Re: [SLUG] My MySQL mistake & how I recovered

Tue, 22 Jul 2003 19:26:53 -0700 

You can just stop mysqld and start it up again with --skip-grant-tables
option.  This turns off all password protection.  You fix the password and
then restart mysql with password protection back on.

Depending where your server is located you might consider it important to
firewall mysql's TCP port while you do this.

Andrew




On Wed, 23 Jul 2003, Grant Parnell - EverythingLinux wrote:

> Date: Wed, 23 Jul 2003 09:01:06 +1000 (EST)
> From: Grant Parnell - EverythingLinux <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [SLUG] My MySQL mistake & how I recovered
>
> # mysql mysql
> > update user set password=('hello') where user='root';
> > quit
> # mysqladmin reload
> # mysql mysql --password=hello
> ERROR 1044: Access denied for user: '[EMAIL PROTECTED]'
> to database 'mysql'
>
> At this point I pondered and worked out I should have used
> password=password('hello'). The prospect of finding a password that
> encrypts to the word 'hello' was now rather daunting. I had to find
> another approach... I believe there is a way to reset the root password
> with a special command but for some reason I decided to be a bit more
> creative.
>
> # /etc/init.d/mysqld stop
> # cd /var/lib/mysql
> # cp -a mysql/user.* test/
> # /etc/init.d/mysqld start
> # mysql test
> > update user set password=password('hello') where user='root';
> > quit
> # /etc/init.d/mysqld stop
> # cp -a test/user.* mysql
> # rm -f test/user.*
> # /etc/init.d/mysqld start
> # mysql mysql --password=hello
> > select * from user;
>
> Whew! success. This relies on the fact that by default, under RedHat at
> least, there's a table called 'test' which everybody has access to without
> a password. I suppose this is something to consider if you need a bit more
> security.  Some would argue "once you've got root what else is there?".
>
>  --
> ---<GRiP>---
> Grant Parnell - senior consultant
> EverythingLinux services - the consultant's backup & tech support.
> Web: http://www.everythinglinux.com.au/services
> We're also busybits.com.au and linuxhelp.com.au.
> Phone 02 8752 6622 to book service or discuss your needs.
>
>

--

No added Sugar.  Not tested on animals.  May contain traces of Nuts.  If
irritation occurs, discontinue use.

-------------------------------------------------------------------
Andrew McNaughton           In Sydney
                            Working on a Product Recommender System
[EMAIL PROTECTED]
Mobile: +61 422 753 792     http://staff.scoop.co.nz/andrew/cv.doc



-- 
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug

Reply via email to