What is debian-sys-maint used for?
One major thing it is used for is telling the server to roll the logs. It needs at least the reload and shutdown privilege.
See the file /etc/logrotate.d/mysql-server
It is used by the /etc/init.d/mysql
script to get the status of the server. It is used to gracefully shutdown/reload the server.
Here is the quote from the README.Debian
* MYSQL WON'T START OR STOP?:
=============================
You may never ever delete the special mysql user "debian-sys-maint". This user
together with the credentials in /etc/mysql/debian.cnf are used by the init
scripts to stop the server as they would require knowledge of the mysql root
users password else.
What is the easiest way to restore it after I've lost it?
The best plan is to simply not lose it. If you really lose the password, reset it, using another account. If you have lost all admin privileges on the mysql server follow the guides to reset the root password, then repair the debian-sys-maint
.
You could use a command like this to build a SQL file that you can use later to recreate the account.
mysqldump --complete-insert --extended-insert=0 -u root -p mysql | grep 'debian-sys-maint' > debian_user.sql
Is the password in
/etc/mysql/debian.cnf already hashed
The password is not hashed/encrypted when installed, but new versions of mysql now have a way to encrypt the credentials (see: https://serverfault.com/a/750363).
You can do it using the normal GRANT system in MySQL. But the user you're using will need all the same access they're trying to GRANT. You can only do GRANTs with the same permissions or less than your current user.
Don't start messing around with the system tables, it's not necessary.
Best Answer
I don't think there's any way to set up mysql users from system root without clobbering the existing mysql root user (unless you happen to have a fully-privileged mysql user that doesn't happen to be root.) Some database engines (like Oracle) recognize a particular system user as a DBA user, but to the best of my knowledge MySQL doesn't do that.
If you can find the right person at the university who has the mysql root info, that'll be the simplest way.
Another option would be to set up a separate instance of mysql running off a different data directory, and start with a clean set of user permissions.
Or, as a long shot, poke around in root's home directory for a .my.cnf file that has the mysql root credentials stuffed in it.