[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: A regression bug comparing Stretch to Jessie -was [Re: Doing a clean install with ATYPICAL constraints]

On 05/12/2017 02:57 AM, Brian wrote:
On Thu 11 May 2017 at 21:54:57 -0500, Richard Owlett wrote:

Working from purchased DVDs of Debian Stretch (8.6.0) I did a minimal
install (MATE desktop + standard utilities) to a fresh partition.
I then did
   apt-get install apache2
   apt-get install mariadb-server

On completion of the later I was asked for a password for 'root' user. I
supplied it and was able to login. As a check I attempted to login with an
incorrect password and was blocked.

I then followed the same procedure for Stretch using netinst
{Debian stretch-DI-rc3 i386 1}
I was never asked for the password.

After a night's sleep, I'll read up on bug reporting.
I've never filed a bug report, any assistance welcome.
Later - yawn ;/

It's always a good idea to do some research before submitting a bug
report. That would include reading the Debian documentation. Searches
with "debian mariadb-server password" and "debian mariadb-server
password bug" throw up some interesting links. They could help you to
decide whether your experience is worth reporting, Don't forget that
packages can legitimately change their behaviour and confound the
expectations of users.

#800009 has

  This issue is now fixed in 10.0.23-1 as the passwordless root
  account authenticated via unix socket is only used on fresh
  installs. Old installs will continue to use any root password
  previously set.

Various searches do bring bring up interesting issues.
For potential bug reporters I recommend following chains of links from "BugTriage" <https://wiki.debian.org/BugTriage>. I believe at least one bug was prematurely closed (was it properly defined in the first case). The symptom described in #800009 still exists and it is unclear if its ramifications have been addressed adequately/correctly.
More reading ahead.

Reply to: