Bug#800009: [debian-mysql] Bug#800009: Bug#800009: Workaround found

[Otto Kekäläinen]

This issue is now fixed in 10.0.23-1 as the passwordless root account
authenticated via unix socket is only used on fresh installs. Old
installs will continue to use any root password previously set.

Bug#800009: [debian-mysql] Bug#800009: Workaround found

[Otto Kekäläinen]

2015-09-25 12:51 GMT+03:00 Matijs van Zuijlen :
> Given that mariadb ships with a tool that sets a password on the root user, 
> this
> situation is suboptimal.
>
> The MariaDB startup scripts should allow root to be identified either way, and
> allow the system administrator to specify the password in 
> /etc/mysql/debian.cnf.

Yes, current situation is a bit suboptimal.

Note that the password in /etc/mysql/debian.cnf is not for the root
user, but for the debian-sys-maint, which in itself is an old hack to
allow the mysqld init scripts to interact with the mysqld process.

I am happy to accept patches if you have an good solution and have
time to test that is works in both install and upgrade scenarios
correctly, allowing both the root user to access mysql nicely and the
init scripts to run and access mysqld nicely without the old
debian-sys-maint hack.

Bug#800009: Workaround found

[Matijs van Zuijlen]

Ah, but then access with a password is no longer possible.

Given that mariadb ships with a tool that sets a password on the root user, this
situation is suboptimal.

The MariaDB startup scripts should allow root to be identified either way, and
allow the system administrator to specify the password in /etc/mysql/debian.cnf.

On 25/09/15 11:41, Matijs van Zuijlen wrote:
> After some more digging, I realized it is not required for root to have no
> password; it just needs to *also* have privileges granted when identified via
> unix socket. I executed the following as the root user:
> 
> GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA 
> unix_socket;
> 
> Startup and automatic upgrade proceeded normally after that.
> 
> I still believe the MariaDB installation should check and correct this.
> 
> Regards,
> 


Regards,
-- 
Matijs



signature.asc
Description: OpenPGP digital signature

Bug#800009: Workaround found

[Matijs van Zuijlen]

After some more digging, I realized it is not required for root to have no
password; it just needs to *also* have privileges granted when identified via
unix socket. I executed the following as the root user:

GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA 
unix_socket;

Startup and automatic upgrade proceeded normally after that.

I still believe the MariaDB installation should check and correct this.

Regards,
-- 
Matijs



signature.asc
Description: OpenPGP digital signature