/
/
Database recovery failed with an error

Database recovery failed with an error

Symptoms

When trying to import or recover a user from a backup, the panel displays the errors «Failed to restore the database» and «Database query failed» respectively.

In both cases, the following error can be seen in the panel log at /usr/local/mgr5/var/ispmgr.log:

db ERROR query error: Your password does not satisfy the current policy requirements

Causes

The database user password does not comply with the MySQL database server policy.

Solution

The password policy in MySQL is controlled by the validate_password plugin.

To check the current MySQL password policy, follow the steps below:

  1. Connect to the server via SSH;
  2. Connect to MySQL by running the command:
    • mysql - for a native database server;
    • mysql -h IP-ADDRESS-P PORT -uroot -p - for an alternative database server.
  3. Enter SQL query:
    SHOW VARIABLES LIKE 'validate_password_policy';

The output will contain the password complexity level value:

  • LOW - the password must contain at least 8 characters;
  • MEDIUM - LOW level conditions + the password must contain at least one lowercase letter, one uppercase letter, one number and one special character;
  • STRONG - MEDIUM level conditions + the password is also checked for inconsistency with passwords from the connected dictionary.

MEDIUM level is set by default.

PLEASE  NOTE!

If the output contains the line «Empty set (0.00 sec)», then the validate_password plugin is not installed and the error is caused by a different reason. In this case, please contact the ispmanager support team.

To prevent the existing password from interfering with the import, temporarily change the password requirements by reducing the password complexity level and disabling the check for special characters. To do so, run the following SQL queries:

SET GLOBAL validate_password_policy = "LOW";
SET GLOBAL validate_password_special_char_count = 0;

Next, perform a recovery/import of the database and after a successful attempt, return the parameters to default values:

SET GLOBAL validate_password_policy = "MEDIUM";
SET GLOBAL validate_password_special_char_count = 1;

Additional information

If the validate_password plugin was configured manually, you can view the current password requirements using the following SQL query to the database server:

SHOW VARIABLES LIKE 'validate%';

The following parameters are available for modification:

  • validate_password_check_user_name — checking the password against the username.
  • validate_password_dictionary_file — file with a dictionary of forbidden passwords.
  • validate_password_length — minimum password length.
  • validate_password_mixed_case_count — minimum number of lowercase and uppercase letters in a password (for MEDIUM level policies and above).
  • validate_password_number_count — minimum number of digits in a password (for MEDIUM level policies and above).
  • validate_password_policy — setting a specific password policy.
  • validate_password_special_char_count — minimum number of special characters in a password (for MEDIUM level policies and above).

For more information about all plugin parameters, please refer to the official documentation!