MDEV-23494: mysql_install_db add --auth-root-password-env option

scripts/mysql_install_db.sh

@@ -41,6 +41,7 @@ auth_root_socket_user='root'
 tzdir=
 skip_anonymous=
 explicit_hostname=
+root_password=
 
 dirname0=`dirname $0 2>/dev/null`
 dirname0=`dirname $dirname0 2>/dev/null`
@@ -63,6 +64,11 @@ Usage: $0 [OPTIONS]
                        to 'root'.
   --auth-root-hostname=name
                        Use name as host for root user without DNS resolving it.
+                       (for --auth-root-authentication-method=normal)
+  --auth-root-password-env
+                       Use the \$MARIADB_ROOT_PASSWORD as the root user password.
+                       (needs to be SQL escaped, for
+                       --auth-root-authentication-method=normal)
   --basedir=path       The path to the MariaDB installation directory.
   --builddir=path      If using --srcdir with out-of-directory builds, you
                        will need to set this to the location of the build
@@ -181,6 +187,8 @@ parse_arguments()
 	auth_root_authentication_method=socket ;;
       --auth-root-hostname=*)
         explicit_hostname=`parse_arg "$arg"` ;;
+      --auth-root-password-env)
+        root_password=$MARIADB_ROOT_PASSWORD ;;
       --auth-root-authentication-method=*)
         usage ;;
       --auth-root-socket-user=*)
@@ -553,16 +561,17 @@ cat_sql()
   fi
   case "$auth_root_authentication_method" in
     normal)
-      install_params="$install_params
-  SET @skip_auth_root_nopasswd=NULL;
-  SET @auth_root_socket=NULL;" ;;
+      echo "SET @skip_auth_root_native_password=NULL;"
+      echo "SET @auth_root_password='$root_password';"
+      echo "SET @auth_root_socket=NULL;"
+      ;;
     socket)
-      install_params="$install_params
-  SET @skip_auth_root_nopasswd=1;
-  SET @auth_root_socket='$auth_root_socket_user';" ;;
+      echo "SET @skip_auth_root_native_password=1;"
+      echo "SET @auth_root_socket='$auth_root_socket_user';"
+      ;;
   esac
 
-  echo "$install_params"; cat "$create_system_tables" "$create_system_tables2" "$fill_system_tables" "$fill_help_tables" "$maria_add_gis_sp";
+  cat "$create_system_tables" "$create_system_tables2" "$fill_system_tables" "$fill_help_tables" "$maria_add_gis_sp";
 
   if test ! -z "$tzdir"
   then

scripts/mysql_system_tables_data.sql

@@ -38,14 +38,15 @@ DROP TABLE tmp_db;
 
 -- Fill "user" table with default users allowing root access
 -- from local machine if "user" table didn't exist before
-CREATE TEMPORARY TABLE tmp_user_nopasswd LIKE user;
+CREATE TEMPORARY TABLE tmp_user_native_password LIKE user;
 CREATE TEMPORARY TABLE tmp_user_socket LIKE user;
 CREATE TEMPORARY TABLE tmp_user_anonymous LIKE user;
 -- Classic passwordless root account.
-INSERT INTO tmp_user_nopasswd VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N', 'N','', 0);
-REPLACE INTO tmp_user_nopasswd SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0 FROM dual WHERE @current_hostname != 'localhost';
-REPLACE INTO tmp_user_nopasswd VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0);
-REPLACE INTO tmp_user_nopasswd VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N', '', 0);
+SET @pass=IF(@auth_root_password='', '', PASSWORD(@auth_root_password));
+INSERT INTO tmp_user_native_password VALUES ('localhost','root', @pass,'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N', 'N','', 0);
+REPLACE INTO tmp_user_native_password SELECT @current_hostname,'root',@pass,'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0 FROM dual WHERE @current_hostname != 'localhost';
+REPLACE INTO tmp_user_native_password VALUES ('127.0.0.1','root',@pass,'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0);
+REPLACE INTO tmp_user_native_password VALUES ('::1','root',@pass,'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N', '', 0);
 -- More secure root account using unix socket auth.
 INSERT INTO tmp_user_socket VALUES ('localhost',IFNULL(@auth_root_socket, 'root'),'','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'unix_socket','','N', 'N','', 0);
 IF @auth_root_socket is not null THEN
@@ -55,10 +56,10 @@ IF @auth_root_socket is not null THEN
 INSERT INTO tmp_user_anonymous (host,user) VALUES ('localhost','');
 INSERT INTO tmp_user_anonymous (host,user) SELECT @current_hostname,'' FROM dual WHERE @current_hostname != 'localhost';
 
-INSERT INTO user SELECT * FROM tmp_user_nopasswd WHERE @had_user_table=0 AND @skip_auth_root_nopasswd IS NULL;
+INSERT INTO user SELECT * FROM tmp_user_native_password WHERE @had_user_table=0 AND @skip_auth_root_native_password IS NULL;
 INSERT INTO user SELECT * FROM tmp_user_socket WHERE @had_user_table=0 AND @auth_root_socket IS NOT NULL;
 INSERT INTO user SELECT * FROM tmp_user_anonymous WHERE @had_user_table=0 AND @skip_auth_anonymous IS NULL;
-DROP TABLE tmp_user_nopasswd, tmp_user_socket, tmp_user_anonymous;
+DROP TABLE tmp_user_native_password, tmp_user_socket, tmp_user_anonymous;
 
 CREATE TEMPORARY TABLE tmp_proxies_priv LIKE proxies_priv;
 INSERT INTO tmp_proxies_priv VALUES ('localhost', 'root', '', '', TRUE, '', now());