[debian-mysql] Bug#800009: Bug#800009: mariadb-server-10.0: Assumes root has no password without ensuring this is true

Otto Kekäläinen otto at seravo.fi
Fri Sep 25 12:15:02 UTC 2015 

Hello!

2015-09-25 11:56 GMT+03:00 Matijs van Zuijlen <matijs at matijs.net>:
> Package: mariadb-server-10.0
> Version: 10.0.21-3
> Severity: normal
>
> I upgraded to mariadb from mysql. My mysql root user had a password, but
> mariadb assumes it does not and now I get errors in my log like so, :
>
>     Sep 24 09:22:40 walnut mysqld: Version: '10.0.21-MariaDB-3'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  Debian unstable
>     Sep 24 09:22:41 walnut mysql[1384]: Starting MariaDB database server: mysqld ..
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2256]: Upgrading MySQL tables if necessary.
>     Sep 24 09:22:41 walnut systemd[1]: Started LSB: Start and stop the mysql database server daemon.
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: /usr/bin/mysql_upgrade: the '--basedir' option is always ignored
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: Looking for 'mysql' as: /usr/bin/mysql
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: Looking for 'mysqlcheck' as: /usr/bin/mysqlcheck
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: Version check failed. Got the following error when calling the 'mysql' command line client
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2262]: FATAL ERROR: Upgrade failed
>     Sep 24 09:22:41 walnut /etc/mysql/debian-start[2324]: Checking for insecure root accounts.
>     Sep 24 09:22:41 walnut mysql[1384]: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

Thanks for reporting this. Currently the MariaDB version in Debian
unstable uses passwordless root login (via unix_socket) in all
situations. We have planned to change it so, that passwordless root
login is used only in fresh installs, and that upgrades from old
installs should continue to keep using any root password that was, and
not clean it away. This is not yet implemented though.

This issue is being discussed in upstream issue
https://mariadb.atlassian.net/browse/MDEV-8375

> I could possibly tell these scripts about the password in
> /etc/mysql/debian.cnf, but that file has a big warning not to modify it.

In this case it should be save to add the debian-maint user password
in that file.

More information about the pkg-mysql-maint mailing list