Use canonical MySQL root pwd reset procedure
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
Fix Released
|
Medium
|
Petr Malik |
Bug Description
Use canonical MySQL root pwd reset procedure
Current Implementation:
Trove restores InnoDB backups by operating directly on the file system.
This means that the restored database would still use
the old (and potentially no longer available) root password.
Trove therefore needs to reset the password on the restored databases.
This was originally done by starting the service in the
safe mode (which allows root login without password) and
executing 'SET PASSWORD FOR ...' statement to reset the password.
Proposed Improved Solution:
The recommended generic procedure for resetting a 'forgotten' root
password is documented in the official MySQL doc:
http://
This recommended procedure, as opposed to the original one,
is also compatible with other MySQL-derived datastores.
Changed in trove: | |
importance: | Undecided → Low |
milestone: | none → kilo-3 |
importance: | Low → Medium |
Changed in trove: | |
status: | Fix Committed → Fix Released |
Changed in trove: | |
milestone: | kilo-3 → 2015.1.0 |
Reviewed: https:/ /review. openstack. org/152262 /git.openstack. org/cgit/ openstack/ trove/commit/ ?id=1017d6824e7 9ba811d9b4e4361 c881ac5654bf06
Committed: https:/
Submitter: Jenkins
Branch: master
commit 1017d6824e79ba8 11d9b4e4361c881 ac5654bf06
Author: Petr Malik <email address hidden>
Date: Fri Jan 30 13:27:42 2015 -0500
Use canonical MySQL root pwd reset procedure
Current Implementation:
Trove restores InnoDB backups by operating directly on the file system.
This means that the restored database would still use
the old (and potentially no longer available) root password.
Trove therefore needs to reset the password on the restored databases.
This was originally done by starting the service in the
safe mode (which allows root login without password) and
executing 'SET PASSWORD FOR ...' statement to reset the password.
Proposed Improved Solution: dev.mysql. com/doc/ refman/ 5.6/en/ resetting- permissions. html
The recommended generic procedure for resetting a 'forgotten' root
password is documented in the official MySQL doc:
http://
Added '--skip- grant-tables' to 'mysqld_safe' startup parameters.
That is required for unrestricted access to the user table.
The server can be instructed to start using grant tables at any
time by executing 'FLUSH PRIVILEGES' statement.
Added '--skip-networking' to prevent anybody from sneaking in
across the network while resetting the root password.
Replaced the password-reset statement with a direct user table update
followed by 'FLUSH PRIVILEGES'.
Removed '--protocol' parameter from the mysqladmin shutdown call,
as we started the database with '--skip-networking' and the guestagent
is running locally anyways.
We also check for errors in the password-reset stage,
so that a proper error message (including cause) can be logged.
Tested with MySQL 5.5/5.6 and Percona
Closes-Bug: 1419995 d61573c564335b5 29d7a1da52a
Change-Id: I86777c4177cb46