Per https://tickets.puppetlabs.com/browse/MODULES-3441, the mysql
module has behaviour which varies by server version. The version is
discovered by running mysqld -V. On hosts without a MySQL server
package install, this fails, which means that contrary to the README,
it's not actually possible to use this module to manage a remote db.
This PR moves the version string discovery into a new fact,
mysqld_version which is used by the provider. This makes it possible
to configure the db version with a custom fact when a remote db
(eg AWS RDS) is being managed.
MySQL from CentOS SCL repository is installed in different location. You should also check for binaries in this location.
Without this change puppet returns error like: Could not find a suitable provider for mysql_datadir
On Gentoo, mysql_install_db script is installed into /usr/share/mysql/scripts
and therefore is not found by mysql_datadir type.
This commit adds scripts path to ENV['PATH'] so it can be found.
MySQL-server-advanced installs install the 'mysql' directory in /var/lib/mysql by default,
therefore the check fails and does not run mysql_install_db.
Check is adjusted to check if any files exist in the directory.
Change the behaviour of applying user and grant related changes to use
the system database of MySQL.
This is a workaround to fix a bug in MySQL
(https://bugs.mysql.com/bug.php?id=65923) that causes users and grants
to be replicated, even if the "mysql" database should not be replicated.
Remove added notices and revert to debug
Add support for Percona
Use log-error for mysqld initialize
Improve description of error log argument
Should be --log-error
Default mysqld_type return value should be "mysql" if another type is not detected. Returning nil breaks mysql 5.7.11 on Ubuntu (at least) due to the conditional used in mysql_user provider.
Change mysql_grant provider to ignore/delete double-quotes -- as it does with single quotes and backticks -- in the returned list of existing grants. With ANSI_QUOTES enabled in MySQL's sql_mode, grant identifiers (e.g. database name) are quoted with double-quotes rather than backticks, for example "foo".* vs. `foo`.*. This breaks mysql_grant's evaluation of existing grants and causes it to apply grants with every run.
If a user exists in the database upon first Puppet run (for example, in the case of loading a database snapshot) and the run sets that user's :ensure attribute to 'absent', the mysql_grant provider will throw an error when the dependency chain causes it to try to destroy the grants associated with that user because the DROP statement from the mysql_user provider already removed the grants. To fix, we must check if the user exists before revoking the grants.
- Added MySQL version and flavour detection support
- Added mysql_datadir provider/type (replaces Exec[mysql_install_db])
- Added version specific parameters my.cnf ([mysqld-5.X] sections)
- Version specific user mangement SQL (ALTER USER for 5.7.6++ ...)
Rebased-By: David Schmitt <david.schmitt@puppetlabs.com>
The password column has been renamed to authentication_string in MySQL >=5.7.6.
By using: SELECT /*!50706 AUTHENTICATION_STRING AS */ PASSWORD the query will
continue to work in older versions as well as newer ones.
This uses CREATE USER xxx IDENTIFIED WITH yyy
For tests:
unix_socket is not loaded by default, so this might require:
install plugin unix_socket soname 'auth_socket.so';
The mysql_native_password plugin is available by default and
allows you to also set a password.
Try to make it compatible with MySQL < 5.5.7 it uses version
specific code with "/*!50508 stmt */"
This uses CREATE USER xxx IDENTIFIED WITH yyy
For tests:
unix_socket is not loaded by default, so this might require:
install plugin unix_socket soname 'auth_socket.so';
The mysql_native_password plugin is available by default and
allows you to also set a password.
* Mysql uses the underscore character to represent a single character
wildcard.
* A grant on table `the_database`.* would match `theAdatabase`.*, so
underscores must be escaped to avoid this match.
* The output from mysql escapes special characters (\n, \t, \0, and \\),
but the input does not need to be escaped.
* In order for the provider to compare the tables, the output of
mysql -NBe <query> must have \\ substituted with \.
Old regex is : /^GRANT\s(.+)\sON\s(.+)\sTO\s(.*)@(.*?)(\s.*)$/ . The
last part (\s.*)$ means "a space followed by anything". The issue is
that when user has no GRANT privileges, the "SHOW GRANTS FOR #{user_string}" returns
"GRANT SELECT ON `database`.* TO 'user'@'%'" which does not match (\s.*)$ .
This small patch fixes this making last bloc optional (thanks to '?').
On MySQL v5.5.38, creating a database such as:
CREATE DATABASE `mydb` CHARACTER SET binary COLLATE binary;
seems to hit a parser bug. A workaround is simply to quote COLLATE
`binary`. As the quoting is harmless, and for aesthetics, quote both
the CHARACTER SET and COLLATE arguments.
Check for database existence when dropping to prevent
ERROR 1008 (HY000): Can't drop database 'test'; database doesn't exist
Signed-off-by: Ray Lehtiniemi <rayl@mail.com>
If database grant has backslash in database name (for example: example\_dev), then puppet will try to apply same resource every run because MySQL reports that table name with double backslash (for example: example\\_dev). By global replace of double backslash with single one, this issue is fixed.
In the grant provider users are fetched by querying mysql.user table. Grants
for those users are fetched using show grants for... syntax. This can lead to
errors, when some of the users in mysql.user table do not have currently
active grants.
This happens at least when MySQL is started with --skip-name-resolve option,
when there are users with the hostname part specified as a FQDN. Such users are
created by mysql_install_db. This leads to problems if mysql::account_security
is included for the node and skip-name-resolve is specified in override_options
hash for mysql::server.
Includes acceptance test for the change.
A prior commit accidently broke this, meaning that mysql_database
was querying the mysql defaults instead of each individual database
when trying to determine the current collate settings.
this should avoid errors like:
ERROR 1007 (HY000): Can't create database 'MyDB'; database exists
This error can cause a multi-master replication to stop due to conflicting
commands between nodes. For example, if the command create DB is run in
different nodes and then they will send it in the replication logs to each
other and then they will try to run them second time and fail.
Added "require" to the global mysql.rb file like in the other provider files.
defaults-file changed to defaults-extra-file in all the database_* (old) providers, the same as in the mysql_* providers.
Changed defaults-file to defaults-extra-file in all test files
Should load the .my.cnf file with "--defaults-extra-file" instead of "--defaults-file". This is necessary if we have global my.cnf file but we want to use both of them.
Because arrays are ordered lists, Puppet compares the list of retrieved
privileges against the defined privilege list. This causes it to
reapply privilege if the ordering differs. We now forcibly order in
the type and the provider to make sure we never falsely reapply
privileges.
