I installed mysql-community-server-8.0.13-1.el7.x86_64 on Centos 7 with Nginx, and added the phpMyAdmin to manage the databases but I keep getting error Cannot log in to the MySQL server from phpMyAdmin. I've tried the following and have been struggling for a few days now:
Changed some of the parameters (suggested on stackoverflow) located on /etc/phpMyAdmin/config.inc.php like the following but no luck:
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'socket';
$cfg['Servers'][$i]['socket'] = '/var/lib/mysql/mysql.sock';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = 'password';
I've tried mysql shell, and I'm able to login with root and other users. But, I have no idea why it fails on phpMyAdmin. Please help and thanks!
I was able to resolve this by doing the following:
(I should mention that this solution works for MySQL 8.0.13 and phpMyAdmin 4.8.4 - Both, latest version today)
1- I edited config.inc.php with these server parameters (only):
/*** This is needed for cookie based authentication to encrypt password in
cookie. Needs to be 32 chars long. */
$cfg['blowfish_secret'] = 'generate_your_blowfish_secret_32_chars';
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
2- On MySQL terminal
//Create a new user:
mysql> CREATE USER 'user'#'localhost' IDENTIFIED BY 'your_password';
//Grant all privileges:
mysql> GRANT ALL PRIVILEGES ON *.* To 'user'#'localhost' WITH GRANT OPTION;
//Flush all privileges:
mysql> FLUSH PRIVILEGES;
//Change authentication_string with password:
mysql> ALTER USER user IDENTIFIED WITH mysql_native_password BY
'your_password';
//Login with the new user and password!
This should allow you to login into phpMyAdmin. I hope this help!
This work for me :
sudo mysql
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'YourNewPassword';
On CentOS 7, I had to:
uncomment the "default-authentication-plugin=mysql_native_password" line in /etc/my.cnf
(then systemctl restart mysqld)
ALTER USER 'user'#'localhost' IDENTIFIED WITH mysql_native_password BY 'your-password';
A minor tweak on the accepted answer from Jacman above. I had tried everything else, but was missing the 'WITH mysql_native_password' clause
Related
Context
Running MariaDb 10.6.7 on Windows 11. Trying to use mariabackup to do a partial backup of my database. Database, target backup folder and backup process all on the same PC.
Issue
In a batch file I have this:
cd C:\"Program Files\MariaDB 10.6\bin"
mariabackup --backup --target-dir='D:\OneDrive\Backups\MariaDb' --databases-exclude="*test" --user=root --password=myPasswordWithNoQuotes
Which keeps giving me the response:
Failed to connect to MariaDB server: Access denied for user 'root'#'localhost' (using password: YES)
Things I've checked
Running the batch file as administrator
root has full priviliges
Password is correct - checked by logging into root with MySQL Workbench and MySQLClient and HeidiSQL.
Question
How do I set access rights so that the backup can proceed?
When I changed the root password to something simple everything worked. So it looks like the issue was a special character in the password (a % character perhaps) or the way that the password parameter was formed in the mariabackup command.
I'm trying to configure a limited external access to MariaDB 10.3
What I want
The user can only access to a view from an external access but shouldn't be able to be connected as root even if he has the password.
Initial configuration
Using the default forge configuration we start with theses users:
$ mysql -u root -p
> use information_schema;
> select * from user_privileges;
Full result: https://pastebin.com/kNNVUjrz
TLDR;
Two root users:
root accessible from : [localhost, 127.0.0.1, ::1, 51.99.999.101*, %]
forge accessible from : [51.99.999.101*, %]
One weird user:
debian-sys-maint accessible from : [localhost]
.* This is obviously a fake public ip
Configuration I want
root accessible from : [localhost, 127.0.0.1, ::1, 51.99.999.101]
forge accessible from : [localhost, 127.0.0.1, ::1, 51.99.999.101]
dummyuser accessible form : [%]
The problem
When I remove the user 'forge'#'%' but keep 'forge'#'localhost', the user (dummyuser) has no more privileges.
ERROR 1045 (28000): Access denied for user 'dummyuser'#'%' (using password: YES)
Details of what I did
connected through SSH to the server
$ mysql -u forge -p
> create database mydb;
> create view mydb.v as select user();
> create user dummyuser identified by 'password';
> grant select on mydb.v to dummyuser;
> select * from information_schema.user_privileges where grantee like '%dummyuser%';
GRANTEE: 'dummyuser'#'%'
TABLE_CATALOG: def
PRIVILEGE_TYPE: USAGE
IS_GRANTABLE: NO
Connected through my local PC
$ mysql -u dummyuser -h 51.99.999.101 -p
> select * from mydb.v;
Returns what we want: dummyuser#adsl-178-xx-xxx-123.adslplus.ch
But now when I delete the user 'forge'#'%' through SSH (with root this time):
Important Note: Doing this step before creating the dummyuser did not solve the problem.
$ mysql -u root -p
> drop user 'forge'#'%';
> create user 'forge'#'localhost' identified by 'passowrd';
> grant all privileges on *.* to 'forge'#'localhost' with grant option;
> flush privileges;
Here come the problem: When I logon with dummyuser and try again:
$ mysql -u dummyuser -h 51.99.999.101 -p
> select * from mydb.v;
ERROR 1045 (28000): Access denied for user 'dummyuser'#'%' (using password: YES)
Start by finding out what rows exist in the grant tables. It looks like you may have done such, but let's do it two steps:
SELECT user, host FROM mysql.user;
Then, for each of those, do (with ... appropriately filled in):
SHOW GRANTS FOR '...'#'...'
Now take the GRANT ... TO ... statements that that produced, turn them into REVOKE ... FROM ... (and remove the password clause).
Run those REVOKEs plus any new GRANTs you need. But be sure that a typo does not lock you out. Stay connected while you connect elsewhere and check the results.
With the help of #rick-james I got a working case.
I had to (re)create a user 'forge'#'%' with the same restricted access than 'dummyuser'#'%'.
'forge'#'localhost' keep is privileges root
> show grants for root#localhost;
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*****' WITH GRANT OPTION
GRANT PROXY ON ''#'%' TO 'root'#'localhost' WITH GRANT OPTION
> show grants for forge#localhost;
GRANT ALL PRIVILEGES ON *.* TO 'forge'#'localhost' IDENTIFIED BY PASSWORD '*****' WITH GRANT OPTION
> show grants for 'forge'#'%';
GRANT USAGE ON *.* TO 'forge'#'%' IDENTIFIED BY PASSWORD '*****'
GRANT SELECT ON `mydb`.`v` TO 'forge'#'%'
> show grants for 'dummyuser'#'%';
GRANT USAGE ON *.* TO 'dummyuser'#'%' IDENTIFIED BY PASSWORD '*****'
GRANT SELECT ON `mydb`.`v` TO 'dummyuser'#'%'
Now when I create dummyuser3#% with the user forge#localhost and grant him: grant select on mydb.v to dummyuser3; the dummyuser3 will be able to select the view.
In case a user get access to forge#%, because of the restriction, it will only be able to select the view. Which is an acceptable solution.
[Edit] It works with THIS scenario: create view mydb.v as select user();
In a real world, my view is based on an another table. In that case, the user 'forge'#'%' also needs the privilege to select on that table.
This is a less acceptable solution. But that's the only one I got.
In definitive, the question is still open
I'm using a fresh installation of Debian Stretch, and installed PHP7 and MariaDB as recommended:
sudo apt-get install nginx mariadb-server mariadb-client php-mysqli php7.0-fpm php7.0-curl
Then using sudo mysql_secure_installation I followed the prompts to remove test users etc.
MariaDB seems to use unix_socket authentication (which is a new concept to me). I like how it restricts root access to sudoers and allows me to grant DB permissions to specific OS users.
However I'd prefer to assign individual user/passwords for each web application running on the server. They all run as www-data user on the system and I see no reason to let them share databases.
So I created a user for my first PHP script and granted access to a new database:
CREATE USER 'telemetry'#'localhost' IDENTIFIED BY 'yeah_toast';
UPDATE mysql.user SET plugin='mysql_native_password' WHERE user='telemetry';
GRANT ALL PRIVILEGES ON telemetry TO 'telemetry'#'localhost';
FLUSH PRIVILEGES;
But it refuses to let me connect from the application:
[error] 19336#19336: *20 FastCGI sent in stderr: "PHP message: PHP Warning: mysqli::real_connect(): (HY000/1045): Access denied for user 'telemetry'#'localhost' (using password: YES) in /path/to/database.inc.php on line 30
The credentials I'm using from the application are as follows:
Host: localhost (also tried 127.0.0.1)
Username: telemetry
Password: yeah_toast
Database: telemetry
I tried deleting and re-creating the username in case it was a password problem, and creating a user #'localhost' and #'%' but none seem to work. In fact when I log in using the same credentials from the command line without sudo it works great (mysql -utelemetry -p).
Am I missing a MariaDB configuration step here?
befor installing moodle on ubuntu 16.04 server i have installed MariaDB and create a privilage like this :
# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE moodle;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON moodle.* TO 'Admin'#'localhost' IDENTIFIED BY 'root';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q
after that i can with commande line access to moodle database with user: "Admin" and password:"root".
but in the install.php page of moodle if i give the user and password i got this error :
what is the problem please?
A bug in Moodle means it cannot detect the latest version of MariaDB database server used on all Ecenica Web Hosting packages and Managed Cloud Servers.
You can do the following:
Edit your Moodle config.php
Change $CFG->dbtype from mysqli to
mariadb
Save and Restart the installation of Moodle
It is an old post but, for someone who hits this page:
From the error it looks like the DB type selected in the screen prior to this was "MySQLi" instead of "MariaDb".
How to reset password in MariaDB? I use Windows and NOT Linux. Anyone who knows how to reset my MySQL MariaDB password? I tried to search on Google but did not help.
I bumped into the same problem. I lost the root password for a test server on a windows development machine.
Following the Linux step:
After
net stop mysql
Try invoking mysqld with
mysqld --skip-grant-tables
mysqld will only exit with a short message
[Note] mysqld.exe <...5.5.48.MariaDB> starting as process <pid> ...
then it quits. However I tried to launch mysqld directly, there is no mysqld.exe process. The service start command might have some argument combination that enabled mysqld to run. Tried to pass the settings through a configuration file and it works.
put
skip-grant-tables=TRUE
into MariaDB 5.5\data\my.ini
Restart mysqld, by
net stop mysql && net start mysql
then being able to login as root.
Don't forget to remove the inserted line and restart mysqld again.
As this is top result in Google here's a quick way to change the password:
Stop the DB server
create a text file containing your new password:
ALTER USER 'root'#'localhost' IDENTIFIED BY 'DontForgetMeAgain';
Run this command (don't forget to replace the path to file):
mysqld --init-file=C:\\path\\to\\file.txt
And we're done
Using skip-grant-tables led Maria Db to complain when changing a password even if logged in as root.
I had to do a little modification on Tom's answer in the content of the file to make it work for me:
After stopping the DBServer i created a file with this content:
SET PASSWORD FOR 'root'#'localhost' = PASSWORD('mynewpassword');
FLUSH PRIVILEGES;
then I run:
C:\Program Files\MariaDB 10.1\bin>mysqld --init-file=C:\\path\\to\\file.txt
I then managed to log in