module-puppetlabs-mysql/manifests/server/account_security.pp

# See README.md.
class mysql::server::account_security {
  mysql_user {
    [ 'root@127.0.0.1',
      'root@::1',
      '@localhost',
      '@%']:
    ensure  => 'absent',
    require => Anchor['mysql::server::end'],
  }
  if ($::fqdn != 'localhost.localdomain') {
    mysql_user {
      [ 'root@localhost.localdomain',
        '@localhost.localdomain']:
      ensure  => 'absent',
      require => Anchor['mysql::server::end'],
    }
  }
  if ($::fqdn and $::fqdn != 'localhost') {
    mysql_user {
      [ "root@${::fqdn}",
        "@${::fqdn}"]:
      ensure  => 'absent',
      require => Anchor['mysql::server::end'],
    }
  }
  if ($::fqdn != $::hostname) {
    if ($::hostname != 'localhost') {
      mysql_user { ["root@${::hostname}", "@${::hostname}"]:
        ensure  => 'absent',
        require => Anchor['mysql::server::end'],
      }
    }
  }
  mysql_database { 'test':
    ensure  => 'absent',
    require => Anchor['mysql::server::end'],
  }
}
references to README.md and default values were added to workaround warnings from puppet-lint 2015-04-15 23:25:37 +02:00			`# See README.md.`
Added mysql::server::account_security class. Secures the MySQL installation by removing the test database and the default users that are created during the MySQL first-run (root@${fqdn}, @%, @localhost, etc.). Includes rspec tests and updated documentation. 2012-04-24 08:41:12 +02:00			`class mysql::server::account_security {`
Use new provider names in manifests. Modify manifests and tests to handle the renamed providers. 2013-08-18 02:54:02 +02:00			`mysql_user {`
When fqdn==localhost account security breaks This is because the root@localhost account is already defined. Remove localdomain accounts if fqdn is localhost 2015-01-10 17:17:35 +01:00			`[ 'root@127.0.0.1',`
Some minor fixes to appease puppet lint 2013-04-11 19:02:41 +02:00			`'root@::1',`
			`'@localhost',`
			`'@%']:`
Added mysql::server::account_security class. Secures the MySQL installation by removing the test database and the default users that are created during the MySQL first-run (root@${fqdn}, @%, @localhost, etc.). Includes rspec tests and updated documentation. 2012-04-24 08:41:12 +02:00			`ensure => 'absent',`
Add mysql::globals and refactor mysql::server. This work adds a new mysql::globals class which contains a hash used to build my.cnf from. It's used to share this data across multiple classes so that the client and server can share this data. End users can modify content in my.cnf by including mysql::globals and passing in override_options as a hash that looks like: override_options = { 'mysqld' => { 'max_connections' => '120' } } This completely replaces the mess of parameters that existed in the main mysql class before. Completely refactor mysql::server and rework the API. This changes ordering, changes from execs{} to mysql_user for the root password, removes some functionality (like the etc_root_password), and generally makes some tough decisions about how mysql::server should be built. 2013-09-13 19:04:42 +02:00			`require => Anchor['mysql::server::end'],`
Added mysql::server::account_security class. Secures the MySQL installation by removing the test database and the default users that are created during the MySQL first-run (root@${fqdn}, @%, @localhost, etc.). Includes rspec tests and updated documentation. 2012-04-24 08:41:12 +02:00			`}`
When fqdn==localhost account security breaks This is because the root@localhost account is already defined. Remove localdomain accounts if fqdn is localhost 2015-01-10 17:17:35 +01:00			`if ($::fqdn != 'localhost.localdomain') {`
			`mysql_user {`
lint cleanup 2015-02-10 00:30:55 +01:00			`[ 'root@localhost.localdomain',`
			`'@localhost.localdomain']:`
When fqdn==localhost account security breaks This is because the root@localhost account is already defined. Remove localdomain accounts if fqdn is localhost 2015-01-10 17:17:35 +01:00			`ensure => 'absent',`
			`require => Anchor['mysql::server::end'],`
			`}`
			`}`
Resource fails when fqdn is not set. if server don't have domain name facter don't initialize fqdn and mysql_user resource fails with "...Invalid database user..." error. 2016-06-07 19:41:46 +02:00			`if ($::fqdn and $::fqdn != 'localhost') {`
When fqdn==localhost account security breaks This is because the root@localhost account is already defined. Remove localdomain accounts if fqdn is localhost 2015-01-10 17:17:35 +01:00			`mysql_user {`
			`[ "root@${::fqdn}",`
			`"@${::fqdn}"]:`
account security should not fail if hostname == fqdn This commit checks that hostaname and fqdn are not equal before trying to remove both. 2012-10-29 05:40:11 +01:00			`ensure => 'absent',`
Add mysql::globals and refactor mysql::server. This work adds a new mysql::globals class which contains a hash used to build my.cnf from. It's used to share this data across multiple classes so that the client and server can share this data. End users can modify content in my.cnf by including mysql::globals and passing in override_options as a hash that looks like: override_options = { 'mysqld' => { 'max_connections' => '120' } } This completely replaces the mess of parameters that existed in the main mysql class before. Completely refactor mysql::server and rework the API. This changes ordering, changes from execs{} to mysql_user for the root password, removes some functionality (like the etc_root_password), and generally makes some tough decisions about how mysql::server should be built. 2013-09-13 19:04:42 +02:00			`require => Anchor['mysql::server::end'],`
account security should not fail if hostname == fqdn This commit checks that hostaname and fqdn are not equal before trying to remove both. 2012-10-29 05:40:11 +01:00			`}`
			`}`
When fqdn==localhost account security breaks This is because the root@localhost account is already defined. Remove localdomain accounts if fqdn is localhost 2015-01-10 17:17:35 +01:00			`if ($::fqdn != $::hostname) {`
			`if ($::hostname != 'localhost') {`
			`mysql_user { ["root@${::hostname}", "@${::hostname}"]:`
			`ensure => 'absent',`
			`require => Anchor['mysql::server::end'],`
			`}`
			`}`
			`}`
Use new provider names in manifests. Modify manifests and tests to handle the renamed providers. 2013-08-18 02:54:02 +02:00			`mysql_database { 'test':`
Added mysql::server::account_security class. Secures the MySQL installation by removing the test database and the default users that are created during the MySQL first-run (root@${fqdn}, @%, @localhost, etc.). Includes rspec tests and updated documentation. 2012-04-24 08:41:12 +02:00			`ensure => 'absent',`
Add mysql::globals and refactor mysql::server. This work adds a new mysql::globals class which contains a hash used to build my.cnf from. It's used to share this data across multiple classes so that the client and server can share this data. End users can modify content in my.cnf by including mysql::globals and passing in override_options as a hash that looks like: override_options = { 'mysqld' => { 'max_connections' => '120' } } This completely replaces the mess of parameters that existed in the main mysql class before. Completely refactor mysql::server and rework the API. This changes ordering, changes from execs{} to mysql_user for the root password, removes some functionality (like the etc_root_password), and generally makes some tough decisions about how mysql::server should be built. 2013-09-13 19:04:42 +02:00			`require => Anchor['mysql::server::end'],`
Added mysql::server::account_security class. Secures the MySQL installation by removing the test database and the default users that are created during the MySQL first-run (root@${fqdn}, @%, @localhost, etc.). Includes rspec tests and updated documentation. 2012-04-24 08:41:12 +02:00			`}`
			`}`