| Bug #107879 | Password Prompt not prompting for the user in command line | ||
|---|---|---|---|
| Submitted: | 14 Jul 2022 12:19 | Modified: | 15 Jul 2022 12:24 |
| Reporter: | Mohan B | Email Updates: | |
| Status: | Duplicate | Impact on me: | |
| Category: | MySQL Server: Command-line Clients | Severity: | S3 (Non-critical) |
| Version: | 8.0.29 | OS: | Red Hat (Red Hat Enterprise Linux Server release 7.3) |
| Assigned to: | CPU Architecture: | x86 | |
[14 Jul 2022 12:19]
Mohan B
[14 Jul 2022 12:25]
Mohan B
Workaround is to put the password in .my.cnf and login without any password in command line, 1. add password to .my.cnf 2. login using mysql Host:~ # mysql -u root -p ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) Host:~ # mysql -u root ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) even when -p is not mentioned ideally it should say "using PASSWORD NO" Host:~ # mysqladmin -u root -p status mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)' Password Prompt is not displayed and its automatically says access denied.
[14 Jul 2022 15:06]
Mohan B
Issue has been identified and it is a bug in version 8.0.29. When .my.cnf is present, the password doesn't prompt even when using -p. when we rename or remove .my.cnf , prompt re-appears. Please fix this bug in next patch or version.
[14 Jul 2022 15:29]
MySQL Verification Team
Hi Mr. B, Thank you for your bug report. However, we are not able to repeat what you are describing. All the tests were executed with simple : mysql -u user -p . Sometimes we put schema name, sometimes we did not put anything after `-p`. When we do not have .my.cnf , we get prompted for the password. We enter password and we get in. When we have .my.cnf with a user's password in it, then `-p` does not asks us for password and just logs in the server. When we have .my.cnf and we do not have any password in it, `-p` gives us a prompt for the password and (if entered correctly) we log in. That is expected behaviour. Are you sure that you are using our binaries or that you have not used any other special option ???? We can't repeat described behaviour.
[14 Jul 2022 15:34]
Mohan B
Hi Team, You can easily repeat this using the following. add an user abc with password in .my.cnf, [mysql] user=abc password=password [client] user=abc password=password After saving the above in .my.cnf, then log out and login back, try logging in using root or any other user, you will experience the issue. If we use .my.cnf then only one user can login and all other users cant login using mysql command line. Same issue has been removed from : https://support.oracle.com/knowledge/Oracle%20Database%20Products/2872923_1.html i have used rpms from mysql. i always prefer rpm from downloads.mysql.com
[14 Jul 2022 15:37]
Mohan B
only abc user can login without any password as it is present in .my.cnf which is normal behaviour, however it will not work for any other user account like root, xyz etc..
[15 Jul 2022 5:26]
MySQL Verification Team
See: https://bugs.mysql.com/bug.php?id=107205 This is a known issue described internally in: 8.0.29, 8.0.30: MySQL Client Doesn't Prompt for Password if ~/.my.cnf is Present (Doc ID 2872923.1) Bug 34187168 - mysql client ignores -p if .my.cnf is present Bug 34134984 - MySQL client connection doesn't ask terminal for password
[15 Jul 2022 12:00]
MySQL Verification Team
Hi Mr. B, Thank you for your feedback. With your latest feedback it is possible to repeat the behaviour. That is why we always insist on the fully reproducible test case. Your bug is a duplicate of the bug cited above. You can subscribe to the above bug, which is fixed in the release 8.0.31. Hence, you only have to wait for 8.0.31 to be released. For your information, we do not know yet when will 8.0.30 be released, much less 8.0.31. However, you have very easy workaround. Just remove `user` from your .my.cnf. Duplicate.
[15 Jul 2022 12:24]
Mohan B
Hi Team, We cant remove user from .my.cnf as we have monitoring based on that. We will manage it with workaround until 8.0.31. Thanks, Mohan
[18 Jul 2022 20:43]
cPanel, LLC Senior Tech's
This is a pretty big issue. Just ran into this where we cannot access a users MySQL database from the command line unless we store that info within their ~/.my.cnf file. This is insecure and should not be used. Example: # mysql -u username database ERROR 1045 (28000): Access denied for user 'username'@localhost' (using password: YES) # mysql -u username -p database ERROR 1045 (28000): Access denied for user 'username'@localhost' (using password: YES) Created a ~/.my.cnf file with the username/password in it, and then it works. But that is insecure and should never be the case. Plus what happens if the user has multiple databases/users. This solution isn't a good one. It's not a duplicate of https://bugs.mysql.com/bug.php?id=107205 either because that one specifcially states that you shouldn't have a .my.cnf file. Passing the -p flag should always prompt for a password.
[18 Jul 2022 20:49]
cPanel, LLC Senior Tech's
Actually, I was wrong. Mistyped and accessed the database as root user (not a good idea). No matter what, the prescence of a .my.cnf file makes no difference. MySQL 8.0.29 is NOT prompting for a password. This is very bad!
[19 Jul 2022 13:10]
cPanel, LLC Senior Tech's
Seems we filed this bug back in May... https://bugs.mysql.com/bug.php?id=107205
[19 Jul 2022 13:15]
MySQL Verification Team
If this bug is a duplicate of the report #107205, then it is fixed in 8.0.31. It is not yet known when 8.0.30 will be available, much less 8.0.31.
