Running RHEL 7.1, puppetlabs-mysql is not idempotent.
After a second run, puppet tries to change the SElinux context:
/File[mysql-config-file]/seltype: seltype changed 'etc_t' to
'mysqld_etc_t'
Since packaging already manages SElinux labels, we should not let
Puppet doing it (default behavior).
This patch aims to set selinux_ignore_defaults to True for the
mysql-config-file File resource.
Thanks to that patch, Puppet will be indempotent between all runs on
RHEL platforms.
Starting MariaDB 10.0.0, usernames are now 80 long.
Our mysql_user and mysql_grant types now take that into consideration.
This check is *opportunistic*. It will only take place if the
mysql_version fact is available. If that is not the case, it will be
skipped, leaving the database itself to deal with it, and returning its
error verbatim to our users, if it does fail.
Our fixed and extended tests assume this isn't the first run, and the
fact is already in place.
- There are older versions of mysql that do not support the privilege TRIGGER and need to change default to not include
http://dev.mysql.com/doc/refman/5.0/en/grant.html
'MySQL does not support the standard SQL UNDER privilege, and does not support the TRIGGER privilege until MySQL 5.1.6'
- Updated tests to have both 5.1.6 and 5.0.11 tests for mysql_version fact
This patch changes the raise_error matchers to use `catalogue` instead
of `subject` since `subject` is not evaluated the way it used to be;
changes a parameter value from empty string to nil to be compatible
with the future parser, and unpins rspec-puppet.
the recently added feature to support galera by allowing independent
creation of the root@localhost user in the DB and the /root/.my.cnf
file contains a bug.
specifically the .my.cnf file resource still requires the root@localhost
resource, even when it is not available.
this fixes the issue by making the dependency conditional.
https://tickets.puppetlabs.com/browse/MODULES-1676
This is identical to what PASSWORD('') in MySQL does:
5.6.22-debug-log> CREATE USER 'testpwd'@'localhost' IDENTIFIED BY 'foo';
Query OK, 0 rows affected (0.03 sec)
5.6.22-debug-log> SELECT User,Host,Password FROM mysql.user WHERE
User='testpwd';
+---------+-----------+-------------------------------------------+
| User | Host | Password |
+---------+-----------+-------------------------------------------+
| testpwd | localhost | *F3A2A51A9B0F2BE2468926B4132313728C250DBF |
+---------+-----------+-------------------------------------------+
1 row in set (0.01 sec)
5.6.22-debug-log> SET PASSWORD FOR 'testpwd'@'localhost' = PASSWORD('');
Query OK, 0 rows affected (0.00 sec)
5.6.22-debug-log> SELECT User,Host,Password FROM mysql.user WHERE
User='testpwd';
+---------+-----------+----------+
| User | Host | Password |
+---------+-----------+----------+
| testpwd | localhost | |
+---------+-----------+----------+
1 row in set (0.00 sec)
This uses CREATE USER xxx IDENTIFIED WITH yyy
For tests:
unix_socket is not loaded by default, so this might require:
install plugin unix_socket soname 'auth_socket.so';
The mysql_native_password plugin is available by default and
allows you to also set a password.
Try to make it compatible with MySQL < 5.5.7 it uses version
specific code with "/*!50508 stmt */"
This uses CREATE USER xxx IDENTIFIED WITH yyy
For tests:
unix_socket is not loaded by default, so this might require:
install plugin unix_socket soname 'auth_socket.so';
The mysql_native_password plugin is available by default and
allows you to also set a password.
As usernames containing special characters must be quoted, they
may have two extra characters that are not counted against the
size limit of 16 characters. This patch adds a regex to handle
this case.
Commit cdd7132ff9 added logic to catch invalid database usernames,
but the regex it uses fails to match usernames with special characters that are properly quoted,
causing errors with usernames that used to work in versions < 3.0.0. This fixes the regex so that
if the username is quoted, anything is allowed between the quotes.
From the docs (http://dev.mysql.com/doc/refman/5.5/en/identifiers.html):
"Permitted characters in quoted identifiers include the full Unicode Basic Multilingual Plane (BMP),
except U+0000"
