Bug #98518 Support alternative bootstrap workflow to current mysqld --initialize
Submitted: 8 Feb 2020 1:00 Modified: 8 Feb 2020 7:22
Reporter: Morgan Tocker Email Updates:
Status: Verified Impact on me:
Category:MySQL Server: Packaging Severity:S4 (Feature request)
Version:8.0 OS:Any
Assigned to: CPU Architecture:Any

[8 Feb 2020 1:00] Morgan Tocker
Following on from FOSDEM.. I understand the current dilemma of bootstrapping the server in a secure way, without relying on user interaction (not all installation methods guarantee it).

I have an alternative suggestion which may satisfy security requirements:

- mysqld --initialize inits a server, with an expired password for root (placing clients in the sandbox, requiring them to log in and change it) + forces a bind address of,::1.

- The workload for a new user will be to login as root, set the password, then restart:

$ mysql -uroot
> SET PASSWORD='newpass';

The advantage of this is that it can be done entirely by automated scripts (without grepping through files). The downside is that it is a little bit magical that it doesn't bind externally if there is a fresh root user with an expired user.

How to repeat:
[8 Feb 2020 1:02] Morgan Tocker
(The restart is of course required here because bind-address is not dynamic. If it were dynamic, the workflow would not require this.)
[8 Feb 2020 7:22] MySQL Verification Team
Hello Morgan,

Thank you for the reasonable feature request!