Mysql
即使設置了密碼,chroot 中的 mariadb 也會為使用者 ‘root’@’localhost’ 拒絕訪問
我有一個在 chroot 中執行 mariadb 的腳本,它是一個 qemu-arm-static rasoberrypi chroot,但我認為這不會有太大變化。
該腳本安裝並設置 mariadb root 使用者的密碼,然後嘗試使用設置的密碼以使用者 ‘pi’ 的身份創建數據庫。
這是腳本:
apt-get install -y mariadb-server mysqld_safe & echo "waiting for sql server to go online" sleep 10 mysql -u root <<-EOF UPDATE mysql.user SET Password=PASSWORD('root') WEHRE User='root'; DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' OR Db='test_%'; FLUSH PRIVILEGES; EOF mysql --user=root -e "select user, host, password, plugin, authentication_string from mysql.user where user='root';" mysql --user=root -e "show grants for 'root'@'localhost';" mysqladmin shutdown sleep 10 mysqld_safe & echo "waiting for sql server to go online" sleep 10 su pi -c 'mysql --user=root --password=root -e "CREATE DATABASE dbname;"' mysqladmin shutdown
這是輸出:
update-alternatives: using /usr/bin/xterm to provide /usr/bin/x-terminal-emulator (x-terminal-emulator) in auto mode update-alternatives: using /usr/bin/lxterm to provide /usr/bin/x-terminal-emulator (x-terminal-emulator) in auto mode Processing triggers for libc-bin (2.24-11+deb9u3) ... Processing triggers for systemd (232-25+deb9u2) ... W: chown to _apt:root of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (1: Operation not permitted) W: Not using locking for nfs mounted lock file /var/cache/apt/archives/lock + echo 'waiting for sql server to go online' waiting for sql server to go online + sleep 10 + mysqld_safe 180628 08:27:53 mysqld_safe Logging to syslog. 180628 08:27:54 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql + mysql -u root + mysql --user=root -e 'select user, host, password, plugin, authentication_string from mysql.user where user='\''root'\'';' user host password plugin authentication_string root localhost *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B unix_socket + mysql --user=root -e 'show grants for '\''root'\''@'\''localhost'\'';' Grants for root@localhost GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION + mysqladmin shutdown + sleep 10 + echo 'waiting for sql server to go online' waiting for sql server to go online + sleep 10 + mysqld_safe 180628 08:28:18 mysqld_safe Logging to syslog. 180628 08:28:18 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql + su pi -c 'mysql --user=root --password=root -e "CREATE DATABASE dbname;"' ERROR 1698 (28000): Access denied for user 'root'@'localhost'
以 root 身份執行
mysql
始終有效,並且不要求輸入密碼。如果我將密碼從“root”更改為其他密碼,我可以看到密碼雜湊會發生變化,但我仍然會收到“訪問被拒絕”,是否還有其他需要做的事情才能讓 root 登錄?
好的,所以問題是,感謝#maria IRC 頻道,我認為 Debian 系統(可能還有其他 posix 系統)有一個名為 unix_socket 的身份驗證外掛。此外掛不允許您使用密碼訪問 root 使用者。因此,您可以做的是創建另一個使用者,並為其授予 root 擁有的所有權限(或您想要的權限)。
這使得上面的腳本看起來像這樣,它現在是 CustomPiOS mysql 安裝模組的一部分:
# Mysql user (not root, because root is only accessible from command-line) MYSQL_USER=pi MYSQL_USER_PASSWORD=raspberry apt-get install -y mariadb-server mysqld_safe & echo "waiting for sql server to go online" sleep 10 mysql --user=root -e "CREATE USER '"${MYSQL_USER}"'@'localhost' IDENTIFIED BY '${MYSQL_USER_PASSWORD}';" mysql --user=root -e "GRANT ALL PRIVILEGES ON *.* to 'pi'@'localhost' WITH GRANT OPTION;" # Debug # mysql --user=root -e "select user, host, password, plugin, authentication_string from mysql.user;" # mysql --user=root -e "show grants for '"${MYSQL_USER}"'@'localhost';" mysqladmin shutdown # Example to create a new DB # mysqld_safe & # echo "waiting for sql server to go online" # sleep 10 # su pi -c 'mysql --user=pi --password=raspberry -e "CREATE DATABASE dbname;"' # mysqladmin shutdown echo "Done installing mysql"