Jcrespo has uploaded a new change for review. https://gerrit.wikimedia.org/r/320822
Change subject: Enable unix socket authentication everywhere ...................................................................... Enable unix socket authentication everywhere Bug: T150446 Change-Id: I618c9c62bf8e91e7890b6006a8ef38e184d496f6 --- M templates/mariadb/dbstore.my.cnf.erb M templates/mariadb/eventlogging.my.cnf.erb M templates/mariadb/labs.my.cnf.erb M templates/mariadb/parsercache.my.cnf.erb M templates/mariadb/phabricator.my.cnf.erb M templates/mariadb/sanitarium.my.cnf.erb M templates/mariadb/sanitarium2.my.cnf.erb M templates/mariadb/tendril.my.cnf.erb M templates/mariadb/tools.my.cnf.erb M templates/mariadb/wikitech.my.cnf.erb 10 files changed, 30 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/22/320822/1 diff --git a/templates/mariadb/dbstore.my.cnf.erb b/templates/mariadb/dbstore.my.cnf.erb index 7d2dd9a..b11d39d 100644 --- a/templates/mariadb/dbstore.my.cnf.erb +++ b/templates/mariadb/dbstore.my.cnf.erb @@ -30,6 +30,9 @@ server_id = <%= @server_id %> read_only = 0 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + secure_file_priv = /dev/null max_connections = 250 max_allowed_packet = 32M diff --git a/templates/mariadb/eventlogging.my.cnf.erb b/templates/mariadb/eventlogging.my.cnf.erb index c50aa6c..d4f1264 100644 --- a/templates/mariadb/eventlogging.my.cnf.erb +++ b/templates/mariadb/eventlogging.my.cnf.erb @@ -27,6 +27,9 @@ <% end -%> read_only = <%= @read_only %> +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + log_bin log_slave_updates skip-external-locking diff --git a/templates/mariadb/labs.my.cnf.erb b/templates/mariadb/labs.my.cnf.erb index fd657ad..cb802d2 100644 --- a/templates/mariadb/labs.my.cnf.erb +++ b/templates/mariadb/labs.my.cnf.erb @@ -14,6 +14,9 @@ server_id = <%= @server_id %> read_only = 0 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + skip-external-locking skip-name-resolve #skip-slave-start diff --git a/templates/mariadb/parsercache.my.cnf.erb b/templates/mariadb/parsercache.my.cnf.erb index 5547763..edcdb43 100644 --- a/templates/mariadb/parsercache.my.cnf.erb +++ b/templates/mariadb/parsercache.my.cnf.erb @@ -27,6 +27,9 @@ # Parsercache needs to be writeable (no masters). read_only = 0 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + log_bin log_slave_updates skip-external-locking diff --git a/templates/mariadb/phabricator.my.cnf.erb b/templates/mariadb/phabricator.my.cnf.erb index fb4065b..6d4d655 100644 --- a/templates/mariadb/phabricator.my.cnf.erb +++ b/templates/mariadb/phabricator.my.cnf.erb @@ -33,6 +33,9 @@ <% end -%> read_only = <%= @read_only %> +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + log_bin log_slave_updates skip-external-locking diff --git a/templates/mariadb/sanitarium.my.cnf.erb b/templates/mariadb/sanitarium.my.cnf.erb index 7e9de21..416be66 100644 --- a/templates/mariadb/sanitarium.my.cnf.erb +++ b/templates/mariadb/sanitarium.my.cnf.erb @@ -9,6 +9,9 @@ user = mysql read_only = 1 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + skip-external-locking skip-name-resolve skip-slave-start diff --git a/templates/mariadb/sanitarium2.my.cnf.erb b/templates/mariadb/sanitarium2.my.cnf.erb index 15d59fd..4369912 100644 --- a/templates/mariadb/sanitarium2.my.cnf.erb +++ b/templates/mariadb/sanitarium2.my.cnf.erb @@ -16,6 +16,9 @@ user = mysql read_only = 1 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + skip-external-locking skip-name-resolve skip-slave-start diff --git a/templates/mariadb/tendril.my.cnf.erb b/templates/mariadb/tendril.my.cnf.erb index b9a6f41f..d38c776 100644 --- a/templates/mariadb/tendril.my.cnf.erb +++ b/templates/mariadb/tendril.my.cnf.erb @@ -20,6 +20,9 @@ server_id = <%= @server_id %> read_only = 0 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + secure_file_priv = /dev/null max_connections = 250 max_allowed_packet = 32M diff --git a/templates/mariadb/tools.my.cnf.erb b/templates/mariadb/tools.my.cnf.erb index af1f5f8..ce09a5c 100644 --- a/templates/mariadb/tools.my.cnf.erb +++ b/templates/mariadb/tools.my.cnf.erb @@ -28,6 +28,9 @@ server_id = <%= @server_id %> read_only = 0 +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + log_bin = /srv/labsdb/binlogs/log log_bin_index = /srv/labsdb/binlogs/log.index log_slave_updates diff --git a/templates/mariadb/wikitech.my.cnf.erb b/templates/mariadb/wikitech.my.cnf.erb index e3148bc..62828a3 100644 --- a/templates/mariadb/wikitech.my.cnf.erb +++ b/templates/mariadb/wikitech.my.cnf.erb @@ -18,6 +18,9 @@ <% end -%> read_only = <%= @read_only %> +# enable socket authentication +plugin-load = unix_socket=auth_socket.so + log_bin log_slave_updates skip-external-locking -- To view, visit https://gerrit.wikimedia.org/r/320822 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I618c9c62bf8e91e7890b6006a8ef38e184d496f6 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Jcrespo <jcre...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
