You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@brooklyn.apache.org by al...@apache.org on 2016/01/18 23:15:06 UTC

[1/2] incubator-brooklyn git commit: Additional security for MySQL

Repository: incubator-brooklyn
Updated Branches:
  refs/heads/master 778bc5278 -> ba913f13a


Additional security for MySQL 

- it changes the default of sql_mode to include "NO_AUTO_CREATE_USER"
- it will prevent the GRANT statement from automatically creating new
user accounts unless authentication information is specified.

Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/10f5392d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/10f5392d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/10f5392d

Branch: refs/heads/master
Commit: 10f5392d57107ebc70b75e40f97b54c34b5bfc78
Parents: 93dd48d
Author: Yavor Yanchev <ya...@yanchev.com>
Authored: Mon Jan 18 17:51:22 2016 +0200
Committer: Yavor Yanchev <ya...@yanchev.com>
Committed: Mon Jan 18 17:51:22 2016 +0200

----------------------------------------------------------------------
 .../org/apache/brooklyn/entity/database/mysql/mysql.conf         | 4 ++++
 .../org/apache/brooklyn/entity/database/mysql/mysql_master.conf  | 4 ++++
 .../org/apache/brooklyn/entity/database/mysql/mysql_slave.conf   | 4 ++++
 3 files changed, 12 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
index 85f55ab..1583b73 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql.conf
@@ -15,5 +15,9 @@ datadir         = ${driver.dataDir}
 bind-address    = 0.0.0.0
 # skip-networking
 
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
 # Custom configuration options
 ${driver.mySqlServerOptionsString}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
index 791f2da..54a773b 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_master.conf
@@ -15,6 +15,10 @@ datadir         = ${driver.dataDir}
 bind-address    = 0.0.0.0
 # skip-networking
 
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
 # Replication config
 server-id       = 1
 binlog-format   = mixed

http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/10f5392d/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
----------------------------------------------------------------------
diff --git a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
index 1c69423..b4af02a 100644
--- a/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
+++ b/brooklyn-library/software/database/src/main/resources/org/apache/brooklyn/entity/database/mysql/mysql_slave.conf
@@ -16,6 +16,10 @@ datadir         = ${driver.dataDir}
 bind-address    = 0.0.0.0
 # skip-networking
 
+#Prevent the GRANT statement from automatically creating new user accounts if it would otherwise do so,
+#unless authentication information is specified
+sql_mode = NO_AUTO_CREATE_USER
+
 # Replication config
 server-id       = ${config["mysql.server_id"]}
 relay-log       = mysql-slave-${config["mysql.server_id"]}-relay

[2/2] incubator-brooklyn git commit: This closes #1157

Posted by al...@apache.org.

This closes #1157


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/ba913f13
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/ba913f13
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/ba913f13

Branch: refs/heads/master
Commit: ba913f13a732390ccbca9f958f2ec2c6f11a8285
Parents: 778bc52 10f5392
Author: Aled Sage <al...@gmail.com>
Authored: Mon Jan 18 22:14:51 2016 +0000
Committer: Aled Sage <al...@gmail.com>
Committed: Mon Jan 18 22:14:51 2016 +0000

----------------------------------------------------------------------
 .../org/apache/brooklyn/entity/database/mysql/mysql.conf         | 4 ++++
 .../org/apache/brooklyn/entity/database/mysql/mysql_master.conf  | 4 ++++
 .../org/apache/brooklyn/entity/database/mysql/mysql_slave.conf   | 4 ++++
 3 files changed, 12 insertions(+)
----------------------------------------------------------------------