Bug #80137 root user created with auth_sock plugin even root pwd is not blank
Submitted: 25 Jan 2016 9:13 Modified: 1 Feb 2016 15:40
Reporter: Ramana Yeruva Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Installing Severity:S3 (Non-critical)
Version:5.7.11 OS:Any
Assigned to: CPU Architecture:Any

[25 Jan 2016 9:13] Ramana Yeruva 
Description:
as part of wl#7787, root user will be created with auth_sock plugin if packages are installed with blank root password, to make sure that packages are installed with secure by default.However 5.7.11 commercial deb packages always creating root user with auth_sock plugin even though root password entered user is not blank.This problem observed on Debian7 and Ubuntu14.04 platforms

How to repeat:
dpkg -i http://clustra.no.oracle.com/~bteam/my/apt-config-pkgs/qa/mysql-apt-commercial-config_0.5....
select 5.7 in the version dialog
enter root password when it prompted for root password
reconfirm the root password in the dialog
lets finish installation and wait till server comes up
try to connect with root user using give password observe it is failing
login as auth_sock plugin user, observe it is successful
[1 Feb 2016 15:40] Paul DuBois 
Noted in 5.7.11, 5.8.0 changelogs.

Debian packages create the root user account using the auth_socket
authentication plugin to achieve secure-by-default installation if
installation was done with a blank root password. However,
auth_socket was being used even if the password was not blank.