Comments - How to change root to native-password plugin with dockerhub image

2 years, 9 months ago James Stewart Miller

just in case anyone reads the post, the secret creation command is correct except for a hyphen at the end -

read -p "Enter variable for MARIADB_ROOT_PASSWORD : " token && echo -n "$token" | podman secret create "MARIADB_ROOT_PASSWORD" -

 
2 years, 9 months ago James Stewart Miller

So, I finally got it to work. I was having another issue which is that once I had created the container using podman run, I had to wait an unspecified amount of time before the database in the container would accept commands. I ended up running a podman exec command to delete root@% as a do, done loop, like so... until podman exec -e ROOT_PASSWORD="$mysql_root_password" -it "${MARIA_CONT_NAME}" bash -c "mysql -uroot -p\"\${ROOT_PASSWORD}\" -h'localhost' -e \"delete from mysql.global_priv where user='root' and host='%'; flush privileges;\"" > /dev/null 2>&1 do echo -n "." done

Note, I added the redirection to null after I last tested it, but it should be ok, I guess.

Then I ran the podman exec command to create the database, and it worked fine.

 
2 years, 9 months ago Daniel Black

Thanks for explaining your use and fixing my missing -.

Using MARIADB_ROOT_HOST=localhost will prevent a root@% creation. There will still be a root@localhost user which is unix socket only, so only a podman exec can use it.

If you do need to remove a user please use drop user. The entrypoint that does similar hackery needs to be cleaned up and is obviously a bad example.

Waiting until it starts is something I plan to fix with a healthcheck script (MDEV-25434).

In the mean time your loop should be using mysql --protocol=tcp as there can be a few temporary starts which could get your command executed early.

Happy to take issues/feature requests on github or JIRA.

 
2 years, 9 months ago James Stewart Miller

Many thanks for all your help.

 
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.