Bug #38307 missing important step on resetting permissions alternative way
Submitted: 23 Jul 2008 8:14 Modified: 24 Jul 2008 6:35
Reporter: Sebastian Mendel (Basic Quality Contributor) Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Documentation Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: Jon Stephens CPU Architecture:Any

[23 Jul 2008 8:14] Sebastian Mendel 
Description:
the section "Alternatively, on any platform, you can set the new password using the mysql client (but this approach is less secure):"

on page http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html

is missing the last but very important step: RESTART THE SERVER without -skip-grant-tables

How to repeat:
look here: http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html at the bottom

Suggested fix:
add:

4. RESTART THE SERVER without -skip-grant-tables
[23 Jul 2008 9:45] Susanne Ebrecht 
Many thanks for reporting a bug.

I agree. The documentation is really confusing at this point.
[24 Jul 2008 6:35] Jon Stephens 
There is no need to restart the server. Running FLUSH PRIVILEGES forces the grant tables to be read, which effectively negates --skip-grant-tables. I ran the example shown and could not log in without using the new password. Once I had run FLUSH PRIVILEGES, it was no longer possible to log in without a password for any account which (already) had one.

Said another way, --skip-grant-tables does not stop FLUSH PRIVILEGES from working normally.