2

When I install WAMP and go to http://localhost/phpmyadmin in Windows 10 I'm logged in automatically, but in Ubuntu Desktop 15.10 it always asks me for the root user and the root password; While these two appear automatically I always need to click "Go" to log in...

  1. Why in Windows 10 this is not happening and I am logged in automatically?
  2. How could this process be automated in Ubuntu? I didn't find any such option in the interface.

I should note that I am the only one who uses this system - It's on my PC.

  • I must say I thought of publish this in SU and even started writing it there but indeed it seems something dictated by the OS and thus I asked here... –  Mar 01 '16 at 00:25
  • You need to look for the directories where the logs are written..they should be owned by the user(chown command) which is running the program. Or try sudo as suggested by @j0h – Ashu Mar 01 '16 at 05:13
  • My mistake, I misunderstood the question. in both cases, you are opening to the admin console via a browser? You could use a macro or script to provide the user-name, and password, although storing the passwd unencrypted is a security risk too. – j0h Mar 01 '16 at 12:06
  • Yes I am opening this with Firefox in both Win10 and Ubuntu but in Ubuntu there won't be the auto login... –  Mar 01 '16 at 13:35
  • is the server you are logging into on the local machine, or on a remote host? – j0h Mar 09 '16 at 14:12
  • local machine on my PC (on a VB virtual machine). –  Mar 09 '16 at 16:02

2 Answers2

0

Preface

I've had this before.

I take it you know the risks of enabling passwordless root login to the database; also in order for this to work you'll have to store root's password in a file in plain text. If you have a sane configuration no webserver user will be able to read the file, but the file by default is readable by everyone in the system. Keep that in mind.

Solution

Edit /etc/phpmyadmin/config.inc.php with whatever editor as root; there will be two /* Authentication type */ lines each followed by a //$cfg['Servers'][$i]['auth_type'] = 'cookie'; line; you'll have to edit one of the two //$cfg['Servers'][$i]['auth_type'] = 'cookie'; according to how you installed PHPMyAdmin:

  • If you configured PHPMyAdmin with dbconfig-common, pick the first one (the one inside the if (!empty($dbname)) {} block);
  • If you didn't configure PHPMyAdmin with dbconfig-common, pick the second one (the one outside any block);

Replace the approriate line with the following:

$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['username'] = 'root';
$cfg['Servers'][$i]['password'] = 'password'; // Replace password with the actual root password

That's it. From now on every time you'll visit PHPMyAdmin's index page you'll be automatically logged in as root.

Notes

As for why Windows 10 and Ubuntu 15.10 behave differently, they're simply not meant to behave the same way. It could be simply that they come configured differently by default, however if I recall correctly PHPMyAdmin used to come configured as in Windows in previous versions (many versions ago, but don't take this for granted). They're simply not meant to be configured the same way and they don't.

The package distributed on Ubuntu as always could have been subjected to modifications upstream: the way a package comes configured is always up to the package's mantainer, and does have to match no Windows configuration.

kos
  • 35,891
  • Hello kos --- I searched through "config.inc.php" (the only config.inc" file I found in that directory but I couldn't find any row with the syntax <<< $cfg['Servers'][$i]['password'] = 'password'; >>> ... Maybe I should go on the first option but I think I didn't understand what needs to be done there... –  Mar 16 '16 at 16:57
  • 1
    @Benia Sorry, I mispelled the filename. You have to look for this line: $cfg['Servers'][$i]['auth_type'] = 'cookie';, not for this line: $cfg['Servers'][$i]['password'] = 'password';; there will be two of them by default in the file: you should pick the first one if you configured PHPMyAdmin using dbconfig-common, or the second one otherwise. Once you've picked one, you need to replace it with the three lines I listed at the end (changing the last one so that it matches your root password). – kos Mar 16 '16 at 18:17
  • It worked! btw, indeed I putted there my very own root password and it's something I'd like to avoid by principle... Can I create another "PHPmyadmin" root password or something unique to PHPmyadmin? Sorry if there is no such concept or what I wrote seems idiotic - I'm very new to Linux and Ubuntu... If there is any solution to that as well it can be very nice and if you have such solution and want to publish it as an answer I don't care open another question or you could publish a question, link it to that thread and add the answer; I guess I would love to thumb it all up... :) –  Mar 16 '16 at 21:18
  • 1
    @Benia I'm afraid I don't think so, I've never heard of of something like that. However a sane webserver configuration shouldn't allow webserver users to read that file at all. If the concern is local users accessing the file you could chmod the file to 750, or even to 700 if you want to also prevent users in root's group from reading it. That way no one will be able to read the file but root, which seems to be safe enough (the only concern being, as always, users with physical access). – kos Mar 17 '16 at 04:49
  • As a Linux freshman, I thought that putting it in 750 will disable the access of programs (which i identified with "others") and will thus make the server nonfunctional ... –  Mar 17 '16 at 08:15
  • 1
    That file should be read only by PHPMyAdmin, after all it contains PHPMyAdmin's configuration: since PHPMyAdmin runs as root, leaving read / write / execute permissions to the owner (root) is enough, and consequently the bare minimum permissions for that file are 700. Which programs are you referring to? – kos Mar 17 '16 at 12:36
  • I refereed to any programs who is directed to make use of the file (including a possible malignant bot)... But if I put the file at 700 so that only the owner will have access to it, the PHPmyadmin software will work just fine. –  Mar 17 '16 at 12:41
  • A possible evil bot is another reason why one should change the permissions to 700 :). As I said before I see no reason to leave it world / group-readable, only the user running PHPMyAdmin (root) should be able to read it. – kos Mar 17 '16 at 12:51
0

I might have an answer for #1. My guess is that Windows 10 is logged in because the connection is coming from localhost, or the local machine.

Austin Haakenson
  • 3