You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by al...@apache.org on 2016/01/18 23:15:06 UTC
[1/2] incubator-brooklyn git commit: Additional security for MySQL
Repository: incubator-brooklyn
Updated Branches:
refs/heads/master 778bc5278 -> ba913f13a
Additional security for MySQL
- it changes the default of sql_mode to include "NO_AUTO_CREATE_USER"
- it will prevent the GRANT statement from automatically creating new
user accounts unless authentication information is specified.
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/10f5392d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/10f5392d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/10f5392d
Branch: refs/heads/master
Commit: 10f5392d57107ebc70b75e40f97b54c34b5bfc78
Parents: 93dd48d
Author: Yavor Yanchev <ya...@yanchev.com>
Authored: Mon Jan 18 17:51:22 2016 +0200
Committer: Yavor Yanchev <ya...@yanchev.com>
Committed: Mon Jan 18 17:51:22 2016 +0200
----------------------------------------------------------------------
.../org/apache/brooklyn/entity/database/mysql/mysql.conf | 4 ++++
.../org/apache/brooklyn/entity/database/mysql/mysql_master.conf | 4 ++++
.../org/apache/brooklyn/entity/database/mysql/mysql_slave.conf | 4 ++++
3 files changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
index 85f55ab..1583b73 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
@@ -15,5 +15,9 @@ datadir = ${driver.dataDir}
bind-address = 0.0.0.0
# skip-networking
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
# Custom configuration options
${driver.mySqlServerOptionsString}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
index 791f2da..54a773b 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
@@ -15,6 +15,10 @@ datadir = ${driver.dataDir}
bind-address = 0.0.0.0
# skip-networking
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
# Replication config
server-id = 1
binlog-format = mixed
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
index 1c69423..b4af02a 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
@@ -16,6 +16,10 @@ datadir = ${driver.dataDir}
bind-address = 0.0.0.0
# skip-networking
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
# Replication config
server-id = ${config["mysql.server_id"]}
relay-log = mysql-slave-${config["mysql.server_id"]}-relay
[2/2] incubator-brooklyn git commit: This closes #1157
Posted by al...@apache.org.
This closes #1157
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/ba913f13
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/ba913f13
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/ba913f13
Branch: refs/heads/master
Commit: ba913f13a732390ccbca9f958f2ec2c6f11a8285
Parents: 778bc52 10f5392
Author: Aled Sage <al...@gmail.com>
Authored: Mon Jan 18 22:14:51 2016 +0000
Committer: Aled Sage <al...@gmail.com>
Committed: Mon Jan 18 22:14:51 2016 +0000
----------------------------------------------------------------------
.../org/apache/brooklyn/entity/database/mysql/mysql.conf | 4 ++++
.../org/apache/brooklyn/entity/database/mysql/mysql_master.conf | 4 ++++
.../org/apache/brooklyn/entity/database/mysql/mysql_slave.conf | 4 ++++
3 files changed, 12 insertions(+)
----------------------------------------------------------------------