0

We've recently upgraded from MySQL Percona 5.7 to 8 and we're in the phase of transitioning from mysql_native_password to caching_sha2_password.

As far as I understand, the only way to upgrade the Plugin is with the below query, and if no password is supplied, an empty one will.

mysql> ALTER USER 'user'@'host' IDENTIFIED WITH caching_sha2_password BY 'password';

The two questions I have are the following.

However prior any changes, is the debian-sys-maint still relevant in Stretch - MySQL 8 ? What would it imply to remove that account ? Considering that root has replaced it over the years, and on a fresh new install on another Stretch, it doesn't exist anymore.

Similar situation with the mysql.session that didn't migrate to caching_sha2_password during the upgrade, would it be fine to change his plugin without setting any password ?

+-----------+---------------+-----------------------+-------------------------------------------+
| Host      | User          | plugin                | authentication_string                     |
+-----------+---------------+-----------------------+-------------------------------------------+
| localhost | mysql.session | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+-----------+---------------+-----------------------+-------------------------------------------+
Tolsadus
  • 1,123
  • 11
  • 22

1 Answers1

2

So long as the root MySQL account uses unix_authauthentication plugin (so no password required for root user to log into MySQL) then you should be fine to remove the debian-sys-maint user.

Note that as of Debian 9/Stretch by default, it no longer exists of you install MariaDB from the default repos.

If you don't have unix_authauthentication enabled for the root user, it may still work ok, although some automated functionality may no longer work.

Jeremy Davis
  • 396
  • 3
  • 14