arcadedb icon indicating copy to clipboard operation
arcadedb copied to clipboard
verified publisher icon ArcadeData

Allow root password to be updated using `arcadedb.server.rootPassword` and `arcadedb.server.rootPasswordPath`

Open ExtReMLapin opened this issue 9 months ago • 3 comments

What does this PR do?

When using env variable arcadedb.server.rootPassword you can now update root password on each boot and not just on first boot to prevent stdin "listening"

Motivation

What inspired you to submit this pull request?

Related issues

#2058

Checklist

  • [x] I have run the build using mvn clean package command
  • [ ] My unit tests cover both failure and success scenarios

ExtReMLapin avatar Mar 12 '25 15:03 ExtReMLapin

Not sure if it's worth merging as there was an alternative solution proposed there : https://github.com/ArcadeData/arcadedb/issues/2058#issuecomment-2718427974

ExtReMLapin avatar Mar 12 '25 16:03 ExtReMLapin

This would allow to overwrite the root password not only for its intended purpose when used inside a container but also on bare metal installs. I am not sure if this may have security implications (?), but none come to mind directly.

gramian avatar Mar 12 '25 16:03 gramian

I'm a little confused about the Codacy warning, feel free to update the PR to fix the issue

ExtReMLapin avatar Mar 12 '25 17:03 ExtReMLapin