Quite often there can be a situation when you have ssh access to the server, but you do not have access to the eZ Publish back-end (which is hosted at the same server). For example, single server hosts many eZ Publish projects, and you have back-end access only to some of them. Suddenly you need to get to inaccessible project`s eZ Publish back-end. Another example, the customer has provided you only ssh access, and you urgently need to create or modify eZ Publish node.
There are several possible solutions to this problem.
Ask for access to the responsible person
Talk to PM / Customer / The previous developers. This is the easiest way of solution. Unfortunately, sometimes the person who owns the access may not be available, or absent at all (for example, current password is lost). In this case, you will need to follow one of next options.
Set new password using the SQL query
This solution requires you need to have access to the database. If you do not have it, you should checkout site.ini settings file (it is located in ezpublish_root/settings/override or ezpublish_root/settings/override/siteaccess directories). With this method you can set a new password for the user with the specified login. You need to know the user`s login – the one who is the member of “Administrators” user group. By default, this user is admin.
Before you change the password, it is necessary to keep the old one (maybe somebody except you uses admin user). To do this, simply save the result of the following SQL query:
SELECT password_hash, password_hash_type FROM ezuser WHERE login = "admin"; +----------------------------------+--------------------+ | password_hash | password_hash_type | +----------------------------------+--------------------+ | c78e3b0f3d9244ed8c6d1c29464bdff9 | 2 | +----------------------------------+--------------------+
Proceed to next steps only when you will be sure that you have stored old password_hash and password_hash_type.
You can change the old password for admin user by executing the following SQL query:
UPDATE ezuser SET password_hash = MD5("new_password"), password_hash_type = 1 WHERE login = "admin"; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0
You can use any other new password instead of new_password.
After executing this query, you will be able to login into eZ Publish back-end. After successful login you should create a new user in the “Administrators” group. You should use this user instead of “admin” user all the time. When your personal user is created it is necessary to return the old password:
UPDATE ezuser SET password_hash="c78e3b0f3d9244ed8c6d1c29464bdff9", password_hash_type=2 WHERE login = "admin"; Query OK, 1 row affected (0.10 sec) Rows matched: 1 Changed: 1 Warnings: 0
Sometimes user with admin login is not stored in the database (it could be deleted). In this case, you need to get the login of any member of “Administrators” group. And you should use it instead of admin. You can do this using the following SQL query:
SELECT u.login FROM ezuser u LEFT JOIN ezcontentobject_tree t ON t.contentobject_id = u.contentobject_id WHERE t.parent_node_id = 13 LIMIT 1; +------------+ | login | +------------+ | adminlogin | +------------+ 1 row in set (0.00 sec)
But if the “Administrators” user group has been deleted, or it uses node with another node id (not 13), this method is likely to be useless.
Use nxc_master_password extension
nxc_master_password (http://projects.ez.no/nxc_master_password) is an extension that allows you to login into eZPublish as any user, using the super password. ssh access is enough to install this extension. Thats why it is a perfect solution for restoring access to the eZ Publish back-end. Next I’ll describe how it is easy to install nxc_master_password extension:
- Checkout the latest version of nxc_master_password from the github:
cd ezpublish_root/extension git clone git://github.com/nxc/nxc_master_password.git
- Add the next line
to ezpublish_root/settings/override/site.ini.append.php settings file (ExtensionSettings settings group)
- Clear eZ Publish caches
cd ezpublish_root php bin/php/ezcache.php --purge --clear-tag=ini
- Set the new super password (make sure that script has rights to create files in extension/nxc_master_password/settings directory)
cd ezpublish_root php extension/nxc_master_password/bin/php/update_password.php new_pass
You should use your own password instead of new_pass
- Now you are able to login as any user using your super password
If you are using nxc_master_password only for restoring the access to eZ Publish (and not its primary purpose). It is best to create a user member of “Administrators” group and use it. When the user is created it is better to disable/remove nxc_master_password extension because you will be in serious trouble if someone gets your super password.
Thank you for your attention and do not hesitate to subscribe for our feed. We will have many interesting posts in future
This work is licensed under a Attribution-ShareAlike 3.0 Unported License