然后,在客户端也要加载身份验证插件。用户客户化安装的mysql,在尝试连接的时候会遇到错误,需要使用单独的client library。
比如,来设置一下使用测试验证插件进行用户认证。
mysql> INSTALL PLUGIN test_plugin_server SONAME 'auth_test_plugin.so';
Query OK, 0 rows affected (0,01 sec)
mysql> CREATE USER 'sveta'@'%' IDENTIFIED WITH test_plugin_server;
Query OK, 0 rows affected (0,01 sec)
不使用--plugin-dir选项,直接使用mysql客户端连接数据库会报错:
$ mysql -usveta
ERROR 2059 (HY000): Authentication plugin 'auth_test_plugin' cannot be loaded: /usr/local/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin/auth_test_plugin.so: cannot open shared object file: No such file or directory
为了避免这个错误,需要指定--plugin-dir(在参数文件中、或命令行):
$ mysql -usveta --plugin-dir=/home/sveta/mysqlpackages/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 28
Server version: 8.0.25-15 Percona Server (GPL), Release 15, Revision a558ec2
Copyright (c) 2009-2021 Percona LLC and/or its affiliates
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> \q
Bye
包含PAM authentication plugin在内,所有的plugins都要求客户端加载一个外部库。否则会报错:
ERROR 2059 (HY000): Authentication plugin 'dialog' cannot be loaded: /usr/local/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin/dialog.so: cannot open shared object file: No such file or directory
Oracle兼容的auth_pam_compat插件没有遇到这个问题,因为它使用了内嵌的mysql_clear_password,而不是dialog.so插件