Improve output from mariadb-secure-installation to be more honest

The script is not useful in Debian, and likely misleading to users.
Improve the output to be more clear about what it is doing or is not
doing.

Merged on 'main' in
https://github.com/MariaDB/server/commit/3a08a8e3d2212f3f60937b3fd97207c3ea7b933a
and thus included in MariaDB 12.3 onward.

Forwarded: https://github.com/MariaDB/server/pull/4457

Gbp-Pq: Name Improve-output-from-mariadb-secure-installation-to-be-mor.patch

diff --git a/scripts/mysql_secure_installation.sh b/scripts/mysql_secure_installation.sh
index 58833988b10438e5133723b3604a44808a3f66af..f9f020e5f7b5a1be818d554f7773eb75083a42d4 100755 (executable)
--- a/scripts/mysql_secure_installation.sh
+++ b/scripts/mysql_secure_installation.sh
@@ -338,7 +338,8 @@ set_root_password() {
 remove_anonymous_users() {
     do_query "DELETE FROM mysql.global_priv WHERE User='';"
     if [ $? -eq 0 ]; then
-       echo " ... Success!"
+  echo "SQL executed without errors!"
+  echo "The operation might have been successful, or it might have not done anything."
     else
        echo " ... Failed!"
        clean_and_exit
@@ -350,7 +351,8 @@ remove_anonymous_users() {
 remove_remote_root() {
     do_query "DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
     if [ $? -eq 0 ]; then
-       echo " ... Success!"
+  echo "SQL executed without errors!"
+  echo "The operation might have been successful, or it might have not done anything."
     else
        echo " ... Failed!"
     fi
@@ -360,7 +362,8 @@ remove_test_database() {
     echo " - Dropping test database..."
     do_query "DROP DATABASE IF EXISTS test;"
     if [ $? -eq 0 ]; then
-       echo " ... Success!"
+  echo "SQL executed without errors!"
+  echo "The operation might have been successful, or it might have not done anything."
     else
        echo " ... Failed!  Not critical, keep moving..."
     fi
@@ -368,7 +371,8 @@ remove_test_database() {
     echo " - Removing privileges on test database..."
     do_query "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
     if [ $? -eq 0 ]; then
-       echo " ... Success!"
+  echo "SQL executed without errors!"
+  echo "The operation might have been successful, or it might have not done anything."
     else
        echo " ... Failed!  Not critical, keep moving..."
     fi
@@ -413,12 +417,12 @@ prepare
 set_echo_compat
 
 echo
-echo "NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB"
-echo "      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!"
+echo "NOTE: MariaDB is secure by default in Debian. Running this script is"
+echo "      useless at best, and misleading at worst. This script will be"
+echo "      removed in a future MariaDB release in Debian. Please read"
+echo "      /usr/share/doc/mariadb-server/README.Debian.gz for details."
 echo
-echo "In order to log into MariaDB to secure it, we'll need the current"
-echo "password for the root user. If you've just installed MariaDB, and"
-echo "haven't set the root password yet, you should just press enter here."
+echo "Enter root user password or leave blank:"
 echo
 
 get_root_password
@@ -450,7 +454,7 @@ else
   emptypass=0
   do_query "UPDATE mysql.global_priv SET priv=json_set(priv, '$.password_last_changed', UNIX_TIMESTAMP(), '$.plugin', 'mysql_native_password', '$.authentication_string', 'invalid', '$.auth_or', json_array(json_object(), json_object('plugin', 'unix_socket'))) WHERE User='root';"
   if [ $? -eq 0 ]; then
-   echo "Enabled successfully!"
+   echo "Enabled successfully (or at least no errors was emitted)!"
    echo "Reloading privilege tables.."
    reload_privilege_tables
    if [ $? -eq 1 ]; then