39 lines
1.6 KiB
YAML
39 lines
1.6 KiB
YAML
# NOTE: this file contains the default configuration for the 'mysql' hardening
|
|
# code. If you want to override any settings you must add them to a file
|
|
# called hardening.yaml in the root directory of your charm using the
|
|
# name 'mysql' as the root key followed by any of the following with new
|
|
# values.
|
|
|
|
hardening:
|
|
mysql-conf: /etc/mysql/my.cnf
|
|
hardening-conf: /etc/mysql/conf.d/hardening.cnf
|
|
|
|
security:
|
|
# @see http://www.symantec.com/connect/articles/securing-mysql-step-step
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_chroot
|
|
chroot: None
|
|
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_safe-user-create
|
|
safe-user-create: 1
|
|
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_secure-auth
|
|
secure-auth: 1
|
|
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_symbolic-links
|
|
skip-symbolic-links: 1
|
|
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_skip-show-database
|
|
skip-show-database: True
|
|
|
|
# @see http://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html#sysvar_local_infile
|
|
local-infile: 0
|
|
|
|
# @see https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_allow-suspicious-udfs
|
|
allow-suspicious-udfs: 0
|
|
|
|
# @see https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html#sysvar_automatic_sp_privileges
|
|
automatic-sp-privileges: 0
|
|
|
|
# @see https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_secure-file-priv
|
|
secure-file-priv: /tmp
|