Mariadb init without root in docker

Posted on by

i try to create a mariadb 10.4.10 docker image. In the dockerfile i just install mariadb into the the image. The dockerfile inherits from my personal custom alpine images, where the user “appuser” will be created.

FROM nwo/alpine:latest

LABEL MAINTAINER="dideldumm <[email protected]>"

ARG IMAGE_NAME=nwo/mariadb
ARG IMAGE_VERSION=1.1

RUN apk update 
    && apk add mariadb 
    mariadb-client 
    && rm -rf /var/lib/apt/lists/* 
    && rm -rf /var/cache/apk/*

COPY ./setup/setup.sql /home/appuser/app/setup.sql
COPY ./setup/start.sh /home/appuser/app/start.sh

RUN chown appuser:appuser /home/appuser/app/start.sh /home/appuser/app/setup.sql


RUN mkdir /home/appuser/data/db 
    && mkdir /home/appuser/data/log 
    && touch /home/appuser/app/mariadb.pid 
    && touch /home/appuser/app/mariadb.socket 
    && chown -R appuser:appuser /home/appuser/data/db 
    && chown -R appuser:appuser /home/appuser/data/log 
    && chown -R appuser:appuser /home/appuser/app/mariadb.socket 
    && chown -R appuser:appuser /home/appuser/app/mariadb.pid

USER appuser

ENTRYPOINT ["/home/appuser/app/start.sh"]

In the start.sh script i create the mariadb.cnf.

echo "Create mariadb configuration file"
echo "[mysqld]" > /home/appuser/data/mariadb.cnf
echo "port=3306" >> /home/appuser/data/mariadb.cnf
echo "socket=/home/appuser/app/mariadb.socket" >> /home/appuser/data/mariadb.cnf
echo "pid-file=/home/appuser/app/mariadb.pid" >> /home/appuser/data/mariadb.cnf
echo "datadir=/home/appuser/data/db" >> /home/appuser/data/mariadb.cnf
echo "symbolic-links=0" >> /home/appuser/data/mariadb.cnf
echo "bind-address=0.0.0.0" >> /home/appuser/data/mariadb.cnf
echo "console=1" >> /home/appuser/data/mariadb.cnf
echo "general_log=0" >> /home/appuser/data/mariadb.cnf
echo "general_log_file==/home/appuser/data/log/mariadb.log" >> /home/appuser/data/mariadb.cnf
echo "log_error=/home/appuser/data/log/mariadb_error.log" >> /home/appuser/data/mariadb.cnf
echo "collation-server=$MDB_COLLATION" >> /home/appuser/data/mariadb.cnf
echo "character-set-server=$MDB_CHARACTERSET" >> /home/appuser/data/mariadb.cnf

Afterwards i run mysql_install_db --defaults-file=/home/appuser/data/mariadb.cnf. In the console output i get the message that i only can access the root user with a system root account. But as you can see in the dockerfile i switch to the appuser and run start.sh afterwards, which makes it impossible to run sudo. My goal is to initialize mariadb without previleges within start.sh.

I tried to run mysqld with parameter --skip-grant-tables but then i am not able to set the root password. This result into error message The MariaDB server is running with the --skip-grant-tables option so it cannot execute this statement for ALTER USER and SET PASSWORD statement.

When i run a “FLUSH PRIVILEGES” before, every command (SET PASSWORD, ALTER USER) will result into Query OK, 0 rows affected. At least i tried to update the user with UPDATE mysql.user SET Password=PASSWORD('test3') WHERE USER='root' AND Host='localhost'; which results in ERROR 1348 (HY000): Column 'Password' is not updatable.

Till yet, i have absolutly no idea, how to configure a mysql database server without root permissions.

It will be great, if you have a solution for me.

Regards

Dave

Source: StackOverflow