Hello List I've recently compiled and installed the latest stable version of MySQL from source file mysql-4.0.20.tar.gz on Red Hat Linux Advanced Server 3 (without installing the version of MySQL contained within the Red Hat OS install), using the standard configure, make and make install. For security I gave the root user a password using the mysqladmin utility. Everything has been running perfectly apart from the mysqlaccess utility, which only appears to work once root has had its password set to '':
>>>> Thus with password set to '': [EMAIL PROTECTED] bin]# mysqlaccess root mysql mysqlaccess Version 2.06, 20 Dec 2000 By RUG-AIV, by Yves Carlier ([EMAIL PROTECTED]) Changes by Steve Harvey ([EMAIL PROTECTED]) This software comes with ABSOLUTELY NO WARRANTY. Access-rights for USER 'root', from HOST 'localhost', to DB 'mysql' +-----------------+---+ +-----------------+---+ | Select_priv | Y | | Show_db_priv | Y | | Insert_priv | Y | | Super_priv | Y | | Update_priv | Y | | Create_tmp_table_priv | Y | | Delete_priv | Y | | Lock_tables_priv | Y | | Create_priv | Y | | Execute_priv | Y | | Drop_priv | Y | | Repl_slave_priv | Y | | Reload_priv | Y | | Repl_client_priv | Y | | Shutdown_priv | Y | | Ssl_type | ? | | Process_priv | Y | | Ssl_cipher | ? | | File_priv | Y | | X509_issuer | ? | | Grant_priv | Y | | X509_subject | ? | | References_priv | Y | | Max_questions | 0 | | Index_priv | Y | | Max_updates | 0 | | Alter_priv | Y | | Max_connections | 0 | +-----------------+---+ +-----------------+---+ BEWARE: Everybody can access your DB as user `root' from host `localhost' : WITHOUT supplying a password. : Be very careful about it!! The following rules are used: db : 'No matching rule' host : 'Not processed: host-field is not empty in db-table.' user : 'localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y ','Y','Y','Y','Y','Y','Y','Y','','','','','0','0','0' BUGs can be reported by email to [EMAIL PROTECTED] >>> Change the password from '' to 'password' (thus no special characters in the password): [EMAIL PROTECTED] bin]# mysqladmin -u root -p password 'password' Enter password: [EMAIL PROTECTED] bin]# mysqladmin -u root -p status Enter password: Uptime: 15310 Threads: 1 Questions: 323 Slow queries: 0 Opens: 12 Flush tables: 1 Open tables: 4 Queries per second avg: 0.021 >>>> Now try to run mysqlaccess with the new password: [EMAIL PROTECTED] bin]# mysqlaccess -u root -p -d mysql mysqlaccess Version 2.06, 20 Dec 2000 By RUG-AIV, by Yves Carlier ([EMAIL PROTECTED]) Changes by Steve Harvey ([EMAIL PROTECTED]) This software comes with ABSOLUTELY NO WARRANTY. Password for MySQL user root: Broken pipe >>>> Checking everything else is still alright with the new password: [EMAIL PROTECTED] bin]# mysqladmin -u root --password='password' status Uptime: 15375 Threads: 1 Questions: 324 Slow queries: 0 Opens: 12 Flush tables: 1 Open tables: 4 Queries per second avg: 0.021 >>>>> Reset password to '': [EMAIL PROTECTED] bin]# mysqladmin -u root -p password '' Enter password: [EMAIL PROTECTED] bin]# mysqlaccess -u root -p -d mysql mysqlaccess Version 2.06, 20 Dec 2000 By RUG-AIV, by Yves Carlier ([EMAIL PROTECTED]) Changes by Steve Harvey ([EMAIL PROTECTED]) This software comes with ABSOLUTELY NO WARRANTY. Password for MySQL user root: Access-rights for USER 'root', from HOST 'localhost', to DB 'mysql' +-----------------+---+ +-----------------+---+ | Select_priv | Y | | Show_db_priv | Y | | Insert_priv | Y | | Super_priv | Y | | Update_priv | Y | | Create_tmp_table_priv | Y | | Delete_priv | Y | | Lock_tables_priv | Y | | Create_priv | Y | | Execute_priv | Y | | Drop_priv | Y | | Repl_slave_priv | Y | | Reload_priv | Y | | Repl_client_priv | Y | | Shutdown_priv | Y | | Ssl_type | ? | | Process_priv | Y | | Ssl_cipher | ? | | File_priv | Y | | X509_issuer | ? | | Grant_priv | Y | | X509_subject | ? | | References_priv | Y | | Max_questions | 0 | | Index_priv | Y | | Max_updates | 0 | | Alter_priv | Y | | Max_connections | 0 | +-----------------+---+ +-----------------+---+ BEWARE: Everybody can access your DB as user `root' from host `localhost' : WITHOUT supplying a password. : Be very careful about it!! The following rules are used: db : 'No matching rule' host : 'Not processed: host-field is not empty in db-table.' user : 'localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y ','Y','Y','Y','Y','Y','Y','Y','','','','','0','0','0' BUGs can be reported by email to [EMAIL PROTECTED] Can anyone tell me what's wrong here or how to solve this. As stated before, my install is a standard source compile, no path changes (i.e. installed to /usr/local/...), and the mysqld daemon is running. I researched further into this on the lists and Google and found this thread from Stephen Figgins: http://lists.mysql.com/mysql/11904 which Stephen solved with http://lists.mysql.com/mysql/11921 but although the symptoms displayed in his install are the same as mine, the solution is not applicable to the above, as I've been testing mysqlaccess with the password "password" (amongst others) which doesn't contain any special characters. TIA Kemi This email is confidential and intended solely for the use of the individual to whom it is addressed. The contents of this message will not be in any way binding upon the Big Lottery Fund. Opinions, conclusions, contractual obligations and other information in this message, in so far as they relate to the official business of the Big Lottery Fund, must be specifically confirmed in writing by the Big Lottery Fund. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited.