Skip to content
Michal Čihař edited this page Apr 18, 2016 · 9 revisions

Substantial confusion between layers of user types and authentication methods

I hope to set out here how the vagueness of various 'root' and 'control' user types suggests a combinatorically prohibitive array of possible interpretation of the documentation. This is a bug with the documentation. A close and careful reading -- and even a textual deconstruction in which the unwritten parts inferred-- does not yield a set of functional choices. I mean, "what do you mean?"

Let us consider the case where a 'site designer' -- a real person -- wishes to install phpmyadmin on a commercially hosted/managed sites (such as The site designer must contend with many layers of authentification and 'root' access, most of which are beyond his control, but some of which are indicated obliquely in the documentation.

  • Clearly, the sysadmin 'root' user (as in /home/root) is unavailable to the site designer. Therefore, requesting a 'root' password is clearly not what is being asked during authentication, although that is what is being asked for in the setup script.
  • Likewise, the mysql 'root' is also not available to the site designer, so 'root' cannot mean 'root.'
  • A third implied root, but going by the name 'control user', is unlikely to be related to either of the previous roots. But is 'control user' the same as 'site designer'? The site designer has an accessible username and a password, so 'control user' is likely to mean 'one who has a little control but much less control than real control users, like root.'
  • Often the database itself will have a database name, a database user name conveniently identical to the database name, except when it isn't, and a password.

In the context of all of these root/control/designer/database user names and passwords, what is actually being sought when the setup script asks for

  • Authentication type.
    • config (mysqld root user, aka 'root' with password? not available to site designers)
    • signon (site designer username with an apache-authenticated password?)
    • http (apache username/password?)
    • cookie (site designer?)
  • User for config auth. Is this the mysql root?, site designer?, a database name? Or some fictitious user invented for mysql's internal accounting purposes, like the mysqld 'root' but less powerful?
  • Password for config auth. Assume that a clear 'user for auth' specification answers this question
  • Only database to show. Despite its prominence in the config script, this seems to be a usability nicety unrelated to basic functionality, unless the database to show is the the first half of a databasename/database password combo required for authentication.
  • Verbose name of this server. "leave blank to show the hostname." This is a 180 rotation in the meaning of verbose. Leave empty to show something, and assign value to show nothing?
  • phpMyAdmin control user. Is this sysadmin root, mysqld root, site designer /home/username username, or a fictitious administrative user created for mysql accounting purposes? This cannot by sysadmin root or site designer, since neither are automatically mysql users. The site designer should become a mysql registered user? It is more likely that 'control user' is the name of an existing database/database user pair, with configurable password. Unfortunately, this is also false. . . at least it doesn't work. What reamins, then, is that 'control' user is a fictitious user created by the sysadmin root and, if not conveyed to the site designer, renders phpMyAdmin unconfigurable. No, that is probably also wrong.
  • phpMyAdmin control user password, contingent upon who is in 'control'
  • phpMyAdmin database for advanced features: Is this the database being created, since 'content' may be considered an advanced feature? Or is this a database set up by the sysadmin root, or owned by the mysqld root? Or is it site designer configurable? Or should this be left blank since it is a config nicety?
  • Session name for signon auth. Sessions are named by apache and are not user configurable, are they?
  • Login URL for signon auth. Strongly suggests that authentication is not related to mysql or phpmyadmin, but is rather related to something in apache config files or even /etc/passwd.
  • Logout URL. I'll ask when I get there!

Neither the documentation nor the wiki provides necessary clarity to sufficiently distinguish between all possible credible definitions of root, either by literal name or implied 'control'.

I simply ask for the documentation not to assume namespace conventions that represent rotations of means of 'root' from superuser to 'one who is not a superuser.' Cascokid 04:47, 20 August 2007 (CEST)

You say you've read the wiki, but your posting doesn't back that up. For example, the purpose of the controluser and situations where you'd need one is clearly explained in controluser. SignonURL and LogoutURL both explain that they're for the signon auth method; I admit there could be a link there to auth_types, but that shouldn't be too hard to find. The fact that you're even trying to set up a signon auth_type shows you haven't read Quick Install. I'm not trying to be rude -- and I know the documentation could use some improvement, but a lot of your questions are easily answered by looking at the relevant wiki pages. I will take your comments in to consideration and try to improve some of the areas you've mentioned and please don't run away. Read Quick Install and try to copy and paste the simple cookie example. Hopefully we can get it running for you. Good luck --Ibennetch 16:45, 24 August 2007 (CEST)

First-time Viewing of this page

Speaking as a user who is coming to this page "from the wild" as it were - this page certainly seems to address initial configuration requirements, such as configuring host location etc. What the page does not clearly do is state the names and locations of the php / config files that should be edited, that contain the values listed here.

I'm presuming that this information is found elsewhere, and probably fairly easily too, but I'm leaving this comment for those who are maintaining this Wiki because it would be a great idea to list, at the top of the document, the locations of these files.

Now at the top you do have this line: This should have the default values, but it may be very helpful to also look at the ./libraries/config.default.php file included in phpMyAdmin.

I'm not sure whether this is just a translation issue or whether there's something else happening, but it's not clear whether this means that the configuration options are to be found inside libraries/config.default.php. Under any circumstance, may I suggest being a little more explicit about it.

Keep up the great work! 0:0:0:FFFF:70:55:240:92 22:28, 4 February 2010 (CET)

I do have that problem too. phpMyAdmin has an awful lot of configuration files, which one do you talk about here? I have the problem with editing mediawiki blob data (because mediawiki stores almost everything in blob) and can't find the "$cfg['ProtectBinary'] = True " in none of the config files I've searched. Try to make your articles more Newbie-friendly - it won't hurt the Pros... - Anonymous, 13:48, 9 January 2012 (CET)

There's only one configuration file, but I'll modify the first paragraph of the Config page to make the location more clear. Thanks for the suggestion. Does this help? --Ibennetch 18:10, 11 January 2012 (CET)

Clone this wiki locally