turn validate_password plugin on then cannot init the root password #1075
Comments
lystormenvoy
changed the title
|
anyone know? |
|
It would be useful to run the entrypoint itself with something like |
|
MySQL 5.7 is EOL, so I tried with 8 (without very high hopes, as https://dev.mysql.com/doc/refman/8.4/en/validate-password-options-variables.html#option_mysqld_validate-password notes that the $ docker run -it --rm --name foo --env MYSQL_ROOT_PASSWORD='vavretsamA@#1' --pull=always mysql:8 --plugin-load-add=validate_password.so --validate-password=FORCE_PLUS_PERMANENT
8: Pulling from library/mysql
Digest: sha256:ad77a7c4e2031597e0c73a21993f780cdde6cef15d3dae734fe550c6142f8097
Status: Image is up to date for mysql:8
2024-09-06 19:40:04+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.2-1.el9 started.
2024-09-06 19:40:04+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2024-09-06 19:40:04+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.2-1.el9 started.
2024-09-06 19:40:04+00:00 [Note] [Entrypoint]: Initializing database files
2024-09-06T19:40:04.773608Z 0 [System] [MY-015017] [Server] MySQL Server Initialization - start.
2024-09-06T19:40:04.775073Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.4.2) initializing of server in progress as process 80
2024-09-06T19:40:04.784392Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2024-09-06T19:40:05.216087Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2024-09-06T19:40:05.664028Z 0 [Warning] [MY-013501] [Server] Ignoring --plugin-load[_add] list as the server is running with --initialize(-insecure).
2024-09-06T19:40:06.969831Z 0 [ERROR] [MY-000067] [Server] unknown variable 'validate-password=FORCE_PLUS_PERMANENT'.
2024-09-06T19:40:06.970238Z 0 [ERROR] [MY-013236] [Server] The designated data directory /var/lib/mysql/ is unusable. You can remove all files that the server added to it.
2024-09-06T19:40:06.970249Z 0 [ERROR] [MY-010119] [Server] Aborting
2024-09-06T19:40:08.704237Z 0 [System] [MY-015018] [Server] MySQL Server Initialization - end.Perhaps this would be different with a file instead of flags -- I'll try that next. |
|
That was more successful: $ docker run -it --rm --name foo --env MYSQL_ROOT_PASSWORD='vavretsamA@#1' --pull=always mysql:8 sh -c '{ echo validate-password=FORCE_PLUS_PERMANENT; echo plugin-load-add=validate_password.so; } >> /etc/mysql/conf.d/password.conf && exec docker-entrypoint.sh mysqld'
8: Pulling from library/mysql
Digest: sha256:ad77a7c4e2031597e0c73a21993f780cdde6cef15d3dae734fe550c6142f8097
Status: Image is up to date for mysql:8
2024-09-06 19:42:41+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.2-1.el9 started.
2024-09-06 19:42:41+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2024-09-06 19:42:41+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.2-1.el9 started.
2024-09-06 19:42:41+00:00 [Note] [Entrypoint]: Initializing database files
2024-09-06T19:42:41.440758Z 0 [System] [MY-015017] [Server] MySQL Server Initialization - start.
2024-09-06T19:42:41.442046Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.4.2) initializing of server in progress as process 80
2024-09-06T19:42:41.451904Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2024-09-06T19:42:41.859696Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2024-09-06T19:42:43.726005Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
2024-09-06T19:42:45.724354Z 0 [System] [MY-015018] [Server] MySQL Server Initialization - end.
2024-09-06 19:42:45+00:00 [Note] [Entrypoint]: Database files initialized
2024-09-06 19:42:45+00:00 [Note] [Entrypoint]: Starting temporary server
mysqld will log errors to /var/lib/mysql/6fb02b159fbe.err
mysqld is running as pid 127
2024-09-06 19:42:46+00:00 [Note] [Entrypoint]: Temporary server started.
'/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it.
2024-09-06 19:42:48+00:00 [Note] [Entrypoint]: Stopping temporary server
2024-09-06 19:42:49+00:00 [Note] [Entrypoint]: Temporary server stopped
2024-09-06 19:42:49+00:00 [Note] [Entrypoint]: MySQL init process done. Ready for start up.
2024-09-06T19:42:49.174630Z 0 [System] [MY-015015] [Server] MySQL Server - start.
2024-09-06T19:42:49.364244Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.4.2) starting as process 1
2024-09-06T19:42:49.373086Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2024-09-06T19:42:49.675795Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2024-09-06T19:42:49.922034Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2024-09-06T19:42:49.922067Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2024-09-06T19:42:49.926618Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
2024-09-06T19:42:49.952677Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx.sock
2024-09-06T19:42:49.952778Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.4.2' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.However, it seems like it might've ignored my configuration? $ docker exec -it foo mysql -uroot -p'vavretsamA@#1'
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.4.2 MySQL Community Server - GPL
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SHOW VARIABLES LIKE 'validate_password.%';
Empty set (0.02 sec)
mysql> SHOW VARIABLES LIKE 'validate_password%';
Empty set (0.00 sec) |
this error like#1082 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi
I am using mysql:5.7.44 image.
I mount my.cnf into the container with
Then I use
docker logs mysqlit printMy command to create container is
docker run -d --name mysql -v /app/mysql/conf:/etc/mysql -v /app/mysql/logs:/var/log/mysql -e "MYSQL_ROOT_PASSWORD=vavretsamA@#1" --restart always --network=host mysql:5.7.44When I comment the config about validate password it will work.
After it work and init the user, I uncomment the config, and change the password to
vavretsamA@#1It will change successfully.
Can I turn on validate password when the mysql init?
The text was updated successfully, but these errors were encountered: