Bug #25452 mysql_upgrade access denied.
Submitted: 7 Jan 2007 5:29 Modified: 8 May 2007 0:56
Reporter: Mark Johnson (Basic Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Installing Severity:S3 (Non-critical)
Version:5.0.32 OS:Linux (linux)
Assigned to: Magnus Blåudd CPU Architecture:Any
Tags: installation, server, upgrade

[7 Jan 2007 5:29] Mark Johnson
Description:
mysql_upgrade does not pass password on to mysqlcheck.  When I invoke mysql_upgrade with a password, I consistently got an access denied error.  Note that the output incorrectly indicated I was not using a password.

root@enterprise:/etc/rc.d# mysql_upgrade --datadir=/mnt/raid/mysqldata -p
Enter password:
/usr/bin/mysqlcheck: Got error: 1045: Access denied for user 'root'@'localhost' (using password: NO) when trying to connect
Error executing '/usr/bin/mysqlcheck --check-upgrade --all-databases --auto-repair --user=root'
root@enterprise:/etc/rc.d# mysql_upgrade --datadir=/mnt/raid/mysqldata --password
Enter password:
/usr/bin/mysqlcheck: Got error: 1045: Access denied for user 'root'@'localhost' (using password: NO) when trying to connect
Error executing '/usr/bin/mysqlcheck --check-upgrade --all-databases --auto-repair --user=root'

How to repeat:
Attempt to run mysql_upgrade with a --password on the command line.

Suggested fix:
This option should be passed to mysqlcheck with the password so that access will not be denied.
[7 Jan 2007 17:56] Giuseppe Maxia
Thanks for the bug report.
Verified as described on 5.0.32 Enterprise.

Also, on 5.1.14 (and later versions), the same application exits with a segmentation fault.
[7 Mar 2007 4:24] Matthew Smith
Same behaviour on 5.1.16-beta, built under Linux, using either -p or --password=.

/usr/bin/mysqlcheck: Got error: 1045: Access denied for user 'root'@'localhost' (using password: NO)

Unfortunately, as this is not a script, I can't just look at it and then run the commands by hand.
[8 Mar 2007 11:33] Magnus Blåudd
Working on new version of mysql_upgrade and has added a testcase to mysql_upgrade.test looking like this:

>>
#
# Bug #25452  	mysql_upgrade access denied.
#

# Password protect a root account and run mysql_upgrade

CREATE USER mysqltest1@'%' IDENTIFIED by 'sakila';
GRANT ALL ON *.* TO mysqltest1@'%';
--echo Run mysql_upgrade with password
--exec $MYSQL_UPGRADE --skip-verbose --force --user=mysqltest1 --password=sakila 2> $MYSQLTEST_VARDIR/log/mysql_upgrade.err

DROP USER mysqltest1@'%';

<<
[8 Mar 2007 11:35] Magnus Blåudd
The password is erased by code in get_one_option

  case 'p':
    tty_password= 1;
    if (argument)
    {
      char *start= argument;
      my_free(opt_password, MYF(MY_ALLOW_ZERO_PTR));
      opt_password= my_strdup(argument, MYF(MY_FAE));
      while (*argument)
        *argument++= 'x';                       /* Destroy argument */
       ^^ Here 
      if (*start)
        start[1]= 0;                            /* Cut length of argument */
      ^^ And if that was not enough, here too. 
      tty_password= 0;
    }
[18 Apr 2007 11:21] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/24764

ChangeSet@1.2461, 2007-04-18 13:21:39+02:00, msvensson@pilot.blaudden +11 -0
  Bug#25452 mysql_upgrade access denied
   - Improve mysql_upgrade and add comments describing it's logic
   - Don't look for mysql and mysqlcheck randomly, use dir where mysql_upgrade
    was started from
   - Don't look for mysql_fix_privilege_tables.sql randomly, compile
    in the mysql_fix_privilege_tables.sql file and use that to upgrade
    the system tables of MySQL
   - Check for any unexpected error returned from runnning the mysql_fix_privilege_tables SQL
   - Fix bug#26639, bug#24248 and bug#25405
[26 Apr 2007 11:36] Bugs System
Pushed into 5.1.18-beta
[26 Apr 2007 11:37] Bugs System
Pushed into 5.0.42
[8 May 2007 0:56] Paul Dubois
Noted in 5.0.42, 5.1.18 changelogs.

mysql_upgrade did not pass a password to mysqlcheck if one was given.