2017-01-12 23:38 GMT+02:00 Kristian Nielsen <[email protected]>: > If I understand the issue here, this is nothing to do with MariaDB being or > not being a drop-in for MySQL. The problem seems to be this patch in the > Debian packaging: > > > https://github.com/ottok/mariadb-10.1/blob/master/debian/patches/mdev-8375-passwordless-root-via-socket-auth.patch > > The idea is to make the default install of package mariadb-server-10.1 use > socket authentication for the root user, which seems fine. But the patch > seems completely wrong. Rather than adding needed functionality to enable > postinst to setup socket auth, instead it hardcodes this decision into > mysql_install_db, which breaks other users.
Thanks for chipping in Kristian. Indeed the idea of using unix socket auth has been planned by both MariaDB and MySQL maintainers. It's just that in MariaDB it got already implemented, in fact over a year ago: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.1.git/commit/?id=ab63132b5fb4c2692f7a56f84b1c191c3c3cc9e0 Funny that the use case you describe Dominic did not come up earlier. The purpose of this change is to get everybody to impove their security and move to using new passwordless practices. Are we now sure there is no way to change mysql-ruby2 to utilize socket auth, or create a test user that has no plugin defined, or something else? On a quick look the solution suggested by Kristian looks OK. I will eventually do something to implement and test it, but if somebody has time to do it right now and send me a git merge request (or Github pull request) then things would progress much faster. - Otto _______________________________________________ Python-modules-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
