Does NextCloud requires root access to database?

Hello,

By looking into Nextcloud database, I’ve seen that the root user doesn’t have a password, but rely on mysql_native_password to authenticate.
As this plugin may be used by libraries, does NextCloud requires admin rights to work/perform updates?
If yes, I let this as is despite this authentication having a security warning by mariaDB .
if no, I prefer to set a robust password.

Technical details:
Nextcloud 20.0.3 installed

Best regards,

Does NextCloud requires root access to database?

No.

Normally

  • Linux-root (e.g. sudo) installs MariaDB
  • MariaDB has got an MariaDB-root-user with password (e.g. set on install for security reason)
  • MariaDB-root-user creates user MariaDB-nextcloud-user
  • MariaDB-root-user creates datase MariaDB-nextcloud-db
  • MariaDB-root-user sets permissions for MariaDB-nextcloud-user for MariaDB-nextcloud-db
  • set configuration in /path/to/nextcloud/config/config.php

Read installation guide:
https://www.howtoforge.com/tutorial/how-to-install-nextcloud-on-debian-10
https://www.howtoforge.com/tutorial/ubuntu-nginx-nextcloud

With no password for MariaDB-root-user and/or MariaDB-nextcloud-user there is a security risk.

Normally you can access MariaDB only from “localhost”. Than there is no high risk.

You can set the MariaDB-root-user-account after installation.

Sorry german:
https://canox.net/2017/08/passwort-fuer-den-root-benutzer-von-mariadb-setzen/

Or read:
https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password

Hello,

Thanks, I didn’t expect such fast answer ^^