Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-12484

Enable unix socket authentication by default

    XMLWordPrintable

Details

    Description

      We have had in Debian/Ubuntu since late 2015 unix socket authentication by default on new MariaDB installations (see MDEV-8375).

      Now in 10.3 it is time to start do this in upstream MariaDB globally.

      Via Debian we have already experience that this works well in many environments and use cases. There is a Windows equivalent for unix socket auth is called auth_namepipe and has been tested to work already in 2015.

      The remaining question is whether to have this as-is in upstream now or should we wait until we have automatic fallback to password if the unix_socket did not match (support for multiple authentication plugins).

      The Debian sources can be found here: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.1.git/tree/debian

      Note the recent rewrite by Kristian, which has been upstreamed so the capability is already in upstream: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.1.git/commit/debian/patches?id=87c1d427f66c0f351019b3a23c3b1de1089b4170

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-21928 ALTER USER doesn't remove excess authentication plugins from mysql.global_priv

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          is blocked by

          Task - A task that needs to be done. MDEV-11340 Allow multiple alternative authentication methods for the same user

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          relates to

          Task - A task that needs to be done. MDEV-12834 mysql_secure_installation should ask about unix_socket authentication

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-18736 Document --disable-unix-socket option in man page and binary

          • Major - Major loss of function.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. MDEV-18768 Automate upgrades from MySQL 5.7 with auth_socket to MariaDB with our unix_socket

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Task - A task that needs to be done. MDEV-12834 mysql_secure_installation should ask about unix_socket authentication

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-16621 Fix logrotate script

          • Major - Major loss of function.
          • Closed

          Activity

            People

              serg Sergei Golubchik
              otto Otto Kekäläinen
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.