How to disable password validation in MariaDB on Synology?

0

0ldn0mad2020-03-09 14:10:52

MariaDB

0ldn0mad, 2020-03-09 14:10:52

Working with a local MariaDB server on Synology, I encountered a completely unpractical feature - intricate password validation not only for root, but for all created users.
Password requirements - at least 10 characters, upper and lower case letters + numbers + special characters.
I will create my own password of 8 letters and numbers and it will be crypto-resistant enough, besides, this is my local server, which does not go outside in any way, and even more so, there is no access to it from the outside.
How to remove such validation so that for root the password could not be set or the maximum password is root?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

H

h4r7w3l1, 2020-11-02
@h4r7w3l1

Authorization in MariaDB is possible without a password from a privileged linux account.
The parameter enabling this "behavior" is in the mysql.users table and has the value unix_socket . In debian 9+, the auth_socket.so plugin is enabled by default.
This information is also relevant for devices of the Synlogy family.

GRANT ALL PRIVILEGES ON *.* TO 'root'@'127.0.0.1' IDENTIFIED BY 'xxx' WITH GRANT OPTION;
INSTALL SONAME 'auth_socket';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION;

Change the plugin field in the user table from mysql_native_password to unix_socket, make sure the plugin is enabled and installed, restart the mysqld service. Now you can log in as root without a password: sudo mysql -u[ mysqluser ]
SELECT * FROM information_schema.PLUGINS;

> sudo mysql -uroot 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 10.3.21-MariaDB Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

https://mariadb.com/kb/en/authentication-plugin-un...