# HG changeset patch # User IBBoard # Date 1650480229 -3600 # Node ID ab9311e91aca0e11ef321cb9eb5baa390a917875 # Parent 4e9959052fb6878922dcd41498e315a3a3f6ac28 Make sure main DB admin gets GRANT OPTION! diff -r 4e9959052fb6 -r ab9311e91aca modules/website/manifests/mysql.pp --- a/modules/website/manifests/mysql.pp Wed Apr 20 19:43:19 2022 +0100 +++ b/modules/website/manifests/mysql.pp Wed Apr 20 19:43:49 2022 +0100 @@ -56,7 +56,7 @@ $password = strip($mysqlpassword) $configured_marker = "/etc/.${mysqlprefix}.is-configured" exec { 'Rename root MySQL user for security': - command => "mysql -uroot -e 'GRANT ALL ON *.* TO \"$username\"@\"localhost\" IDENTIFIED BY \"$password\"; DELETE FROM mysql.user WHERE User = \"root\" AND plugin != \"unix_socket\"; DELETE FROM mysql.user WHERE User = \"\"; FLUSH PRIVILEGES;' && touch $configured_marker", + command => "mysql -uroot -e 'GRANT ALL ON *.* TO \"$username\"@\"localhost\" IDENTIFIED BY \"$password\" WITH GRANT OPTION; DELETE FROM mysql.user WHERE User = \"root\" AND plugin != \"unix_socket\"; DELETE FROM mysql.user WHERE User = \"\"; FLUSH PRIVILEGES;' && touch $configured_marker", provider => shell, creates => $configured_marker, require => Class['mysql::server'],