From 6db8aa604162fc42c50d276eaeb4b2b34a6e943a Mon Sep 17 00:00:00 2001
From: willcl-ark <will@256k1.dev>
Date: Tue, 16 Jan 2024 10:14:47 +0000
Subject: [PATCH] contrib: remove rpcpassword from init scripts

Init scripts will now warn, but not exit, if deprecated rpcuser or
rpcpassword keys are found.
---
 contrib/init/bitcoind.conf   | 25 +++++++++----------------
 contrib/init/bitcoind.openrc | 31 +++++++++++--------------------
 2 files changed, 20 insertions(+), 36 deletions(-)

diff --git a/contrib/init/bitcoind.conf b/contrib/init/bitcoind.conf
index dde1bd0c4d16b7..2c28f4b0c8ef21 100644
--- a/contrib/init/bitcoind.conf
+++ b/contrib/init/bitcoind.conf
@@ -24,24 +24,17 @@ pre-start script
     # long after forking, leaving upstart to think everything started fine.
     # since this is a commonly encountered case on install, just check and
     # warn here.
-    if ! grep -qs '^rpcpassword=' "$BITCOIND_CONFIGFILE" ; then
-        echo "ERROR: You must set a secure rpcpassword to run bitcoind."
-        echo "The setting must appear in $BITCOIND_CONFIGFILE"
-        echo
-        echo "This password is security critical to securing wallets "
-        echo "and must not be the same as the rpcuser setting."
-        echo "You can generate a suitable random password using the following "
-        echo "command from the shell:"
-        echo
-        echo "bash -c 'tr -dc a-zA-Z0-9 < /dev/urandom | head -c32 && echo'"
-        echo
-        echo "It is recommended that you also set alertnotify so you are "
-        echo "notified of problems:"
+
+    # check for deprecated rpcuser and rpcpassword settings
+    if grep -qs '^rpcuser=' "$BITCOIND_CONFIGFILE" || grep -qs '^rpcpassword=' "$BITCOIND_CONFIGFILE"; then
+        echo "WARNING: The `rpcuser` and `rpcpassword` options are now deprecated and should be removed from the configuration file."
+        echo "Use cookie file or the `rpcauth` configuration setting for RPC authentication."
+        echo "See share/rpcauth/README.md for more information on `rpcauth`."
+        echo "The presence of `rpcuser` or `rpcpassword` in $BITCOIND_CONFIGFILE will in a future version cause bitcoind to fail startup."
         echo
-        echo "ie: alertnotify=echo %%s | mail -s \"Bitcoin Alert\"" \
-            "admin@foo.com"
+        echo "It is recommended that you also set alertnotify so you are notified of problems:"
         echo
-        exit 1
+        echo "ie: alertnotify=echo %%s | mail -s \"Bitcoin Alert\" admin@foo.com"
     fi
 
     mkdir -p "$BITCOIND_PIDDIR"
diff --git a/contrib/init/bitcoind.openrc b/contrib/init/bitcoind.openrc
index 013a1a607027cd..c0ac96f3678c79 100644
--- a/contrib/init/bitcoind.openrc
+++ b/contrib/init/bitcoind.openrc
@@ -1,6 +1,6 @@
 #!/sbin/openrc-run
 
-# backward compatibility for existing gentoo layout 
+# backward compatibility for existing gentoo layout
 #
 if [ -d "/var/lib/bitcoin/.bitcoin" ]; then
 	BITCOIND_DEFAULT_DATADIR="/var/lib/bitcoin/.bitcoin"
@@ -69,25 +69,16 @@ start_pre() {
 
 checkconfig()
 {
-	if grep -qs '^rpcuser=' "${BITCOIND_CONFIGFILE}" && \
-		! grep -qs '^rpcpassword=' "${BITCOIND_CONFIGFILE}" ; then
+    # check for deprecated rpcuser and rpcpassword settings
+    if grep -qs '^rpcuser=' "$BITCOIND_CONFIGFILE" || grep -qs '^rpcpassword=' "$BITCOIND_CONFIGFILE"; then
+        eerror "WARNING: The `rpcuser` and `rpcpassword` options are now deprecated and should be removed from the configuration file."
+        eerror "Use cookie file or the `rpcauth` configuration setting for RPC authentication."
+        eerror "See share/rpcauth/README.md for more information on `rpcauth`."
+        eerror "The presence of `rpcuser` or `rpcpassword` in $BITCOIND_CONFIGFILE will in a future version cause bitcoind to fail startup."
+        eerror ""
+		eerror "It is recommended that you also set alertnotify so you are notified of problems:"
 		eerror ""
-		eerror "ERROR: You must set a secure rpcpassword to run bitcoind."
-		eerror "The setting must appear in ${BITCOIND_CONFIGFILE}"
+		eerror "ie: alertnotify=echo %%s | mail -s \"Bitcoin Alert\" admin@foo.com"
 		eerror ""
-		eerror "This password is security critical to securing wallets "
-		eerror "and must not be the same as the rpcuser setting."
-		eerror "You can generate a suitable random password using the following "
-		eerror "command from the shell:"
-		eerror ""
-		eerror "bash -c 'tr -dc a-zA-Z0-9 < /dev/urandom | head -c32 && echo'"
-		eerror ""
-		eerror "It is recommended that you also set alertnotify so you are "
-		eerror "notified of problems:"
-		eerror ""
-		eerror "ie: alertnotify=echo %%s | mail -s \"Bitcoin Alert\"" \
-			"admin@foo.com"
-		eerror ""
-		return 1
-	fi
+    fi
 }