From 1879b2b8df0c0cd84c14aa955cd370bff424fd3f Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Fri, 29 Dec 2017 11:25:42 +1100
Subject: debian: insecure root password is only if plugin is empty

---
 debian/additions/debian-start.inc.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'debian/additions')

diff --git a/debian/additions/debian-start.inc.sh b/debian/additions/debian-start.inc.sh
index f50712882c1..1fe1950adea 100644
--- a/debian/additions/debian-start.inc.sh
+++ b/debian/additions/debian-start.inc.sh
@@ -65,7 +65,7 @@ function check_root_accounts() {
   
   logger -p daemon.info -i -t$0 "Checking for insecure root accounts."
 
-  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='';" | $MYSQL --skip-column-names )
+  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin='';" | $MYSQL --skip-column-names )
   if [ "$ret" -ne "0" ]; then
     logger -p daemon.warn -i -t$0 "WARNING: mysql.user contains $ret root accounts without password!"
   fi
-- 
cgit v1.2.1


From 7e3c1e02b75039fbeca5671398981a01e574b6fa Mon Sep 17 00:00:00 2001
From: Sergey Vojtovich <svoj@mariadb.org>
Date: Mon, 15 Jan 2018 16:21:45 +0400
Subject: MDEV-14796 - debian: insecure root password is only if plugin is
 empty

Enumerate plugins that use password field.
---
 debian/additions/debian-start.inc.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'debian/additions')

diff --git a/debian/additions/debian-start.inc.sh b/debian/additions/debian-start.inc.sh
index 1fe1950adea..08ec339bcba 100644
--- a/debian/additions/debian-start.inc.sh
+++ b/debian/additions/debian-start.inc.sh
@@ -65,7 +65,7 @@ function check_root_accounts() {
   
   logger -p daemon.info -i -t$0 "Checking for insecure root accounts."
 
-  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin='';" | $MYSQL --skip-column-names )
+  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin in ('', 'mysql_native_password', 'mysql_old_password');" | $MYSQL --skip-column-names )
   if [ "$ret" -ne "0" ]; then
     logger -p daemon.warn -i -t$0 "WARNING: mysql.user contains $ret root accounts without password!"
   fi
-- 
cgit v1.2.1