What does mysql root means?

6.1.5 How to Run MySQL as a Normal User

On Windows, you can run the server as a Windows service using a normal user account.

On Linux, for installations performed using a MySQL repository, RPM packages, or Debian packages, the MySQL server mysqld should be started by the local mysql operating system user. Starting by another operating system user is not supported by the init scripts that are included as part of the installation.

On Unix (or Linux for installations performed using tar or tar.gz packages) , the MySQL server mysqld can be started and run by any user. However, you should avoid running the server as the Unix root user for security reasons. To change mysqld to run as a normal unprivileged Unix user user_name, you must do the following:

1. Stop the server if it is running (use mysqladmin shutdown).

2. Change the database directories and files so that user_name has privileges to read and write files in them (you might need to do this as the Unix root user):

   $> chown -R user_name /path/to/mysql/datadir

   If you do not do this, the server is unable to access databases or tables when it runs as user_name.

   If directories or files within the MySQL data directory are symbolic links, chown -R might not follow symbolic links for you. If it does not, you must also follow those links and change the directories and files they point to.

3. Start the server as user user_name. Another alternative is to start mysqld as the Unix root user and use the --user=user_name option. mysqld starts, then switches to run as the Unix user user_name before accepting any connections.

4. To start the server as the given user automatically at system startup time, specify the user name by adding a user option to the [mysqld] group of the /etc/my.cnf option file or the my.cnf option file in the server's data directory. For example:

   [mysqld]
   user=user_name

If your Unix machine itself is not secured, you should assign passwords to the MySQL root account in the grant tables. Otherwise, any user with a login account on that machine can run the mysql client with a --user=root option and perform any operation. (It is a good idea to assign passwords to MySQL accounts in any case, but especially so when other login accounts exist on the server host.) See Section 2.10.4, “Securing the Initial MySQL Account”.

The MySQL installation process involves initializing the data directory, including the grant tables in the mysql system schema that define MySQL accounts. For details, see Section 3.1, “Initializing the Data Directory”.

This section describes how to assign a password to the initial root account created during the MySQL installation procedure, if you have not already done so.

Note

Alternative means for performing the process described in this section:

• On Windows, you can perform the process during installation with MySQL Installer (see MySQL Installer for Windows).

• On all platforms, the MySQL distribution includes mysql_secure_installation, a command-line utility that automates much of the process of securing a MySQL installation.

• On all platforms, MySQL Workbench is available and offers the ability to manage user accounts (see MySQL Workbench ).

A password may already be assigned to the initial account under these circumstances:

• On Windows, installations performed using MySQL Installer give you the option of assigning a password.

• Installation using the macOS installer generates an initial random password, which the installer displays to the user in a dialog box.

• Installation using RPM packages generates an initial random password, which is written to the server error log.

• Installations using Debian packages give you the option of assigning a password.

• For data directory initialization performed manually using mysqld --initialize, mysqld generates an initial random password, marks it expired, and writes it to the server error log. See Section 3.1, “Initializing the Data Directory”.

The mysql.user grant table defines the initial MySQL user account and its access privileges. Installation of MySQL creates only a 'root'@'localhost' superuser account that has all privileges and can do anything. If the root account has an empty password, your MySQL installation is unprotected: Anyone can connect to the MySQL server as root without a password and be granted all privileges.

The 'root'@'localhost' account also has a row in the mysql.proxies_priv table that enables granting the PROXY privilege for ''@'', that is, for all users and all hosts. This enables root to set up proxy users, as well as to delegate to other accounts the authority to set up proxy users. See Section 4.19, “Proxy Users”.

To assign a password for the initial MySQL root account, use the following procedure. Replace root-password in the examples with the password that you want to use.

Start the server if it is not running. For instructions, see Section 3.2, “Starting the Server”.

The initial root account may or may not have a password. Choose whichever of the following procedures applies:

• If the root account exists with an initial random password that has been expired, connect to the server as root using that password, then choose a new password. This is the case if the data directory was initialized using mysqld --initialize, either manually or using an installer that does not give you the option of specifying a password during the install operation. Because the password exists, you must use it to connect to the server. But because the password is expired, you cannot use the account for any purpose other than to choose a new password, until you do choose one.

  1. If you do not know the initial random password, look in the server error log.

  2. Connect to the server as root using the password:

     $> mysql -u root -p
     Enter password: (enter the random root password here)

  3. Choose a new password to replace the random password:

     mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'root-password';

• If the root account exists but has no password, connect to the server as root using no password, then assign a password. This is the case if you initialized the data directory using mysqld --initialize-insecure.

  1. Connect to the server as root using no password:

     $> mysql -u root --skip-password

  2. Assign a password:

     mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'root-password';

After assigning the root account a password, you must supply that password whenever you connect to the server using the account. For example, to connect to the server using the mysql client, use this command:

$> mysql -u root -p
Enter password: (enter root password here)

To shut down the server with mysqladmin, use this command:

$> mysqladmin -u root -p shutdown
Enter password: (enter root password here)

What is MySQL root?

How do I get root in MySQL?

Should I run MySQL as root?

What is localhost and root in MySQL?