When MySQL client connects to the server it uses one of the authentication plugins. On the server-side, plugins are located in the directory, specified by the option plugin-dir that defaults to BASEDIR/lib/plugin where BASEDIR is the base directory of your MySQL installation. This perfectly works whenever you install MySQL using package manager, or from the Linux tarball.
However, authentication plugins should be also loaded on the client-side. If you installed MySQL into the custom location, you may end up with an error when trying to connect using any plugin requiring a separate client library.
For example, let’s set the Test authentication plugin to authenticate a user:
1 2 3 4 5 | mysql?> INSTALL PLUGIN test_plugin_server SONAME 'auth_test_plugin.so'; Query OK, 0 rows affected (0,01 sec) mysql?> CREATE USER 'sveta'@'%' IDENTIFIED WITH test_plugin_server; Query OK, 0 rows affected (0,01 sec) |
Then, if you run the mysql client without option --plugin-dir , you will get an error:
1 2 | $ mysql -usveta ERROR 2059 (HY000): Authentication plugin 'auth_test_plugin' cannot be loaded: /usr/local/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin/auth_test_plugin.so: cannot open shared object file: No such file or directory |
To avoid this error, specify --plugin-dir either in the configuration file or as a command-line parameter:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | $ mysql -usveta --plugin-dir=/home/sveta/mysqlpackages/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 28 Server version: 8.0.25-15 Percona Server (GPL), Release 15, Revision a558ec2 Copyright (c) 2009-2021 Percona LLC and/or its affiliates Copyright (c) 2000, 2021, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql?> \q Bye |
This issue is applicable to all plugins that require loading an external library at the client-side, including the PAM authentication plugin. In this case, you will get the error ERROR 2059 (HY000): Authentication plugin 'dialog' cannot be loaded: /usr/local/Percona-Server-8.0.25-15-Linux.x86_64.glibc2.17/lib/plugin/dialog.so: cannot open shared object file: No such file or directory
Oracle-compatible auth_pam_compat plugin does not experience this issue, because, instead of dialog.so it uses the built-in mysql_clear_password plugin.
See also:
PAM plugin does not enforce plugin_dir when installed from tarball
MySQL and MariaDB authentication against pam_unix