TurnKey Linux Virtual Appliance Library

Implications of MYSQL user in Webmin (password change)

L. Arnold's picture

I was trying to harden my passwords just now and after resetting the Root password, I changed the MySQL password in Webmin.

Probably not what I wanted to do.

Now though, my original "root" user in MySQL has the same pword as ever.  The MYSQL was changed from something ... I don't know what.  Are there any scripts that also need to be changed for that user?

Only way to get this back is to restore a Snapshot..  I may do that.

thoughts on this one?

L. Arnold's picture

followup: If I change the root/mysql password what abo Magento

if I go to /user/lib/inithooks.... and change the mysql there, does it also keep the aps talking with and working with the Database's they depend on.

Are not these settings norally set in config files and are they updated when a mysql password is updated?  As I expect they have their own Mysql User, perhaps it does not matter.

Hardening the system is all.

Jeremy's picture

Magento should be ok

If you just run the mysqlconf.py script then it shouldn't affect Magento's access to MySQL. That script only adjusts the root MySQL password AFAIK. I haven't pulled the Magento appliance apart, but I'd assume that it works the same way the others do. Other TKL appliances that use MySQL have a separate (non-root) user that connects to DB (and only has rights for that specific DB) that uses a random password (created and set by another inithook script).

PS As for what you actually changed with Webmin I have no idea...

L. Arnold's picture

How about the Converse? How to change "magento" user pwd?

Did a manual move of a Database.  Now getting

SQLSTATE[28000] [1045] Access denied for user 'magento'@'localhost' (using password: YES)

I would really like to change the username and the password.

local.xml is showing an encrypted password and even if I change the user's password I can't seem to get Magento to get past the error.

(app/etc/local.xml) seems to be where this is initialized in Magento.

thanks for any help with this one.

Jeremy's picture

Magento user has randomly created password

A random password is set by the TKL initialisation/firstboot scripts for the Magento system account. The local.xml is also updated with the password.

If you want it to be reset to a new random value then you can just rerun the init/firstboot scripts ('turnkey-init'). You could just re-run the specific script but I don't recall which one it is (may be inithooks/firstboot.d/30magentosecrets or something similar??)

The other way to fo is to log into MySQL as the root user (either commandline or phpMyAdmin) and set the Magento user password, then change local.xml to the same and it should be all go.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)