Skip to content

Commit

Permalink
Fix htpassword update logic (#547)
Browse files Browse the repository at this point in the history
* Fix htpassword update logic

* Delete mq.htpasswd.default file
  • Loading branch information
ShashikanthRaoT authored and GitHub Enterprise committed Nov 21, 2023
1 parent 13dfa57 commit 14be193
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 8 deletions.
2 changes: 0 additions & 2 deletions Dockerfile-server
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,6 @@ LABEL summary="IBM MQ Advanced for Developers Server" \
USER 0
COPY --from=cbuilder /opt/app-root/src/authservice/mqhtpass/build/mqhtpass.so /opt/mqm/lib64/
COPY etc/mqm/qm-service-component.ini /run
COPY etc/mqm/mq.htpasswd.default /etc/mqm/
COPY incubating/mqadvanced-server-dev/install-extra-packages.sh /usr/local/bin/
RUN chmod u+x /usr/local/bin/install-extra-packages.sh \
&& sleep 1 \
Expand All @@ -197,7 +196,6 @@ RUN ln -s /run/10-dev.mqsc /etc/mqm/10-dev.mqsc \
RUN chown -R 1001:root /etc/mqm/* \
&& chmod -R g+w /etc/mqm/web \
&& chmod +x /usr/local/bin/runmq* \
&& chmod 0660 /etc/mqm/mq.htpasswd.default \
# Allow contents of qm-service-component.ini to be cleaned if MQ_CONNAUTH_USE_HTP is not set to true
&& chmod 0660 /run/qm-service-component.ini \
&& ln -s /run/qm-service-component.ini /etc/mqm/qm-service-component.ini
Expand Down
6 changes: 3 additions & 3 deletions cmd/runmqdevserver/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ import (
"strings"
"syscall"

"github.com/ibm-messaging/mq-container/internal/copy"
"github.com/ibm-messaging/mq-container/internal/htpasswd"
"github.com/ibm-messaging/mq-container/pkg/containerruntimelogger"
"github.com/ibm-messaging/mq-container/pkg/logger"
Expand Down Expand Up @@ -136,8 +135,9 @@ func doMain() error {
appPassword, appPwdset := os.LookupEnv("MQ_APP_PASSWORD")
if set && strings.EqualFold(enableHtPwd, "true") &&
(adminPwdset && len(strings.TrimSpace(adminPassword)) > 0 || appPwdset && len(strings.TrimSpace(appPassword)) > 0) {
// Copy default mq.htpasswd file to ephemeral volume
err = copy.CopyFile("/etc/mqm/mq.htpasswd.default", "/run/mq.htpasswd")
// Create an empty mq.htpasswd file on ephemeral volume
// #nosec G306 - its a write by owner/s group, and pose no harm.
err = os.WriteFile("/run/mq.htpasswd", []byte(""), 0660)
if err != nil {
logTermination(err)
return err
Expand Down
2 changes: 1 addition & 1 deletion docs/pluggable-connauth.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This pluggable authentication mode is to allow developers using the mq-container

### Preparing htpasswd file

1. A default `mq.htpasswd.default` file is provided and placed under /etc/mqm/ directory inside the container.
1. The `mq.htpasswd` file gets generated and placed under /run/ directory inside the container when the password for `admin` or `app` users is set via environment variables. No default password is set for these users.
2. You can set the password for user `admin` by setting the environment variable `MQ_ADMIN_PASSWORD`.
3. You can add user `app` into mq.htpasswd file by setting the environment variable `MQ_APP_PASSWORD`. This user `app` can be used to access `DEV.*` objects of the queue manager.

Expand Down
2 changes: 0 additions & 2 deletions etc/mqm/mq.htpasswd.default

This file was deleted.

0 comments on commit 14be193

Please sign in to comment.