-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
changing passwords in docker-compose.yml not working -- security threat #7
Comments
Hello, The mysql service variables are used during the creation of the container, it means that if the container has been created it is not possible to change mysql passwords (see https://hub.docker.com/_/mysql: "...Do note that none of the variables below will have any effect if you start the container with a data directory that already contains a database: any pre-existing database will always be left untouched on container startup.". Passwordcokpit on the other hand must have configured PASSWORDCOCKPIT_DATABASE_USERNAME and PASSWORDCOCKPIT_DATABASE_PASSWORD that are configured in the mysql container. I suggest you try, if mysql doesn't contain any data you can't delete, to destroy the mysql container and configure username and passwords before docker-compose up? If you cannot destroy mysql container, you can enter in the mysql container and change password and then reconfigure PASSWORDCOCKPIT_DATABASE_USERNAME and PASSWORDCOCKPIT_DATABASE_PASSWORD. |
Hello @bu3tt1 and thanks for your response. INFO:
So i still think there is a BUG in the setup process of the containers right? QUESTION:
Is this the only path where one needs to adjust credentials username and password for DB connection? Kind regards, |
Yes the path /var/www/html/config/autoload/db.local.php it's correct |
Hi folks,
it is not possible to change the following username and/or passwords in docker-compose.yml for
image: passwordcockpit/passwordcockpit:1.2.2-php-7.3-apache
Changing one of the following will result in connection errors:
Suggestion:
If they are not intended to get changed by Sys-Admin, than there should be a comment or variables should be removed (or commented) from docker-compose.yml and some info in documentation is appreciated.
Thank you and kind regards!
Raphael
The text was updated successfully, but these errors were encountered: