mysql_install_db enhancements to facilitate Debian bug#848616 fix

In Debian, the default install is made more secure by omitting the anonymous user and by making the root account authenticate by unix socket authentication instead of the default password-less root. However, Debian hard-codes this change in mysql_install_db, which breaks that program for other users. This commit instead implements new general options for mysql_install_db that can be used by anyone to similarly perform a more secure install: --skip-auth-anonymous-user: omits the anonymous user. --auth-root-authentication-method=normal: Keeps the existing behaviour with a password-less root account. Currently on by default. --auth-root-socket-user=USER --auth-root-authentication-method=socket: creates the MariaDB root user with the name USER (defaults to 'root') and using unix socket authentication. This way, only that user has MariaDB root access after install. The idea with --auth-root-authentication-method=normal is that applications that need this behaviour can give that option explicitly. Then eventually we could make --auth-root-authentication-method=socket the default, giving a more secure default installation. Note that it is perfectly possible to do a secure install with --auth-root-authentication-method=normal. For example, installing a private server just for local access by a single OS-level user, by using --skip-networking and putting the connection socket in a location without public access. So it is important to preserve this API for backwards compatibility.
author: Kristian Nielsen <knielsen@knielsen-hq.org> 2017-01-13 11:25:38 +0100
committer: Kristian Nielsen <knielsen@knielsen-hq.org> 2017-01-17 17:13:14 +0100
commit: 736afe868094b9aa24211c3772fb3b297d62d8fc (patch)
tree: 4ea1d67657bf3bad943fe40040a912a9f6dc3402 /scripts/mysql_install_db.sh
parent: 719e81132d071ade354b887fe80cd2daabc045e7 (diff)
download: mariadb-git-736afe868094b9aa24211c3772fb3b297d62d8fc.tar.gz
1 files changed, 39 insertions, 1 deletions
diff --git a/scripts/mysql_install_db.sh b/scripts/mysql_install_db.sh
index 5eb0796c647..364cc4fb9e0 100644
--- a/scripts/mysql_install_db.sh
+++ b/scripts/mysql_install_db.sh
@@ -34,11 +34,26 @@ force=0
 in_rpm=0
 ip_only=0
 cross_bootstrap=0
+install_params=""
+auth_root_authentication_method=normal
+auth_root_socket_user='root'
 
 usage()
 {
   cat <<EOF
 Usage: $0 [OPTIONS]
+  --auth-root-authentication-method=normal|socket
+                       Chooses the authentication method for the created initial
+                       root user. The default is 'normal' to creates a root user
+                       that can login without password, which can be insecure.
+                       The alternative 'socket' allows only the system root user
+                       to login as MariaDB root; this requires the unix socket
+                       authentication plugin.
+  --auth-root-socket-user=user
+                       Used with --auth-root-authentication-method=socket. It
+                       specifies the name of the MariaDB root account, as well
+                       as of the system account allowed to access it. Defaults
+                       to 'root'.
   --basedir=path       The path to the MariaDB installation directory.
   --builddir=path      If using --srcdir with out-of-directory builds, you
                        will need to set this to the location of the build
@@ -59,6 +74,8 @@ Usage: $0 [OPTIONS]
   --defaults-file=path Read only this configuration file.
   --rpm                For internal use.  This option is used by RPM files
                        during the MariaDB installation process.
+  --skip-auth-anonymous-user
+                       Do not install an unprivileged anonymous user.
   --skip-name-resolve  Use IP addresses rather than hostnames when creating
                        grant table entries.  This option can be useful if
                        your DNS does not work.
@@ -141,6 +158,17 @@ parse_arguments()
         #
         # --windows is a deprecated alias
         cross_bootstrap=1 ;;
+      --skip-auth-anonymous-user)
+	install_params="$install_params
+SET @skip_auth_anonymous=1;" ;;
+      --auth-root-authentication-method=normal)
+	auth_root_authentication_method=normal ;;
+      --auth-root-authentication-method=socket)
+	auth_root_authentication_method=socket ;;
+      --auth-root-authentication-method=*)
+        usage ;;
+      --auth-root-socket-user=*)
+        auth_root_socket_user="$(parse_arg "$arg")" ;;
 
       *)
         if test -n "$pick_args"
@@ -430,7 +458,17 @@ mysqld_install_cmd_line()
 
 # Create the system and help tables by passing them to "mysqld --bootstrap"
 s_echo "Installing MariaDB/MySQL system tables in '$ldata' ..."
-if { echo "use mysql;"; cat "$create_system_tables" "$create_system_tables2" "$fill_system_tables"; } | eval "$filter_cmd_line" | mysqld_install_cmd_line > /dev/null
+case "$auth_root_authentication_method" in
+  normal)
+    install_params="$install_params
+SET @skip_auth_root_nopasswd=NULL;
+SET @auth_root_socket=NULL;" ;;
+  socket)
+    install_params="$install_params
+SET @skip_auth_root_nopasswd=1;
+SET @auth_root_socket='$auth_root_socket_user';" ;;
+esac
+if { echo "use mysql;$install_params"; cat "$create_system_tables" "$create_system_tables2" "$fill_system_tables"; } | eval "$filter_cmd_line" | mysqld_install_cmd_line > /dev/null
 then
   s_echo "OK"
 else
author	Kristian Nielsen <knielsen@knielsen-hq.org>	2017-01-13 11:25:38 +0100
committer	Kristian Nielsen <knielsen@knielsen-hq.org>	2017-01-17 17:13:14 +0100
commit	736afe868094b9aa24211c3772fb3b297d62d8fc (patch)
tree	4ea1d67657bf3bad943fe40040a912a9f6dc3402 /scripts/mysql_install_db.sh
parent	719e81132d071ade354b887fe80cd2daabc045e7 (diff)
download	mariadb-git-736afe868094b9aa24211c3772fb3b297d62d8fc.tar.gz