Recently, some private wikis requested botpasswords to be enabled at their wikis. This was okay'ed by Security-Team in T159519, and done by @Reedy for some wikis in T246489 and T254925, and I cannot figure out a reason why this shouldn't be done for all new private wikis right away, as it's generally an useful feature.
|operations/mediawiki-config||master||+0 -7||Enable bot passwords at all fishbowl and private wikis|
|Resolved||Urbanecm||T258356 Allow users at all private/fishbowl wikis to use botpasswords|
|Resolved||Urbanecm||T258355 Allow users to use botpasswords at stewardwiki|
|Resolved||Reedy||T254925 Bot passwords for officewiki|
|Resolved||Bawolff||T159519 Investigate security concerns on enabling OAuth or BotPasswords for stewardwiki|
|Resolved||Urbanecm||T258358 Allow users to use botpasswords at checkuserwiki|
I was wondering whether new fishbowl/private wikis will get the bot_passwords table. Since arbcom_ruwiki got created recently, and it has the table, this should be just a matter of a single config change.
The table is in tables-generated.sql these days, so yeah, all wikis should get it (including the private ones) on creation.
Any wikis that pre-date the table being created, and are private won't have had the table created there retrospectively; so those will need creating first
[urbanecm@mwmaint2001 ~/private-botpassword-T258356]$ cat print_no_botpasswords.sh #!/bin/bash foreachwikiindblist private.dblist mysql.php -- -e 'SHOW TABLES LIKE "bot_%"' > raw_out.txt grep : raw_out.txt | grep -v Tables | cut -d: -f 1 > has_botpassword.txt grep -vf has_botpassword.txt /srv/mediawiki/dblists/private.dblist | grep -v NOTE [urbanecm@mwmaint2001 ~/private-botpassword-T258356]$ bash print_no_botpasswords.sh > no_botpassword.txt [urbanecm@mwmaint2001 ~/private-botpassword-T258356]$ for wiki in $(cat no_botpassword.txt); do mwscript mysql.php --wiki=$wiki --write < /srv/mediawiki/php-1.36.0-wmf.10/maintenance/archives/patch-bot_passwords.sql; done [urbanecm@mwmaint2001 ~/private-botpassword-T258356]$ bash print_no_botpasswords.sh [urbanecm@mwmaint2001 ~/private-botpassword-T258356]$
Thank you for suggesting this item for Tech News. However, according to the inclusion criteria, this change is not under TN's scope.
Tech News is a newsletter documenting technical changes to the Wikimedia sites that affect Wikimedia editors.
Suggesting this item is a good thing: it is better to suggest a possible item than not suggesting one! :)