Ante Karamatić wrote: > Am I missing something?
I am. Feel free to kick me :) I vote for random root password as a quick measure. We don't even have to show it to the user. Changing random password would be easy, trough already mentioned acts, or like this; /etc/mysql/root.cnf (chowned 600): [client] host = localhost user = root password = randompassword socket = /var/run/mysqld/mysqld.sock then running this as a wrapper or whatever: mysqladmin --defaults-file=/etc/mysql/root.cnf password new_pass This option is good cause it doesn't stop mysql and therefor doesn't start it in --skip-grant-tables mode, which is insecure. Then again, we already have /etc/mysql/debian.cnf with debian-sys-maint user, which is equal to root user... Good thing about using mentioned methods (--skip-grant-tables and --init-file) is that is already used/tested solution for the problem we are trying to solve. No need to invent new stuff when old stuff is good and working :) -- Root password policy for mysql https://bugs.launchpad.net/bugs/119075 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs