+ rule insserv_remove mysql
+ rule adduser mysql \
+ --disabled-login \
+ --disabled-password \
+ --group \
+ --home /home/mysql \
+ --shell /bin/false \
+ --system
+ rule adduser mysql-data \
+ --disabled-login \
+ --disabled-password \
+ --group \
+ --home /home/mysql/data \
+ --no-create-home \
+ --shell /bin/false \
+ --system
+ sudo usermod --home /home/mysql mysql
+ sudo adduser mysql mysql-data
+ sudo install -d -m 751 -o mysql -g mysql \
+ /home/mysql
+ sudo rm -rf /etc/mysql
+ sudo install -d -m 750 -o mysql -g mysql \
+ /etc/mysql \
+ /etc/mysql/conf.d \
+ /home/mysql/etc
+ sudo ln -fns \
+ /etc/mysql \
+ /home/mysql/etc/mysql
+ sudo install -m 644 -o mysql -g mysql \
+ "$tool"/etc/mysql/my.cnf \
+ /etc/mysql/my.cnf
+ if sudo test ! -d /home/mysql/data
+ then
+ sudo install -d -m 750 -o mysql -g mysql-data \
+ /home/mysql/data
+ sudo -u mysql mysql_install_db \
+ --datadir=/home/mysql/data \
+ --no-defaults
+ fi
+ rule runit_configure mysql
+ while ! sudo -u mysql mysql -u mysql </dev/null
+ do sleep 0.3; done
+ # NOTE:
+ # - ajoute l'accès par socket Unix à mysql
+ # - ajoute les droits de super-utilisateur à mysql
+ # - supprime l'accès par mot-de-passe à root
+ # - supprime les bases de données de l'utilisateurice anonyme
+ # - supprime l'utilisateurice anonyme
+ # NOTE: mémo :
+ # GRANT USAGE ON *.* TO 'root'@'*' IDENTIFIED WITH auth_socket;
+ # CREATE USER 'root'@'localhost' IDENTIFIED WITH auth_socket;
+ # UPDATE mysql.user SET Password='' WHERE user='root';
+ # DELETE FROM mysql.user WHERE user = 'root' AND host NOT IN ('localhost', '127.0.0.1', '::1');
+ sudo mysql -u root --batch --verbose <<-EOF
+ DELETE FROM mysql.user WHERE user = 'root' and plugin = '';
+ DROP PROCEDURE IF EXISTS mysql.create_user_mysql;
+ DELIMITER //
+ CREATE PROCEDURE mysql.create_user_mysql ()
+ BEGIN
+ IF NOT (EXISTS (SELECT User
+ FROM mysql.user
+ WHERE User='mysql'
+ AND Host='localhost'
+ LIMIT 1))
+ THEN GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' IDENTIFIED WITH auth_socket;
+ END IF;
+ END;
+ //
+ CALL mysql.create_user_mysql();
+ DROP PROCEDURE mysql.create_user_mysql;
+ UPDATE mysql.user SET grant_priv='Y',super_priv='Y' WHERE user='mysql';
+ DELETE FROM mysql.db WHERE user = '';
+ DELETE FROM mysql.user WHERE user = '';
+ FLUSH PRIVILEGES;
+ EOF
+ }
+rule_mysql_db_add () { # SYNTAX: $user $db
+ sudo -u mysql mysql --batch <<-EOF
+ DROP DATABASE IF EXISTS $db;
+ CREATE DATABASE $db CHARACTER SET utf8 COLLATE utf8_general_ci;
+ GRANT ALL PRIVILEGES ON $base.* TO '$user'@'localhost' IDENTIFIED WITH auth_socket;
+ FLUSH PRIVILEGES;
+ EOF
+ }
+rule_mysql_user_add () { # SYNTAX: $user
+ sudo mysql -u mysql --batch <<-EOF || true
+ DROP USER '$user'@'localhost';
+ EOF
+ sudo mysql -u mysql --batch <<-EOF
+ CREATE USER '$user'@'localhost' IDENTIFIED WITH auth_socket;
+ EOF