From 805602a24ca60d815b827685a26ac76a5731bb7c Mon Sep 17 00:00:00 2001 From: Derek Higgins Date: Thu, 17 Jan 2013 19:23:47 -0500 Subject: [PATCH] replacing mysql::server::account_security mysql::server::account_security throws an error if the mysql server has no fqdn. For now we can't change version of puppet module. Instead we're defining our own version at top level. https://bugzilla.redhat.com/show_bug.cgi?id=896156 https://bugzilla.redhat.com/show_bug.cgi?id=896107 Change-Id: I485db86f59435d0bc07122edb96a7c153233dc70 --- packstack/puppet/templates/mysql.pp | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/mysql.pp b/packstack/puppet/templates/mysql.pp index 2bea76e35..0437c312f 100644 --- a/packstack/puppet/templates/mysql.pp +++ b/packstack/puppet/templates/mysql.pp @@ -4,8 +4,21 @@ class {"mysql::server": root_password => "%(CONFIG_MYSQL_PW)s",} } -class {"mysql::server::account_security": - require => Class["mysql::server"], +# deleting database users for security +# this is done in mysql::server::account_security but has problems +# when there is no fqdn, so we're defining a slightly different one here +database_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%%' ]: + ensure => 'absent', require => Class['mysql::config'], +} +if ($::fqdn != "") { + database_user { [ "root@${::fqdn}", "@${::fqdn}"]: + ensure => 'absent', require => Class['mysql::config'], + } +} +if ($::fqdn != $::hostname) { + database_user { ["root@${::hostname}", "@${::hostname}"]: + ensure => 'absent', require => Class['mysql::config'], + } } class {"keystone::db::mysql":