| Bug #87845 | Initialization of root password doesn't adhere to validation plugin policy | ||
|---|---|---|---|
| Submitted: | 22 Sep 2017 17:49 | Modified: | 25 Sep 2017 13:07 |
| Reporter: | J. Alexander | Email Updates: | |
| Status: | Verified | Impact on me: | |
| Category: | MySQL Server: Command-line Clients | Severity: | S2 (Serious) |
| Version: | 5.7.5+, 5.7.19 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
[25 Sep 2017 13:07]
MySQL Verification Team
Hello J. Alexander, Thank you for the report. Thanks, Umesh
[25 Sep 2017 13:08]
MySQL Verification Team
-- 5.7.19 [umshastr@hod03]/export/umesh/server/binaries/Trunk/87827/mysql-5.7.19: rm -rf 87827 && bin/mysqld --initialize --basedir=$PWD --datadir=$PWD/87827 --plugin-load-add=validate_password.so --validate_password_length=15 2017-09-23T05:58:06.362926Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details). 2017-09-23T05:58:06.814020Z 0 [Warning] InnoDB: New log files created, LSN=45790 2017-09-23T05:58:06.884784Z 0 [Warning] InnoDB: Creating foreign key constraint system tables. 2017-09-23T05:58:06.938987Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 2ba1f158-a024-11e7-a9d9-0010e05f3e06. 2017-09-23T05:58:06.939514Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened. 2017-09-23T05:58:06.940192Z 1 [Note] A temporary password is generated for root@localhost: py2H<_6!:.ji 2017-09-23T05:58:07.092842Z 1 [ERROR] 1819 Your password does not satisfy the current policy requirements 2017-09-23T05:58:07.092979Z 0 [ERROR] Aborting
[26 Sep 2017 9:31]
Hugo Dubois
Hello, I have the same issue with the initialize-insecure option: 2017-09-26T11:27:31.414121+01:00 1 [Note] Creating the system database 2017-09-26T11:27:31.414142+01:00 1 [Warning] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option. 2017-09-26T11:27:31.414347+01:00 1 [Note] Creating the system tables 2017-09-26T11:27:31.577606+01:00 1 [Note] Filling in the system tables, part 1 2017-09-26T11:27:31.578334+01:00 1 [ERROR] 1819 Your password does not satisfy the current policy requirements 2017-09-26T11:27:31.578347+01:00 1 [Note] Bootstrapping complete 2017-09-26T11:27:31.578431+01:00 0 [ERROR] Aborting I think you should not check password policy at the bootstrap operation
Description: Random root password generation step for initialization will fail with error 1819 ("Your password does not satisfy the current policy requirements") if the password validation plugin is enabled and 'validate_password_length' > 12 characters. How to repeat: Enable the Password Validation Plugin with 'validate_password_length' set to a value > 12 characters and run the initialization process to generate a random root password. Suggested fix: Check if the Password Validation Plugin is enabled and adjust the root password generation process to adhere to the 'validate_password_*' configuration settings.