Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25326

mysql_install_db help text incomplete

    XMLWordPrintable

    Details

      Description

      mysql_install_db prints at the end

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server, then issue the following commands:"
          echo
          echo "'$bindir/mysqladmin' -u root password 'new-password'"
          echo "'$bindir/mysqladmin' -u root -h $hostname password 'new-password'"
          echo
          echo "Alternatively you can run:"
          echo "'$bindir/mysql_secure_installation'"
          echo
      

      But in fact it creates four root accounts, root@localhost, root@hostname, root@127.0.0.1, root@::1, the last two only accessible with skip_name_resolve=1 and (for the last one) with ipv6 support.

      How to fix the instruction to cover all root accounts? There are various possibilities.

      Option one

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server with the --skip-name-resolve, then issue the following commands:"
          echo
          echo "'$bindir/mysqladmin' -u root password 'new-password'"
          echo "'$bindir/mysqladmin' -u root -h $hostname password 'new-password'"
          echo "'$bindir/mysqladmin' -u root -h 127.0.0.1 password 'new-password'"
          echo "'$bindir/mysqladmin' -u root -h ::1 password 'new-password'"
          echo
          echo "Alternatively you can run:"
          echo "'$bindir/mysql_secure_installation'"
          echo
      

      This explicitly tells the user to "start the server with the --skip-name-resolve", not the easiest approach.

      Option two

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server, then issue the following commands:"
          echo
          echo "'$bindir/mysql' -u root -e 'UPDATE mysql.user SET password=password(\"new-password\") WHERE user=\"root\";flush privileges'"
          echo
          echo "Alternatively you can run:"
          echo "'$bindir/mysql_secure_installation'"
          echo
      

      This updates all root users and only one command instead of four (or two). But more sensitive to correct pasting and to quotes inside a password. And it does exactly what the manual tells not to do — direct update of a privilege table.

      Option three

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server, then issue the following commands:"
          echo
          echo "'$bindir/mysql' -u root -e 'SET PASSWORD FOR root@\"$hostname\" = PASSWORD(\"new-password\")'" 
          echo "'$bindir/mysql' -u root -e 'SET PASSWORD FOR root@\"127.0.0.1\" = PASSWORD(\"new-password\")'" 
          echo "'$bindir/mysql' -u root -e 'SET PASSWORD FOR root@\"::1\" = PASSWORD(\"new-password\")'" 
          echo "'$bindir/mysql' -u root -e 'SET PASSWORD FOR root@\"localhost\" = PASSWORD(\"new-password\")'" 
          echo
          echo "Alternatively you can run:"
          echo "'$bindir/mysql_secure_installation'"
          echo
      

      No direct updates, but four commands to copy, four times to repeat the password. And as sensitive to correct pasting and quotes as the option two.

      Option four

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server, then run:"
          echo "'$bindir/mysql_secure_installation'"
          echo
      

      The shortest possible. But will ask more questions than just about root password.

      Option five

      If our task is to make it as easy as possible for the end user, how about this:

      mariadb_set_password  --user=root [--for-user=root] [--for-hostname=hostname, hostname]
      

      If for-hostname is not set, then it would set for all accounts for that user. If for-user is not set, then change the account for the current user.
      This would also work nicely for installations where the root user is renamed.

      The benefit of a script is that in that one we can, in case of no hostname, we can directly manipulate that user table if we would need to do that.

      Another option is to extend mariadb_admin to do this, but with the same options as above.

      This would allow us to write:

          echo "PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !"
          echo "To do so, start the server, then run:"
          echo "mariadb_set_password --user=root"
          echo "or"
          echo "'$bindir/mysql_secure_installation'"
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              serg Sergei Golubchik
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: