MariaDB is not checking password on Ubuntu 15.04

2020-07-17 15:33发布

问题:

I installed Ubuntu Server 15.04 and MariaDB 10.0.17 on my server.

When install MariaDB, I can't see password setting page, and install is complete.

So I try to change my root password using SET PASSWORD and UPDATE table.

But, not happened.

I can access MySQL using any password and no password.
Like this:

root@kuroneko-Server:~# mysql -uroot -p
Enter password: [Type 'itsnotpassword']
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 34
Server version: 10.0.17-MariaDB-0ubuntu1 (Ubuntu)

Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>



I already tring flush privileges; and service mysql restart.
Reinstall ubuntu, reinstall mariadb... etc.

service mysql status:

root@kuroneko-Server:~# service mysql status
● mysql.service - LSB: Start and stop the mysql database server daemon
   Loaded: loaded (/etc/init.d/mysql)
   Active: active (running) since 금 2015-05-22 11:17:41 EDT; 34min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 8127 ExecStop=/etc/init.d/mysql stop (code=exited, status=0/SUCCESS)
  Process: 8158 ExecStart=/etc/init.d/mysql start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/mysql.service
           ├─8183 /bin/bash /usr/bin/mysqld_safe
           ├─8184 logger -p daemon.err -t /etc/init.d/mysql -i
           └─8338 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-error=/var/log/mysql/error.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306

 5월 22 11:17:40 kuroneko-Server systemd[1]: Starting LSB: Start and stop the mysql database server daemon...
 5월 22 11:17:40 kuroneko-Server mysql[8158]: * Starting MariaDB database server mysqld
 5월 22 11:17:41 kuroneko-Server mysql[8158]: ...done.
 5월 22 11:17:41 kuroneko-Server systemd[1]: Started LSB: Start and stop the mysql database server daemon.


MariaDB setting.

[mysqld]
#
# * Basic Settings
#
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking

# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address            = 127.0.0.1

#
# * Fine Tuning
#
key_buffer              = 16M
max_allowed_packet      = 16M
thread_stack            = 192K
thread_cache_size       = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover         = BACKUP
#max_connections        = 100
#table_cache            = 64
#thread_concurrency     = 10

#
# * Query Cache Configuration
#
query_cache_limit       = 1M
query_cache_size        = 16M

#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file        = /var/log/mysql/mysql.log
#general_log             = 1
#
# Error log - should be very few entries.
#
log_error = /var/log/mysql/error.log
#
# Here you can see queries with especially long duration
#log_slow_queries       = /var/log/mysql/mysql-slow.log
#long_query_time = 2
#log-queries-not-using-indexes
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
#       other settings you may need to change.
#server-id              = 1
#log_bin                        = /var/log/mysql/mysql-bin.log
expire_logs_days        = 10
max_binlog_size   = 100M
#binlog_do_db           = include_database_name
#binlog_ignore_db       = include_database_name

#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!

#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem

#
# * Character sets
#
# Default is Latin1, if you need UTF-8 set all this (also in client section)
#
character-set-server  = utf8
collation-server      = utf8_general_ci
character_set_server   = utf8
collation_server       = utf8_general_ci

#
# * Unix socket authentication plugin
#
# Needed so the root database user can authenticate without a password but
# only when running as the unix root user.
#
# Also available for other users if required.
# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
plugin-load-add         = auth_socket.so


Does anyone know about this?

I can't find any information about this problem.

回答1:

The answer is right there in your config file

#
# * Unix socket authentication plugin
#
# Needed so the root database user can authenticate without a password but
# only when running as the unix root user.
#
# Also available for other users if required.
# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
plugin-load-add         = auth_socket.so

The auth_socket.so allows when you are the root, to login without password prompt. So you can ideally login with just typing "mysql"



回答2:

See: http://ubuntuforums.org/showthread.php?t=2275033

And execute the below sql:

USE mysql; 

UPDATE user 
SET password=PASSWORD('NEW_PASSWORD'), 
    plugin='' 
WHERE user='root';

FLUSH PRIVILEGES;

PS: Because of safe consideration, the plugin field on root users was set, in order to prevent non-root user login. So cancelling that plugin will work.



回答3:

MariaDB 10.0.17 cannot access root with non-root user.
(Includ web access)

And anyone can access MariaDB root with ubuntu root user.
(Not Certification)

So make new root2 user to managed mysql on web.



回答4:

Unix socket authentication plugin is built-in since 10.0.22-6

Needed so the root database user can authenticate without a password but only when running as the unix root user.

Also available for other users if required. See https://mariadb.com/kb/en/unix_socket-authentication-plugin/