Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.4(EOL)
-
None
Description
mysql_secure_installation performs direct updates on mysql.global_priv. If it is instructed to set a password for root, it inserts the authentication_string value, but not password_last_changed, and then it reloads privileges. So, if the server is running with non-zero default_password_lifetime, the rest of the script will fail, as root won't be allowed to do anything anymore.
Change the root password? [Y/n] y |
New password: |
Re-enter new password: |
Password updated successfully! |
Reloading privilege tables..
|
... Success!
|
|
|
By default, a MariaDB installation has an anonymous user, allowing anyone |
to log into MariaDB without having to have a user account created for |
them. This is intended only for testing, and to make the installation |
go a bit smoother. You should remove them before moving into a |
production environment.
|
|
Remove anonymous users? [Y/n] y
|
ERROR 1820 (HY000) at line 1: You must SET PASSWORD before executing this statement |
... Failed!
|
If it default_password_lifetime is configured later , then root will get blocked as soon as the value is set, even if it's only been minutes after mysql_secure_installation had finished, which is also somewhat embarrassing.
Attachments
Issue Links
- relates to
-
MDEV-19519 mysql_install_db.exe doesn't set password_last_changed for newly created password
- Closed