django-dbbackup
django-dbbackup copied to clipboard
jazzband
Special symbols in passwords
dbbackup command fails when database password contains special symbols. I had spaces and the problem is that the mysqldump command does not put quotes around the password. This may go beyond mysql, but it seems like the culprit is this line in the db.mysql
cmd += ' --password={}'.format(self.settings['PASSWORD'])
Changing it to this
cmd += " --password='{}'".format(self.settings['PASSWORD'])
should fix it.
The workaround, of course, is to not use special characters in passwords.
What I did not understand is how this was not a problem before - I looked in the django.db.backends.mysql and the mysql command line is formed the same way and must fail if spaces are present in the password. The only difference is that the password is filtered by django.utils.encoding.force_str, but that shouldn't change anything.
Further look reveals that django.db.backends.mysql actually forms input for subprocess.Popen differently. Its args list is explicitly created, so '"--password=%s" % passwd' is appended to it in full, spaces and whatnot. In dbbackup the command line is first fully formed as a string and then converted into list of arguments by split().
I just wasted 4 hours on this - backup user has an exclamation in the password. Error message telling me no password supplied when it's right there in the config:
raise exceptions.CommandConnectorError(
dbbackup.db.exceptions.CommandConnectorError: Error running: pg_dump
--host=localhost --port=5432 --username=db_backup --no-password --clean mydb
pg_dump: error: connection to database "mydb"
failed: FATAL: password authentication failed for user "db_backup"
4 years after this was reported, at the very least, this needs to be in the docs.
