Alright then. I've added a "resetpasswd" option to /etc/init.d/mysql which asks for a new password (using whiptail) and sets it accordingly.
That's the technical bit. I'm still not convinced about the proper course of action with regard to the prompt during installation. The easiest is of course to just do whatever Debian does, but we have a policy about not asking superfluous questions during installation. However, we also aim for userfriendliness and security, so in my mind, out best bet is to ask for the password, but to accept an empty one if that's what the user really thinks he wants. Setting it to a random value is not a good idea, I think. It renders the mysql server useless until the password has been dug out from the file where we put it or until the password has been reset. In my mind, this just sounds like a really unfriendly way of forcing the user to set a password anyhow, so we might as well reprompt him during installation until he sets a password, but that would be violating our don't-ask-too- many-questions-during-installation even more, I think. -- Root password policy for mysql https://bugs.launchpad.net/bugs/119075 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
