| Bug #75905 | Option to initialize with random password and store the password in .mylogin.cnf | ||
|---|---|---|---|
| Submitted: | 15 Feb 2015 9:51 | ||
| Reporter: | Daniël van Eeden (OCA) | Email Updates: | |
| Status: | Open | Impact on me: | |
| Category: | MySQL Server: Security: Privileges | Severity: | S4 (Feature request) |
| Version: | 5.7 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | initialize, password, Security | ||
Portions of this website are copyright © 2001, 2002 The PHP Group
Page generated in 0.021 sec. using MySQL 8.0.17-commercial
Content reproduced on this site is the property of the
respective copyright holders.
It is not reviewed in advance
by Oracle and does not necessarily represent the opinion of
Oracle or any other party.
© 2019, Oracle Corporation and/or its affiliates
Description: Please add an option to initialize a database with a random root password and then store this password in .mylogin.cnf as login path. This can make it easier to provision MySQL servers with an automation tool like puppet. Currently: 1. securely initialize a database (mysql_install_db or --initialize) 2. Grab the password from .mysql_secret or the error log 3. Then use this password to login and change it. Alternatively: 1. Insecurely initialize 2. Then set the password. Currently most automation tools use the second method, but could use the first method if step 2 was not needed anymore: How to repeat: See description Suggested fix: Proposed method: 1. securely initialize a database (mysql_install_db or --initialize) 2. Then use the login path to login and change it. 3. Remove and/or update the login path On systems with multiple mysqld installations a --login-path option could be used to indicate the name of the login path. mysqld --initialize --store-loginpath # Stored in the default login path ('client'?) mysqld --initialize --store-loginpath --login-path=foobar # Stored in the 'foobar' login path.