Thanks for the tip! Really wanted to avoid using backports. Changed the script and improved it a bunch. Should work now!
Neat trick for mysql_secure_installation! However, on modern Debian/Ubuntu systems, the script is no-op. Read the script to see what it does – by default, there is no anonymous user, test database or remote root accounts. Try to run (as you described) “SELECT User, Host, password, plugin from mysql.user;” on a fresh MariaDB installation.
I have not yet tried the script with Ubuntu or Debian Testing. This script is for for Debian stable (aka Debian 9) Have they removed those questions in upstream versions of mysql_secure_installation ? Thanks for the heads up.