WL#6962: Deployment: random passwords generated for unattended installs
Affects: Server-5.7 — Status: In-Documentation — Priority: Medium
When the server deploys the installation process must collect a password from the user. If this isn't possible because the process is running unattended a random password must be generated. The problem then arise to how this password can be given to the appropriate person. The easiest solution is to store it in a specified file under the same context as the installation process is running and mark all the affected accounts with PASSWORD EXPIRE so it isn't possible to hijack the account later by snatching the password. Other alternatives are to email the password to the DBA who needs it but this requires more of the surrounding infrastructure to work flawlessly.
Functional Requirement: F1: Random password should be generated by default whenever mysql_install_db is executed. Such passwords must be expired. F2: Provide an option to skip generation of random password. This will allow users to create an installation where root's password is empty. F3: Scope : RPMs According to http://dev.mysql.com/doc/refman/5.6/en/linux-installation-rpm.html ... ... As of MySQL 5.6.8, new RPM install operations (not upgrades) invoke mysql_install_db with the --random-passwords option that provides for more secure MySQL installation. Invoking mysql_install_db with --random-passwords causes it to assign a random password to the MySQL root accounts, set the “password expired” flag for those accounts, and remove the anonymous-user MySQL accounts. It will be necessary after installation to start the server, connect as root using the password written to the $HOME/.mysql_secret file, and assign a new root password. Until this is done, root cannot do anything else. This must be done for each root account you intend to use. ... ...
1. Introduce new option in mysql_install_db : --skip-random-passwords Specifying this option would mean: a. Root accounts will have empty password. c. test db will be created and mysql.db table will have corresponding entries. 2. --skip-random-passwords is not enabled by default. This means, invoking mysql_install_db would mean that a. Random passwords are generated for root accounts and will be placed in ~/.mysql_secret file c. test db will be dropped and mysql.db table will not contain any entries. 3. --random-password is not a valid option anymore. 4. Anonymous user accounts will not be created. 5. .mysql_secret will have information about password. This file is created in home directory of the user installing MySQL. Default permission is 0600. This file will later be used by mysql_secure_installation.
Copyright (c) 2000, 2019, Oracle Corporation and/or its affiliates. All rights reserved.