i try to create a mariadb 10.4.10 docker image. In the dockerfile i just install mariadb into the the image. The dockerfile inherits from my personal custom alpine images, where the user "appuser" will be created.
FROM nwo/alpine:latest
LABEL MAINTAINER="dideldumm <123@abc.de>"
ARG IMAGE_NAME=nwo/mariadb
ARG IMAGE_VERSION=1.1
RUN apk update \
&& apk add mariadb \
mariadb-client \
&& rm -rf /var/lib/apt/lists/* \
&& rm -rf /var/cache/apk/*
COPY ./setup/setup.sql /home/appuser/app/setup.sql
COPY ./setup/start.sh /home/appuser/app/start.sh
RUN chown appuser:appuser /home/appuser/app/start.sh /home/appuser/app/setup.sql
RUN mkdir /home/appuser/data/db \
&& mkdir /home/appuser/data/log \
&& touch /home/appuser/app/mariadb.pid \
&& touch /home/appuser/app/mariadb.socket \
&& chown -R appuser:appuser /home/appuser/data/db \
&& chown -R appuser:appuser /home/appuser/data/log \
&& chown -R appuser:appuser /home/appuser/app/mariadb.socket \
&& chown -R appuser:appuser /home/appuser/app/mariadb.pid
USER appuser
ENTRYPOINT ["/home/appuser/app/start.sh"]
In the start.sh script i create the mariadb.cnf.
echo "Create mariadb configuration file"
echo "[mysqld]" > /home/appuser/data/mariadb.cnf
echo "port=3306" >> /home/appuser/data/mariadb.cnf
echo "socket=/home/appuser/app/mariadb.socket" >> /home/appuser/data/mariadb.cnf
echo "pid-file=/home/appuser/app/mariadb.pid" >> /home/appuser/data/mariadb.cnf
echo "datadir=/home/appuser/data/db" >> /home/appuser/data/mariadb.cnf
echo "symbolic-links=0" >> /home/appuser/data/mariadb.cnf
echo "bind-address=0.0.0.0" >> /home/appuser/data/mariadb.cnf
echo "console=1" >> /home/appuser/data/mariadb.cnf
echo "general_log=0" >> /home/appuser/data/mariadb.cnf
echo "general_log_file==/home/appuser/data/log/mariadb.log" >> /home/appuser/data/mariadb.cnf
echo "log_error=/home/appuser/data/log/mariadb_error.log" >> /home/appuser/data/mariadb.cnf
echo "collation-server=$MDB_COLLATION" >> /home/appuser/data/mariadb.cnf
echo "character-set-server=$MDB_CHARACTERSET" >> /home/appuser/data/mariadb.cnf
Afterwards i run mysql_install_db --defaults-file=/home/appuser/data/mariadb.cnf. In the console output i get the message that i only can access the root user with a system root account. But as you can see in the dockerfile i switch to the appuser and run start.sh afterwards, which makes it impossible to run sudo. My goal is to initialize mariadb without previleges within start.sh.
I tried to run mysqld with parameter --skip-grant-tables but then i am not able to set the root password. This result into error message The MariaDB server is running with the --skip-grant-tables option so it cannot execute this statement for ALTER USER and SET PASSWORD statement.
When i run a "FLUSH PRIVILEGES" before, every command (SET PASSWORD, ALTER USER) will result into Query OK, 0 rows affected. At least i tried to update the user with UPDATE mysql.user SET Password=PASSWORD('test3') WHERE USER='root' AND Host='localhost'; which results in ERROR 1348 (HY000): Column 'Password' is not updatable.
Till yet, i have absolutly no idea, how to configure a mysql database server without root permissions.
It will be great, if you have a solution for me.
Regards
Dave
found the solution by myself. The first issue was, that in my environment just "root" is beeing created and no second user. Don't know why, but i let run a script afterwards which will do that, so it's not so important to me.
To get the "old style" 10.3 root user behaviour (which enables you to install mariadb with a non-root user) you can run mysql_install_db with parameter --auth-root-authentication-method=normal.
Of course, you must secure your mariadb installation by yourself afterwards.
Regards Dave