Skip to Content.
Sympa Menu

en - Re: [sympa-users] upgrade_sympa_password.pl

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: Steve Rich <address@concealed>
  • To: Javier Ron <address@concealed>, "address@concealed" <address@concealed>
  • Subject: Re: [sympa-users] upgrade_sympa_password.pl
  • Date: Mon, 3 Aug 2015 13:11:48 +0000

I suppose I should have included this in my original question.  Yes, I did ensure the cookie was the same prior to the upgrade.  However, since sending that out, I have noted that my config indicates that password_case is set to insensitive by default.  I suppose I can try the upgrade again with password_case set to sensitive since my password did have mixed case in the old environment.  If anyone has anything to add for me to try, I would greatly appreciate it.

Thanks,
Steve


From: Javier Ron
Date: Monday, August 3, 2015 at 8:58 AM
To: "address@concealed", Steve Rich
Subject: Re: upgrade_sympa_password.pl

Did you set the cookie in sympa.conf to match your previous value?


This string is used to generate MD5 authentication keys. It allows generated authentication keys to differ from a site to another. It is also used for reversible encryption of user passwords stored in the database. The presence of this string is one reason why access to sympa.conf needs to be restricted to the sympa user.

Note that changing this parameter will break all HTTP cookies stored in users' browsers, as well as all user passwords and lists X509 private keys. To prevent a catastrophe, sympa.pl refuses to start if the cookie parameter was changed.

Example:

cookie gh869jku5


Thanks
JR



From: address@concealed <address@concealed> on behalf of Steve Rich <address@concealed>
Sent: 03 August 2015 13:42
To: address@concealed
Subject: [sympa-users] upgrade_sympa_password.pl
 
I managed to pull off a test run of a migration from 5.4 to 6.2.3.  Then I tried updating the passwords in the database using upgrade_sympa_password.pl.  It completed and reported some 35,000 passwords were updated using the new md5 hash method.  However, I was not able to log in with my old account.  Is there a patch floating around or did I just miss something?

Thanks,
Steve



Archive powered by MHonArc 2.6.19+.

Top of Page