Description:
I installed latest mysql version 5.6.14 from source in Linux.
And check mysql.user table.
# ./bin/mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.14 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select user,host,password from mysql.user;
+------+-----------------+----------+
| user | host | password |
+------+-----------------+----------+
| root | localhost | |
| root | std05.kic.ac.jp | |
| root | 127.0.0.1 | |
| root | ::1 | |
| | localhost | | *all user from localhost
| | std05.kic.ac.jp | | *all user from installed mysqld
+------+-----------------+----------+
6 rows in set (0.00 sec)
mysql> \q
Bye
So I check login to mysqld -u nouser, nouser is not defined in /etc/password.
But nouser login to mysqld.
# ./bin/mysql -u nouser
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.6.14 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> \s
--------------
./bin/mysql Ver 14.14 Distrib 5.6.14, for Linux (i686) using EditLine wrapper
Connection id: 3
Current database:
Current user: nouser@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.6.14 Source distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /tmp/mysql.sock
Uptime: 1 min 57 sec
Threads: 1 Questions: 11 Slow queries: 0 Opens: 67 Flush tables: 1 Open tables: 60 Queries per second avg: 0.094
--------------
mysql> show grants;
+--------------------------------------+
| Grants for @localhost |
+--------------------------------------+
| GRANT USAGE ON *.* TO ''@'localhost' |
+--------------------------------------+
1 row in set (0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
+--------------------+
2 rows in set (0.00 sec)
mysql> \q
Bye
If I set Websystem, apache user can see information_schema, test databases.
Is this the right setup?
How to repeat:
I think mysql.user table for default setting,
delete ''@'localhost' and ''@'installed_mysqld'.
Or add check routine,
if real local user in /etc/passwod file and can use /bin/bash.
I am glad for your reply.