Skip to content

Commit

Permalink
Execute check of error logfile permissions only when log_error is def…
Browse files Browse the repository at this point in the history 
…ined (#477)

Signed-off-by: 123quhiwiwk <70281681+123quhiwiwk@users.noreply.github.com>
  • Loading branch information
@123quhiwiwk
123quhiwiwk authored Aug 24, 2021
1 parent 78bab3f commit 4671a32
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 0 deletions.
1 change: 1 addition & 0 deletions roles/mysql_hardening/tasks/configure.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
owner: '{{ mysql_hardening_user }}'
group: '{{ mysql_hardening_group }}'
mode: '0640'
when: mysql_settings.settings.log_error != ""

- name: Check mysql configuration-directory exists and has right permissions
file:
Expand Down
6 changes: 6 additions & 0 deletions roles/mysql_hardening/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
register: mysql_version

- name: Check MySQL/MariaDB settings
community.mysql.mysql_info:
filter: settings
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
register: mysql_settings

# see https://stackoverflow.com/a/59451077/2953919 for the
# dict2items and vice versa magic
- name: Drop the secure-auth parameter on MySQL >=8.0.3 (not mariadb)
Expand Down

0 comments on commit 4671a32

Please sign in to comment.