Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.0(EOL)
-
None
Description
Reported by otto:
- danblack did a great job helping me to transform the current Debian Sid packaging on MariaDB 10.0 to use the socket auth for the root user, thus no mysql/mariadb root password is needed anymore
- This new system works great for new installs, but users who had been using a root account with a password get confused when it suddently disappears during an upgrade, eg. https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1447808
- The Debian mariadb-server-10.0.preinst and .postinst scripts should be engineered so that they detect if an upgrade is taking place (if there was a previous root password or if the database is blank) and in those cases where a root password did previously exist, it should still be possible to log in also using the password.
- Daniel black drafted https://github.com/ottok/mariadb-10.0/pull/23/files but I don't understand how it solves this situation.
Attachments
Issue Links
- includes
-
-
- Closed
-
- is blocked by
-
MDEV-6284 Merge downstream Debian/Ubuntu packaging into upstream MariaDB
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
-
- Closed
-
Activity
This is the single biggest issue that has stopped me from upstreaming the Debian packaging changes to first 10.1, then 10.2, then 10.3 etc..
I really hope that in the 10.4 cycle we can start doing this in the upstream MariaDB.org packages as well, so we get rid of many maintainer script and configuration differences between the different Debian packaging versions.
The delta between the versions slow down everything else, because it adds complexity when the same thing can exists in many versions, and makes it harder to grasp to overall situation everywhere. Once this is merged upstream, expect all other packaging bugs to get closed much faster.
otto, so you you want MariaDB upstream to be the same as Debian packaging. I get that. What problems in the Passwordless root login solving for Debian and how? What are the test cases around this packaging?
Can the end user confusion over root login be solved with a auth_socket account for the mysql unix user (would help solve MDEV-16621 by using the mysql user in logrotate)?
mysql_install_db (MDEV-14578, 10.2+) installs the auth_socket plugin if `--auth-root-authentication-method=socket` is specified.
otto, this task depends on MDEV-11340, which is supposed to be implemented in 10.4. So if it'll go as planned, this task will be done in 10.4 as well.
Unix socket authentication has been available also in upstream since 10.4. All corner cases and regressions related to it should be fixed by now, so closing this issue.
This has been implemented in Debian and Ubuntu for a while, but as confirmed by ratzpo in the MariaDB Developers Meeting in Amsterdam 2016, it was not in the 10.2 roadmap and it is too late to include it now. So this is postponed to 10.3. Yet another year (or more) to wait...