MySQL users safe to edit?

I didnt find any better category but just to know i dont need support only confirmation if is safe to edit.

I run mysqltuner and everything is fine apart of one thing:

-------- Security Recommendations ------------------------------------------------------------------
[!!] User '@jenkins.mydomain.com' is an anonymous account.
[!!] User '@localhost' is an anonymous account.
[!!] User '@jenkins.mydomain.com' has no password set.
[!!] User '@localhost' has no password set.
[!!] User '@jenkins.mydomain.com' has user name as password.
[!!] User '@localhost' has user name as password.
[!!] There is no basic password file list!

Now i know how to sort this but i'm not sure if this will then affect Vmin and ability to properly work with MySQL, e.g. i dont want to find myself with broken DB or Vmin throwing out a bunch of errors.

Thx

P.S. MySQL was fine tuned to fit the server but nothing else touched so basically its default installation what it comes with Wmin/Vmin.

Status: 
Active

Comments

Diabolico's picture
Submitted by Diabolico on Tue, 06/14/2016 - 18:10

Some additional info:

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+------------+------------------------+-------------------------------------------+
| User       | Host                   | Password                                  |
+------------+------------------------+-------------------------------------------+
| root       | localhost              | *hashed password xxxxxxxxxxxxxxxxxxxxxxxx |
| root       | jenkins.mydomain.com   | *hashed password xxxxxxxxxxxxxxxxxxxxxxxx |
| root       | 127.0.0.1              | *hashed password xxxxxxxxxxxxxxxxxxxxxxxx |
| root       | ::1                    | *hashed password xxxxxxxxxxxxxxxxxxxxxxxx |
|            | localhost              |                                           |
|            | jenkins.mydomain.com   |                                           |
| mydomain   | localhost              | *hashed password xxxxxxxxxxxxxxxxxxxxxxxx |
+------------+------------------------+-------------------------------------------+
7 rows in set (0.00 sec)

I could delete some of them. If i'm not wrong phpMyAdmin use "127.0.0.1" and how you can see it doesnt report any problem together with last line what is DB user for virtualserver. So this two are generated after the initial installation but what are the rest?

Ninja edit: I forgot the first line should be root psw for MySQL. Still there are 4 of them what i dont know from where did they come.

The ones with no host and no password should be safe to remove.

Diabolico's picture
Submitted by Diabolico on Tue, 06/14/2016 - 22:02

Ok looks like "hostname", "127.0.0.1" and "::1" are defaults and created during the install, for anonymous accounts i dont know. I will make backup of "mysql" and proceed to remove two anonymous accounts and set password for "jenkins.mydomain.com", "127.0.0.1" and "::1". This sounds as best solution.

It could be that two anonymous accounts are created during install but frankly i dont know.