DeutschEnglish

Submenu

 - - - By CrazyStat - - -

2. February 2020

MySQL root password in Ubuntu cannot be changed

Filed under: DBMS,Linux,Server Administration — Tags: , , , , , — Christopher Kramer @ 16:08

You tried a dozen different howtos to change the root password of MySQL (5.7+) in a recent Ubuntu version (18.04+) and did not succeed? Like the one I posted in 2013?

The reason these guides do not work is simple: root access through password is disabled and thus changing the password has no effect. You can find more details here.

So how the heck can we access the database? On the console, you can login to MySQL as root without a password like this:

sudo mysql

If you need root access from another application, like phpMyAdmin, the best way is to add a new user like myroot that has all privileges and a password. To do so, login as root in the console (sudo mysql) and then create the new user like this (adjust new_password to something more secure):

CREATE USER 'myroot'@'localhost' IDENTIFIED BY 'new_password';
GRANT ALL PRIVILEGES ON *.* TO 'myroot'@'localhost' WITH GRANT OPTION;
CREATE USER 'myroot'@'%' IDENTIFIED BY 'new_passord';
GRANT ALL PRIVILEGES ON *.* TO 'myroot'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
QUIT;

Now you can login from any application using the username myroot and the password new_password . On the console:

mysql -u myroot -p
Enter password: new_password

Hope this helps somebody who is in the same situation like me.

If this made your day, please drop a comment.

Recommendation

Try my Open Source PHP visitor analytics script CrazyStat.

9. September 2012

Zimbra: Creating a new self-signed SSL certificate

Filed under: Linux,Server Administration — Tags: , , , , , , , , , — Christopher Kramer @ 10:04

I recently had to recreate the SSL certificate of a Zimbra server and surprisingly it was not as easy as the documentation looked like, so I’d like to document how it is done and make comments on some difficulties that might come up.

So this is how it is done (on a Ubuntu Server running Zimbra Network edition 6.0.16 GA):

  1. SSH into the server, login as root
  2. Switch to the zimbra-user using
    su - zimbra
  3. Then run the following commands:
     sudo /opt/zimbra/bin/zmcertmgr createca -new
     sudo /opt/zimbra/bin/zmcertmgr deployca
     sudo /opt/zimbra/bin/zmcertmgr deploycrt self
  4. Restart Zimbra. To do so, as user zimbra, issue these commands (no sudo here):
    /opt/zimbra/bin/zmcontrol stop
    /opt/zimbra/bin/zmcontrol start

So the difficulties I had and some remarks:

  • sudo kept asking me for a password when I typed in
    sudo zmcertmgr createca -new

    Seems I am not the only one with this problem. The zmcertmgr command is white-listed in /etc/sudoers so you should normally not be asked for a password. Run the following command to edit /etc/sudoers (do not edit it in any other way!)

    visudo

    So make sure in this file the following line is included:

    %zimbra ALL=NOPASSWD:/opt/zimbra/bin/zmcertmgr

    The % at the beginning seems to belong there. Note that the zimbra wiki has typo (zmvertmgr) in this line.
    But although I had this line in there, sudo kept asking me for the password. So what finally worked was invoking zmcertmgr with the complete path (as done above).
    Update: It seems I had a typo in here myself. Make sure it is “zmcertmgr”  and not “zmzertmgr” 😉
    Thanks to the comment by erolha!

  • In the Zimbra Release notes, the last command for updating the certificate is
    sudo zmcertmgr deploycrt self -new

    I got this error:

    Can't deploy cert for -new.  Unknown service.

    Without -new (and the complete path), it went through well.

  • No zimbra documentation I found mentions that a restart of zimbra is required, but without a restart, the old certificate was still used when opening the webmailer or the admin interface via https.

 

I hope I could help some of you that run into one of these problems.