Richard Owlett wrote:
> On 05/12/2017 02:57 AM, Brian wrote:
>> On Thu 11 May 2017 at 21:54:57 -0500, Richard Owlett wrote:
>>
>>> Working from purchased DVDs of Debian Stretch (8.6.0) I did a minimal
>>> install (MATE desktop + standard utilities) to a fresh partition.
>>> I then did
>>> apt-get install apache2
>>> apt-get install mariadb-server
>>>
>>> On completion of the later I was asked for a password for 'root' user. I
>>> supplied it and was able to login. As a check I attempted to login with
>>> an incorrect password and was blocked.
>>>
>>> I then followed the same procedure for Stretch using netinst
>>> {Debian stretch-DI-rc3 i386 1}
>>> I was never asked for the password.
>>>
>>> After a night's sleep, I'll read up on bug reporting.
>>> I've never filed a bug report, any assistance welcome.
>>> Later - yawn ;/
>>
>> It's always a good idea to do some research before submitting a bug
>> report. That would include reading the Debian documentation. Searches
>> with "debian mariadb-server password" and "debian mariadb-server
>> password bug" throw up some interesting links. They could help you to
>> decide whether your experience is worth reporting, Don't forget that
>> packages can legitimately change their behaviour and confound the
>> expectations of users.
>>
>> #800009 has
>>
>> This issue is now fixed in 10.0.23-1 as the passwordless root
>> account authenticated via unix socket is only used on fresh
>> installs. Old installs will continue to use any root password
>> previously set.
>>
>
> Various searches do bring bring up interesting issues.
> For potential bug reporters I recommend following chains of links from
> "BugTriage" <https://wiki.debian.org/BugTriage>.
> I believe at least one bug was prematurely closed (was it properly
> defined in the first case).
> The symptom described in #800009 still exists and it is unclear if its
> ramifications have been addressed adequately/correctly.
> More reading ahead.
It took me a while to realize there is difference from MySQL perspective if
you use localhost and 127.0.0.1. "localhost" goes via unix socket.
