed key_buffer and myisam-recover options (if present)"
      fix_old_config_options
    fi

    # Sanity check to make sure the server can start
    test_mysqld_startup

    ## Generate debian maintenance user config using auth_socket authentication
    #
    # In previous releases, debian-sys-maint was authenticated with an unsecure
    # random password. This has been replaced with auth_socket to verify that
    # tools using it are run locally with root permissions.
    dc=$mysql_cfgdir/debian.cnf;
    if [ -e "$dc" -a -n "`fgrep mysql_upgrade $dc 2>/dev/null`" ]; then
      # Remove password option in debian conf file to enforce auth_socket
      # Password line may contain spaces/tabs followed by the key and value
      sed -i '/^[[:space:]]*password *= */d' "$dc"
      # Basedir is deprecated. Remove the option if it's in an existing debian.cnf
      sed -i '/basedir/d' "$dc"
    else
      if [ ! -d "$mysql_cfgdir" ]; then install -o 0 -g 0 -m 0755 -d $mysql_cfgdir; fi
      umask 066
      cat /dev/null > $dc
      umask 022
      echo "# Automatically generated for Debian scripts. DO NOT TOUCH!" >>$dc
      echo "[client]"                                                    >>$dc
      echo "host     = localhost"                                        >>$dc
      echo "user     = debian-sys-maint"                                 >>$dc
      echo "socket   = $mysql_rundir/mysqld.sock"                        >>$dc
      echo "[mysql_upgrade]"                                             >>$dc
      echo "host     = localhost"                                        >>$dc
      echo "user     = debian-sys-maint"                                 >>$dc
      echo "socket   = $mysql_rundir/mysqld.sock"                        >>$dc
    fi

    # Enforce root read-only permissions.
    chown 0:0 $dc
    chmod 0600 $dc

    # Initiate database. Output is not allowed by debconf :-(
    # If database doesn't exist we create it.
    if [ ! "$(ls -A "${mysql_statedir}")" ] && [ -d "${mysql_filesdir}" ]; then
      initfile=`mktemp --tmpdir=/var/lib/mysql-files/`
      touch "$initfile"
      chmod 600 "$initfile"
      chown mysql:mysql "$initfile"
      echo "USE mysql; " >> "$initfile"

      # Install auth_socket plugin for debian-sys-maint and optionally root user
      # This would throw an error if the plugin were already installed, but this
      # should not be the case with the creation of a new database.
      # Bug: http://bugs.mysql.com/bug.php?id=80642
      echo "INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';" >> "$initfile"

      # Use root password if provided, otherwise use auth_socket
      db_get mysql-server/root_password && rootpw="$RET"
      if [ ! -z "$rootpw" ]; then
        rootpw=$(printf %q "${rootpw}")
        echo "ALTER USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY '$rootpw';" >> "$initfile"
      else
        echo "ALTER USER 'root'@'localhost' IDENTIFIED WITH 'auth_socket';" >> "$initfile"
      fi

      # Create debian maintenance user
      echo "CREATE USER 'debian-sys-maint'@'localhost' IDENTIFIED WITH 'auth_socket' AS 'root';" >> "$initfile"
      echo "GRANT ALL ON *.* TO 'debian-sys-maint'@'localhost' WITH GRANT OPTION;" >> "$initfile"
      echo "SHUTDOWN;" >> "$initfile"
      mysqld --initialize-insecure --user=mysql --init-file="$initfile"> /dev/null 2>&1
      rm "$initfile"
    else
      # Confirm auth_socket plugin is installed, then convert auth for debian-sys-maint user
      # INSTALL PLUGIN throws an error if the plugin exists, so check for it first.
      # Bug: http://bugs.mysql.com/bug.php?id=80642
      authupdatefile=`mktemp --tmpdir=/var/lib/mysql-files/`
      touch "$authupdatefile"
      chmod 600 "$authupdatefile"
      chown mysql:mysql "$authupdatefile"
      echo "USE mysql; " >> "$authupdatefile"
      echo "SELECT COUNT(*) INTO @plugin_exists FROM information_schema.plugins WHERE PLUGIN_NAME = 'auth_socket';" >> "$authupdatefile"
      echo "SET @query = IF(@plugin_exists = 0, 'INSTALL PLUGIN auth_socket SONAME "\""auth_socket.so"\"";', 'SELECT 1;');" >> "$authupdatefile"
      echo "PREPARE stmt FROM @query;" >> "$authupdatefile"
      echo "EXECUTE stmt;" >> "$authupdatefile"
      echo "DEALLOCATE PREPARE stmt;" >> "$authupdatefile"
      echo "ALTER USER 'debian-sys-maint'@'localhost' IDENTIFIED WITH 'auth_socket' AS 'root';" >> "$authupdatefile"
      echo "SHUTDOWN;" >> "$authupdatefile"
      run_init_sql "$authupdatefile"
      rm "$authupdatefile"
    fi

    # To avoid downgrades. This has to happen after the database is created, or --initialize will fail
    touch $mysql_statedir/debian-5.7.flag

  ;;

  abort-upgrade|abort-remove|abort-configure)
  ;;

  *)
    echo "postinst called with unknown argument '$1'" 1>&2
    exit 1
  ;;
esac

# forget we ever saw the password.  don't use reset to keep the seen status
db_set mysql-server/root_password ""
db_set mysql-server/root_password_again ""
db_stop # in case invoke failes

#DEBHELPER#

exit 0