Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can't sign into mariadb when using docker swarm secrets due to unix socket authentication #22003

Open
1 task done
3bsalcedo opened this issue Feb 11, 2025 · 0 comments
Open
1 task done
Labels
status/triage Needs triage

Comments

@3bsalcedo
Copy link

3bsalcedo commented Feb 11, 2025

Is this a docs issue?

  • My issue is about the documentation content or website

Type of issue

I can't find what I'm looking for

Description

Unable to log into the root user of MariaDB after setting up a docker swarm service for MariaDB using secrets. When I type the root password in, I get an access denied error.

Location

https://docs.docker.com/engine/swarm/secrets/

Suggestion

I think it should be mentioned in the secrets section of the docs that MariaDB 10.4+ defaults to unix socket authentication. With Unix socket authentication in MariaDB, only users mapped to a system (Linux) user account can log in without a password. This authentication method allows users to connect if they are logged into the system as a user that matches a MariaDB user. If not it will not log you in. You can pass the password secret file inline with the command to sign into MariaDB and it will log into root. I didn't see any mention of this in the secrets section of the docs. I may have missed it, in which case, I'm sorry for taking up your time.

Image

A fix for this would be disabling unix_socket and switching back to password authentication in MariaDB.
With more help from AI, I found that adding this command: ["--skip-grant-tables", "--skip-networking"] to the MariaDB service section of the .yml worked, allowing me to sign into root by typing the password stored in the secrets file.

Example docker config file for a test MariaDB swarm service:

Image

Testing MariaDB root sign in with ["--skip-grant-tables", "--skip-networking"] added to the config:

Image

Chat GPT also mentions this as a fix but I have not tried it and you would have to already have a mariadb shell:
ALTER USER 'root'@'localhost' IDENTIFIED VIA mysql_native_password USING PASSWORD('yourpassword');

@3bsalcedo 3bsalcedo added the status/triage Needs triage label Feb 11, 2025
@3bsalcedo 3bsalcedo changed the title mariadb 10.4+ uses unix socket authentication by default in docker Can't sign into mariadb when using docker secrets due to unix socket authentication Feb 12, 2025
@3bsalcedo 3bsalcedo changed the title Can't sign into mariadb when using docker secrets due to unix socket authentication Can't sign into mariadb when using docker swarm secrets due to unix socket authentication Feb 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
status/triage Needs triage
Projects
None yet
Development

No branches or pull requests

1 participant