Comment 2 for bug 1979726

I would say this bug should not be that critical. As mysqlclient will try socket auth first before trying password one.

By default file looks like this:

[client]
host = localhost
user = root
password =
socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host = localhost
user = root
password =
socket = /var/run/mysqld/mysqld.sock

And even if you define any random password there, and pass it to client, connection will still succeed:

root@server-0624-01023:/home/ubuntu# cat /etc/mysql/debian.cnf
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host = localhost
user = root
password = qwerty1234
#socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host = localhost
user = root
password = qwerty1234
#socket = /var/run/mysqld/mysqld.sock
root@server-0624-01023:/home/ubuntu# mysql --defaults-file=/etc/mysql/debian.cnf
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 54
Server version: 10.3.34-MariaDB-0ubuntu0.20.04.1 Ubuntu 20.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> Bye
root@server-0624-01023:/home/ubuntu#

But I think we still should avoid placing this file for non-Debian distros and if our user is not root but admin.