What is debian-sys-maint used for?
One major thing it is used for is telling the server to roll the logs. It needs at least the reload and shutdown privilege.
See the file /etc/logrotate.d/mysql-server
It is used by the /etc/init.d/mysql
script to get the status of the server. It is used to gracefully shutdown/reload the server.
Here is the quote from the README.Debian
* MYSQL WON'T START OR STOP?:
=============================
You may never ever delete the special mysql user "debian-sys-maint". This user
together with the credentials in /etc/mysql/debian.cnf are used by the init
scripts to stop the server as they would require knowledge of the mysql root
users password else.
What is the easiest way to restore it after I've lost it?
The best plan is to simply not lose it. If you really lose the password, reset it, using another account. If you have lost all admin privileges on the mysql server follow the guides to reset the root password, then repair the debian-sys-maint
.
You could use a command like this to build a SQL file that you can use later to recreate the account.
mysqldump --complete-insert --extended-insert=0 -u root -p mysql | grep 'debian-sys-maint' > debian_user.sql
Is the password in
/etc/mysql/debian.cnf already hashed
The password is not hashed/encrypted when installed, but new versions of mysql now have a way to encrypt the credentials (see: https://serverfault.com/a/750363).
The file that you want to take a look at is config.inc.php which should be in the root directory of your phpMyAdmin folder, for information on the settings you can put in this file take a look at http://wiki.phpmyadmin.net/pma/Quick_Install#Manually.
For a very basic config file, backup the old one, and create a new one with the following contents
<?php
// use here a value of your choice (maximum 46 characters):
$cfg['blowfish_secret'] = 'a8b7c6d';
$i = 0;
$i++;
// 'cookie' (or 'http' , especially if mcrypt could not be loaded,
// but cookie giving more meaningful error messages in the testing phase)
// older PHP versions had some problems with "cookie" on 64 bit boxes though
$cfg['Servers'][$i]['auth_type'] = 'cookie';
// PHP 5 support for new MySQL 4.1.3+ features:
$cfg['Servers'][$i]['extension'] = 'mysqli';
// if you insist on "root" having no password, pma3 needs:
$cfg['Servers'][$i]['AllowNoPasswordRoot'] = true;
?>
Best Answer
So it turns out that MySQL 5.7 now allows a user of the same name to access MySQL if the authentication type is "auth_socket". I'm personally not a fan - so the solution was found here:
https://www.percona.com/blog/2016/03/16/change-user-password-in-mysql-5-7-with-plugin-auth_socket/