Page MenuHomePhabricator
Create Task
Maniphest T16201

Create AdminSettings.php during wiki installation, in the same way as LocalSettings.php
Closed, ResolvedPublic
Actions

Description

Author: nickpj

Description:
During wiki installation, the user has to specify an administrative database account for initializing the database.

We also ask people to use the latest stable MediaWiki version for new wikis, and to keep up with security updates for current wikis. It would probably also be nice if people could upgrade to the latest major release with the absolute minimum of hassle.

One way of making upgrades a bit easier is by saving the administrative database details into config/AdminSettings.php during installation, in the same way that we create config/LocalSettings.php during installation. This is because AdminSettings.php is required for running the maintenance/update.php and maintenance/refreshLinks.php scripts on a version upgrade. However, most people don't find this out at the time of creating their wiki - rather they find it out 3 or 6 months later when they want to upgrade, and by then they can't easily remember the administrative database details, or they can't find them because the dog ate the bit of paper with that information on it.

If we saved the details in config/AdminSettings.php during setup, then people could delete that directory and this file if they did not want it, or they could move it into the parent directory along with LocalSettings.php. Alternatively, if there are security concerns about saving the details in AdminSettings.php without the user's explicit say-so, then make it a checkbox during the setup process, so that the user has to opt-in. But anything we can do to make it a little bit easier to set up and upgrade MediaWiki has got to be a good thing, surely?

Version: 1.13.x
Severity: enhancement

Details

Reference
bz14201

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:08 PM
bzimport added a project: MediaWiki-Installer.
bzimport set Reference to bz14201.
bzimport created this task.May 21 2008, 2:06 AM
DanielFriesen added a comment.May 21 2008, 2:55 AM

It may not be a very good idea to just create this on our own. Not every admin will understand that the file was created, and it could perhaps lead to them accidentally leaving a file with their database administration info out in the open.

Personally, I don't even have the same user in AdminSettings.php as the user I setup with. I use my own user to setup (creates the databases, and creates users and such), and then create a wikiadmin user who only has access to the wiki database and doesn't have the various grant and create user permissions I have.

A better option may be to put a big message on the installation page "Hey, if you want to make updates easier, you should copy AdminSettings.sample into AdminSettings.php and configure it with an administrative user for the database."

Or, perhaps a compromise. Instead of doing this by default where it could be a harmfull unexpected action, we could make it a checkbox option. Next to "Use a superuser account" have a checkbox for "Create an AdminSettings.php file with these credentials". That way it's not done unless the user asks for it, but it does make things simpler.

bzimport added a comment.May 21 2008, 8:31 AM

nickpj wrote:

A better option may be to put a big message on the installation page "Hey,
if you want to make updates easier, you should copy AdminSettings.sample
into AdminSettings.php and configure it with an administrative user for
the database."

That would be a slight improvement, but if we can do it for the user, I
think we should.

However this:

Next to "Use a superuser account" have a checkbox for "Create an
AdminSettings.php file with these credentials". That way it's not done
unless the user asks for it, but it does make things simpler.

... this would be ideal, and should keep everyone happy.

demon added a comment.Jun 3 2008, 2:04 PM

I'm working on this right now. I went the route of making it optional, based on if A) The superuser account is specified and used, and B) You've also elected to created AdminSettings.php.

Additionally, I didn't output it directly to the wiki root, but rather to /config, alongside LocalSettings.php.

Jidanni added a comment.May 11 2009, 5:36 AM

Bah! I would just do as:
http://www.mediawiki.org/wiki/Manual:AdminSettings.php#Merging_with_LocalSettings
for them. That way they could use maintenance scripts just fine and
need not maintain two files.

They could always them separate the two back out later if they are such power users.

demon added a comment.Jun 24 2009, 2:02 AM

Fixed in r52336.

demon added a comment.Jul 23 2009, 12:31 AM

Actually done in r53664.

demon added a comment.Aug 26 2009, 6:56 PM

Reverted in r55612

Emufarmers added a comment.Sep 18 2009, 5:20 AM

AdminSettings.php is gone, and $wgDBadminuser and $wgDBadminpassword will just be filled in by $wgDBuser and $wgDBadminpassword, so I'm marking this as fixed. The only remaining problem cases are those where the regular database user doesn't have a necessary privilege, and r56323 should eliminate that problem eventually.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL