mysql (mariadb) ERROR 1698 (28000): Access denied for user 'root'@'localhost'

Question

I'm working on Xubuntu 15.04. I already installed the MariaDB-Server on various systems and was always asked for a root password during installation. This time, however, I don't remember being asked for the password. When I try to login without a password (or a blank password), I get the Access denied for user 'root'@'localhost' error. I tried uninstalling the package completely by

sudo apt-get remove mariadb-server
sudo apt-get purge mariadb-server

When I reinstalled, I still didn't get asked for the root password.

I tried the mysqld --skip-grant-tables approach from mysql how to fix Access denied for user 'root'@'localhost' . I can modify the password for the root user in the mysql database - at least the hash value changes - but I still cannot login with the new password after a restart of the mysql-server. I still get the same error.

The user debian-sys-maint does not exist. So, I cannot use it to fix anything.

Any ideas what else I could try?

Answer 1

You need to reset the password. so for that

sudo mysql -u root
use mysql;
update user set plugin='' where User='root';
flush privileges;
exit;

Answer 2

The idea with the new set-up is that you shouldn't be using passwords at all. See UNIX_SOCKET Authentication Plugin for details.

What's especially relevant is the contents of /usr/share/doc/mariadb-server-10.0/README.Debian.gz on Ubuntu 16.04:

On new installs no root password is set and no debian-sys-maint user is created anymore. Instead the MariaDB root account is set to be authenticated using the unix socket, e.g. any mysqld invocation by root or via sudo will let the user see the mysqld prompt.

You may never ever delete the mysql user "root". Although it has no password is set, the unix_auth plugin ensure that it can only be run locally as the root user.

The credentials in /etc/mysql/debian.cnf specify the user which is used by the init scripts to stop the server and perform logrotation. This used to be the debian-sys-maint user which is no longer used as root can run directly.

So if you disable that plug-in for root and set a password, the daily cron job will break as it's assuming it will log in as root without a password, but with the plug-in.

Later it says:

Scripts should run as a user have have the required grants and be identified via unix_socket.

So it looks like passwords should no longer be used by applications.

Answer 3

I did it by running this command, right after installation:

$ sudo mysql_secure_installation

At first step, password is blank, so just press Enter.

Answer 4

I solved the problem following the answer from this post:

Can't reset MySQL (MariaDB) root password

One has to change the plugin field of mysql.user for all roots to a blank string.

Answer 5

Just use sudo mysql -u root - that's it

---

Details: Newer versions authenticate to mysql using system authentication. So if you can sudo to the OS, it assumes you're db root too. You can confirm this by issuing sudo mysql -u root -e "USE mysql; SELECT User, Host, plugin FROM mysql.user;". You should see something like this (maybe with auth_socket in other distros)

+------+-----------+-------------+
| User | Host      | plugin      |
+------+-----------+-------------+
| root | localhost | unix_socket |
+------+-----------+-------------+

Answer 6

I had the same issue on a raapberry pi with stretch. My solution was to create a new user with all privileges by doing the following:

sudo mysqld_safe --skip-grant-tables --skip-networking &
mysql -u root

MariaDB [(none)]> use mysql
MariaDB [mysql]> FLUSH PRIVILEGES;
GRANT ALL privileges ON mysql.* TO 'admin'@'localhost' with grant option;

Now I can login and us the user "admin" as superuser.

I hope this is going to help someone.