[debian-mysql] Bug#878215: doc: please explain if running mysql_secure_installation is needed or not, and why

Yvan Masson yvan at masson-informatique.fr
Wed Oct 11 07:56:37 UTC 2017 

Package: mariadb-server-10.1
Version: 10.1.26-1
Severity: minor

Dear Maintainers,

Many (if not all) online tutorials claim that it is important to run
mysql_secure_installation right after installing mysql/mariadb.

But, /usr/share/doc/mariadb-server-10.1/README.Debian.gz says the following:
------------------------
* WHAT TO DO AFTER INSTALLATION:
================================
The MySQL manual describes certain steps to do at this stage in a
separate chapter. They are not necessary as the Debian packages does
them automatically.

The only thing that is left over for the admin is
 - creating new users and databases
 - read the rest of this text
------------------------

Indeed, if my understanding is correct, the Debian default installation
makes mysql_secure_installation useless, because it:
- listens only on localhost
- allows anonymous root login only using unix socket, and so is
restricted to the local "root" unix user (or users with "sudo" rights)
- does not contain a "test" database

If so, I believe that for many users the current instructions are not
sufficiently clear. Could you add:
- if running mysql_secure_installation is needed or not for basic usage
- the reasons of this statement

Best regards,
Yvan Masson



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.12.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mariadb-server-10.1 depends on:
ii  adduser                   3.116
ii  debconf                   1.5.63
ii  galera-3                  25.3.20-1
ii  gawk                      1:4.1.4+dfsg-1
ii  init-system-helpers       1.49
ii  iproute2                  4.9.0-2
ii  libaio1                   0.3.110-4
ii  libc6                     2.24-17
ii  libdbi-perl               1.637-1
ii  libpam0g                  1.1.8-3.6
ii  libstdc++6                7.2.0-8
ii  libsystemd0               234-3
ii  lsb-base                  9.20170808
ii  lsof                      4.89+dfsg-0.1
ii  mariadb-client-10.1       10.1.26-1
ii  mariadb-common            10.1.26-1
ii  mariadb-server-core-10.1  10.1.26-1
ii  passwd                    1:4.5-1
ii  perl                      5.26.0-8
ii  psmisc                    23.1-1
ii  rsync                     3.1.2-2
ii  socat                     1.7.3.2-1
ii  zlib1g                    1:1.2.8.dfsg-5

Versions of packages mariadb-server-10.1 recommends:
ii  libhtml-template-perl  2.95-2

Versions of packages mariadb-server-10.1 suggests:
ii  mailutils [mailx]  1:3.2-1
pn  mariadb-test       <none>
ii  netcat-openbsd     1.178-3
pn  tinyca             <none>

-- debconf information excluded

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 874 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20171011/12d20291/attachment.sig>

More information about the pkg-mysql-maint mailing list