debian: insecure root password is only if plugin is empty

grooverdan · svoj · commit 1879b2b8df0c · 2018-01-15T16:19:53.000+04:00
diff --git a/debian/additions/debian-start.inc.sh b/debian/additions/debian-start.inc.sh
@@ -65,7 +65,7 @@ function check_root_accounts() {
   
   logger -p daemon.info -i -t$0 "Checking for insecure root accounts."
 
-  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='';" | $MYSQL --skip-column-names )
+  ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin='';" | $MYSQL --skip-column-names )
   if [ "$ret" -ne "0" ]; then
     logger -p daemon.warn -i -t$0 "WARNING: mysql.user contains $ret root accounts without password!"
   fi
