Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating new mysql user errored with message: ER_NOT_VALID_PASSWORD: Your password does not satisfy the current policy requirements #511

Closed
1 of 2 tasks
avinzheng opened this issue Oct 26, 2017 · 6 comments · Fixed by #546
Closed
1 of 2 tasks

Creating new mysql user errored with message: ER_NOT_VALID_PASSWORD: Your password does not satisfy the current policy requirements #511

avinzheng opened this issue Oct 26, 2017 · 6 comments · Fixed by #546
Labels
bug help wanted

Comments

@avinzheng
Copy link

Welcome to Ghost-CLI's GitHub repo! 👋🎉

Do you need help or have a question? Please come chat in Slack: https://slack.ghost.org/ 👫.

This issue is a

  • Bug Report
  • Feature Request

Summary

It seems the random password for MySQL user is too simple.

[root@web blog]# ghost setup mysql
✖ Setting up "ghost" mysql user
A SystemError occurred.

Message: Creating new mysql user errored with message: ER_NOT_VALID_PASSWORD: Your > password does not satisfy the current policy requirements

Debug Information:
Node Version: v6.11.5
Ghost-CLI Version: 1.1.3
Environment: production
Command: 'ghost setup mysql'

Please refer to https://docs.ghost.org/v1/docs/troubleshooting#section-cli-errors for troubleshooting.
[root@web blog]# mysqld -V
mysqld Ver 5.7.20 for Linux on x86_64 (MySQL Community Server (GPL))
@allthedrones
Copy link

I also encountered this issue, with the MySQL Password Validation Plugin (which MySQL now prompts for when running the included hardening routine mysql_secure_installation), configured to the MEDIUM or STRONG settings.

Most likely RC is password shorter than 8 chars or not meeting complexity requirements (mixed case, 1+ numerals, 1+ special char).

Failing password config on MySQL:

mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password_check_user_name    | OFF    |
| validate_password_dictionary_file    |        |
| validate_password_length             | 8      |
| validate_password_mixed_case_count   | 1      |
| validate_password_number_count       | 1      |
| validate_password_policy             | MEDIUM |
| validate_password_special_char_count | 1      |
+--------------------------------------+--------+

@acburdine
Copy link
Member

@imzhengfei this should I think be a fairly small/easy fix - so if you want to create a PR for it feel free :) Otherwise I'll get to this when I have some time.

@avinzheng
Copy link
Author

@acburdine I know little about node, I will try. Hope I can do it. :)

@avinzheng avinzheng mentioned this issue Nov 2, 2017
Closed
@gompa
Copy link
Contributor

gompa commented Nov 2, 2017

a good effort in my opinion(for what its worth) but according to this:
Math.random() does not provide cryptographically secure random numbers. Do not use them for anything related to security

@avinzheng
Copy link
Author

@gompa thx for your advice, I'll try to find another way.

@avinzheng
Copy link
Author

@gompa Thx for your reminding me of that problem, I've rewrite the RAMDOM method with Linear Congruential Generator in stead of Math.random().

acburdine added a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@acburdine
fix(mysql): re-order create user statements
a112533 
refs TryGhost#511
- always run create user with hashed password to fix requirements with
secure installations
acburdine pushed a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@gompa @acburdine
fix(mysql): improve password compatibility of mysql user
c8e5b68 
closes TryGhost#511
- improve password compatibility with mysql password requirements
acburdine pushed a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@gompa @acburdine
fix(mysql): improve password compatibility of mysql user
6d5ce7d 
closes TryGhost#511
- improve password compatibility with mysql password requirements
@acburdine acburdine mentioned this issue Nov 18, 2017
Merged
2 tasks
acburdine added a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@acburdine
fix(mysql): re-order create user statements
f61bbc7 
refs TryGhost#511
- always run create user with hashed password to fix requirements with
secure installations
acburdine pushed a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@gompa @acburdine
fix(mysql): improve password compatibility of mysql user
55882a3 
closes TryGhost#511
- improve password compatibility with mysql password requirements
acburdine pushed a commit to acburdine/Ghost-CLI that referenced this issue Nov 18, 2017
@gompa @acburdine
fix(mysql): improve password compatibility of mysql user
846d322 
closes TryGhost#511
- improve password compatibility with mysql password requirements
acburdine added a commit that referenced this issue Nov 18, 2017
@acburdine
fix(mysql): re-order create user statements
d690918 
refs #511
- always run create user with hashed password to fix requirements with
secure installations
acburdine pushed a commit that referenced this issue Nov 18, 2017
@gompa @acburdine
fix(mysql): improve password compatibility of mysql user
6927121 
closes #511
- improve password compatibility with mysql password requirements
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
4 participants
@allthedrones @acburdine @gompa @avinzheng