On 2021-07-17, iio7 <[email protected]> wrote: > I have just installed MariaDB on a 6.9 box and I was wondering whether > adding a root password is needed? The root user can access the > database without a password by default, but IMHO if the box gets > compromised and someone reaches root access, adding a password to the > database root user doesn't really seem that useful?
In most cases it's not really needed any more since MariaDB 10.4. Prior to that it was just a username/password with high privs but now there's a check on the uid accessing via the unix socket connection. See https://mariadb.com/kb/en/authentication-from-mariadb-104/ for more details. > Also, MariaDB has been setup as per OpenBSD maintainer instructions > with: > > # install -d -m 0711 -o _mysql -g _mysql /var/www/var/run/mysql > > And /etc/my.cnf: > > [client-server] > socket = /var/www/var/run/mysql/mysql.soc > > The "mysql_secure_installation" script fails with: > > ERROR 2002 (HY000): Can't connect to local MySQL server through > socket '/var/run/mysql/mysql.sock' (2) It seems mysql_secure_installation ignores this setting. Either remove it temporarily and restart the server, or create a symlink ("ln -s /var/www/var/run/mysql /var/run/").
