mysql_secure_installation can not set root password and ends up with loop
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mysql-8.0 (Ubuntu) |
Fix Released
|
Undecided
|
Lena Voytek | ||
Focal |
Fix Released
|
Undecided
|
Lena Voytek | ||
Jammy |
Fix Released
|
Undecided
|
Lena Voytek | ||
Kinetic |
Won't Fix
|
Undecided
|
Lena Voytek | ||
Lunar |
Fix Released
|
Undecided
|
Lena Voytek |
Bug Description
[Impact]
Running mysql_secure_
The fix for this issue should be added to stable releases to allow mysql_secure_
This issue is fixed by removing the portion of the script that sets a root password.
[Test Plan]
# lxc launch images:ubuntu/jammy test-mysql
# lxc exec test-mysql bash
# apt update && apt dist-upgrade -y
# apt install mysql-server -y
# mysql_secure_
> Before the fix the script will show the following, being stuck in an infinite loop:
...
Please set the password for root here.
New password:
Re-enter new password:
... Failed! Error: SET PASSWORD has no significance for user 'root'@'localhost' as the authentication method used doesn't store authentication data in the MySQL server. Please consider using ALTER USER instead if you want to change authentication parameters.
New password:
...
> After the fix it will show the following:
...
Skipping password set for %s as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https:/
...
[Where problems could occur]
With this change, problems could occour in the future if a root password is assumed to exist after mysql_secure_
[Original Description]
When I am trying to use mysql_secure_
To reproduce the bug:
apt install mysql-server
mysql_secure_
Version:
Ubuntu Server 20.04.4
mysql-server (8.0.29-
Logs:
root@server# mysql_secure_
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: n
Please set the password for root here.
New password:
Re-enter new password:
... Failed! Error: SET PASSWORD has no significance for user 'root'@'localhost' as the authentication method used doesn't store authentication data in the MySQL server. Please consider using ALTER USER instead if you want to change authentication parameters.
New password:
Related branches
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 60 lines (+38/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/mysql_secure_installation-remove-root-pw-creation.patch (+30/-0)
debian/patches/series (+1/-0)
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 60 lines (+38/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/mysql_secure_installation-remove-root-pw-creation.patch (+30/-0)
debian/patches/series (+1/-0)
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 60 lines (+38/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/mysql_secure_installation-remove-root-pw-creation.patch (+30/-0)
debian/patches/series (+1/-0)
- git-ubuntu bot: Approve
- Miriam España Acebal (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 60 lines (+38/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/mysql_secure_installation-remove-root-pw-creation.patch (+30/-0)
debian/patches/series (+1/-0)
- git-ubuntu bot: Approve
- Miriam España Acebal (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 45 lines (+18/-0) (has conflicts)1 file modifieddebian/changelog (+18/-0)
Changed in mysql-8.0 (Ubuntu): | |
assignee: | nobody → Lena Voytek (lvoytek) |
tags: |
added: server-todo removed: server-triage-discuss |
Changed in mysql-8.0 (Ubuntu): | |
status: | Confirmed → In Progress |
Changed in mysql-8.0 (Ubuntu Focal): | |
assignee: | nobody → Lena Voytek (lvoytek) |
Changed in mysql-8.0 (Ubuntu Jammy): | |
assignee: | nobody → Lena Voytek (lvoytek) |
Changed in mysql-8.0 (Ubuntu Kinetic): | |
assignee: | nobody → Lena Voytek (lvoytek) |
description: | updated |
Changed in mysql-8.0 (Ubuntu Kinetic): | |
status: | New → In Progress |
Changed in mysql-8.0 (Ubuntu Jammy): | |
status: | New → In Progress |
Changed in mysql-8.0 (Ubuntu Focal): | |
status: | New → In Progress |
tags: | removed: verification-failed-lunar |
Status changed to 'Confirmed' because the bug affects multiple users.