0

According to the MariaDB documentation, new MariaDB installations now allow the root user to use both the unix_socket and mysql_native_password plugins. However, the password is initially made invalid. Thus, the only way to log in as root is passwordless "as long as the login is attempted from a process owned by the operating system root user account."

My understanding is that the salt states are not run as the root user. As a result, something like this fails with authentication denied:

Set MariaDB Root Password:
  mysql_user.present:
    - name: root
    - password: {{ root_mariadb_password }}
    - connection_user: root
    - connection_host: 127.0.0.1
    - connection_password: ''
    - connection_charset: utf8

What is the proper way to set the root password with Salt, keeping these restrictions in mind?

vpseg
  • 71
  • 5
  • I'm not hugely familar with salt-stack however it looks like [this issue](https://github.com/saltstack/salt/issues/52206). Looking at [the code](https://github.com/saltstack/salt/blob/master/salt/modules/mysql.py) it needs some serious MariaDB modernization. – danblack Aug 24 '21 at 07:19
  • Pretty sure you need to just not have the `connection_password` in either here or in the minion config. It's also likely that you'll need to use the `connection_unix_socket` arg. And the salt states will run as whatever user the minion is running under, which is probably root. – Wayne Werner Jan 07 '22 at 00:10

0 Answers0