Solve the problem that mariadb can log in directly without username and password

I don’t know if you have found out when you use mariadb that you can log in directly without specifying user and password. This is very unsafe for our database, which means that anyone can easily log in to your database. Then How should we solve this problem?
After checking the information on the Internet, I found that the direct login of mariadb is related to a plugin plug-in in its database. The default parameter of this plug-in is unix_socket, which means that password verification can be bypassed. Whoever logs in to it defaults to root user login. So there is no need to enter a username and password.

MariaDB [(none)]> select user, plugin from mysql.user;
4 +------+-------------+
5 | user | plugin      |
6 +------+-------------+
7 | root | unix_socket |
8 +------+-------------+
9 1 row in set (0.00 sec)

unix_socket: By default, the unix_socket plug-in will be used for authentication, bypassing password authentication,
so the solution is to change unix_socket to mysql_native_password

# 暂停数据库服务
[root@localhost etc]# systemctl stop mariadb
# 开启跳过验证的方式
[root@localhost etc]# mysqld_safe --skip-grant-tables
220922 10:49:32 mysqld_safe Logging to '/var/log/mariadb/mariadb.log'.
220922 10:49:32 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
已杀死

[root@localhost etc]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 13
Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

#修改plugin的参数，改为mysql_native_password，那样就可以要密码验证了
MariaDB [(none)]> UPDATE mysql.user SET authentication_string = PASSWORD('123456'), plugin = 'mysql_native_password' WHERE User = 'root';
Query OK, 4 rows affected (0.01 sec)
Rows matched: 4  Changed: 4  Warnings: 0

#刷新数据
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> select user, plugin from mysql.user;
+--------+-----------------------+
| user   | plugin                |
+--------+-----------------------+
| root   | mysql_native_password |
| root   | mysql_native_password |
| root   | mysql_native_password |
| root   | mysql_native_password |
|        |                       |
|        |                       |
| zabbix |                       |
+--------+-----------------------+
7 rows in set (0.00 sec)

MariaDB [(none)]> exit
Bye

Verify that the modification was successful

[root@localhost etc]# ps aux|grep mysql
root      47230  0.0  0.1 113412  1628 pts/0    S+   10:49   0:00 /bin/sh /usr/bin/mysqld_safe --skip-grant-tables
mysql     47379  0.9 11.1 1171812 111488 pts/0  Sl+  10:49   0:01 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-grant-tables --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
root      47465  0.0  0.0 112824   988 pts/1    R+   10:51   0:00 grep --color=auto mysql
[root@localhost etc]# kill -9 47230
[root@localhost etc]# kill -9 47379
[root@localhost etc]# systemctl restart mariadb
[root@localhost etc]# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
[root@localhost etc]# mysql -uroot
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

Reference Blog: Solve the problem of MariaDB logging in without a password