#!/bin/bash --norc
# Note:  Putting a password directly on a command line is generally considered to be a
# security breach, because it can then be read by any user with a simple "ps" command.
# So we don't want to use the --password option on the mysql command.  To get around that
# constraint while allowing this script to be runnable as a non-interactive cron job, we
# set up and use a temporary options file just for our own use, taking care never to expose
# the credentials while we do so, and taking care to clean it up afterward.

my_local_cnf="/var/tmp/my_local.cnf.$$"
trap "/bin/rm -f $my_local_cnf;" EXIT
touch $my_local_cnf
chmod 600 $my_local_cnf
cat > $my_local_cnf << eof 
[mysql]
user=root
password=$MYSQL_ROOT
eof

if [ "$is_a_tty" -ne 0 -o "$send_email" -ne 0 ]; then
    verbose_options="-v -v -v"
else
    verbose_options=
fi

/usr/local/groundwork/mysql/bin/mysql --defaults-extra-file=$my_local_cnf $verbose_options << EOF
use mysql
delete from user where Host='%' and Password='';
delete from user where Host='%' and User='jboss';
delete from user where User='';
quit
EOF