Page 1 of 1

mariadb

Posted: Fri Aug 17, 2018 10:07 pm
by soydepr
i installed mariadb and it did not prompt me any root setup

i am able to log in using sudo mariadb -u root -p but how do i setup mariadb root password and what other configuration i missed

Re: mariadb

Posted: Fri Aug 17, 2018 10:24 pm
by W. H. Heydt
Since you can login in using flags "-u root" and '-P" (it prompts for password, doesn't it?) then your root password is set up.

Re: mariadb

Posted: Fri Aug 17, 2018 10:34 pm
by soydepr
it does not, just logs me in by just using the sudo password

Re: mariadb

Posted: Fri Aug 17, 2018 10:44 pm
by DougieLawson
That's the way it works in DebIan stretch and derivatives. Yes, it's really bad and a massive security hole.

https://websiteforstudents.com/mariadb- ... 8-04-beta/

Re: mariadb

Posted: Fri Aug 17, 2018 10:59 pm
by fbe
You can login as root using

Code: Select all

sudo mysql
You may omit -u root if you are root. And the -p option is useless because [email protected] isn't authenticated by the native password authentication plugin but by the unix socket authentication plugin in a mariadb server, when installed from Debian packages.

If you want to setup a password for the [email protected] database user, you should be aware that the installation of other packages may fail, if they need to create a database in mariadb. E.g. phpmyadmin must be installed before you setup a root password, because the builders of this package don't expect, that login as root might require a password.

Re: mariadb

Posted: Fri Aug 17, 2018 11:35 pm
by fbe
If you are root in the OS, you can restart the mariadb server without password and permission checks. The additional "security hole", that is introduced by the unix socket authentication for root is, that you don't need to restart the server, before you can login without password.

Re: mariadb

Posted: Sat Aug 18, 2018 10:42 am
by mfa298
DougieLawson wrote:
Fri Aug 17, 2018 10:44 pm
Yes, it's really bad and a massive security hole.
But is it really a security hole, if a user has root access to the server then they have full access to the data files to do whatever they want to with doesn't make any difference if they have root access on mysql or not (they can easily get it if they want).

It could be argued it's more secure as you no longer need root passwords that might be easy to remember/guess (or worse stored on the filesysem).