Getting MySQL to work on Debian 9

1 Proper MySQL set-up

2 Install prerequisites

sudo apt-get install mysql-server mysql-client mysql-common libmariadbclient-dev

3 Set password

sudo mysqladmin password -u root

4 Put passwords in file:///etc/mysql/debian.cnf

5 Remove unix_socket plugin

sudo mysql -u root -p
UPDATE mysql.user set PLUGIN='' where USER='root';
FLUSH PRIVILEGES;

6 Configure for ERPNext

echo -e "[mysqld]\ninnodb-file-format=barracuda\ninnodb-file-per-table=1 \
         \ninnodb-large-prefix=1\ncharacter-set-client-handshake=FALSE \
         \ncharacter-set-server=utf8mb4\ncollation-server=utf8mb4_unicode_ci \
         \n\n[mysql]\n\ndefault-character-set=utf8mb4" | sudo tee -a /etc/mysql/my.cnf

7 Restart and hope for the best

sudo systemctl restart mariadb.service
5 Likes

Hey!

Thanks for taking your time to putting this up here. Can you also put this on the frappe wiki so people can find this easily if they need it?

Hello Valmik,

no problem. I like to contribute when I can.

I am not sure if this information is truly useful. It is a temporary
fix or for local testing. The MySQL root password is in plain text on
the host server. That is not robust security even if one needs the
necessary permissions to view the file. I am sure a smart pen(tester)
person would have her way.

I don’t have enough experience to suggest a better approach. Maybe a
more robust approach would be to query the root password upon creating
a new MySQL “database” for a “site”. This also sounds a little crazy
considering possibly insecure connections to the host server. Why not
change the default frappe user, which one would create beforehand and
grant the necessary permissions i.e. for database creation etc.? What
do you think?

I would prefer a more robust approach over my current strategy. Then
again after having created the database with ‘bench init site’, I could just
remove the plain text passwords from the config file. Should I start playing
around with the bench scripts?

Regarding the additional documentation, if you consider it responsible
to put this on the wiki, I guess I should check ‘bench’ out, add stuff,
and submit a pull request?

Regards,
Brian

1 Like