-rule adduser log-"$sv"\
+rule apt_get_install mysql-server-5.5
+rule insserv_remove mysql
+
+eval "home=~$sv"
+
+rule adduser mysql \
--disabled-login \
--disabled-password \
--group \
- --home /home/mysql/log \
+ --home "$home" \
--shell /bin/false \
--system
-sudo install -d -m 770 -o log-"$sv" -g log-"$sv" \
- /home/mysql/log
+rule adduser mysql-data \
+ --disabled-login \
+ --disabled-password \
+ --group \
+ --home "$home"/data \
+ --no-create-home \
+ --shell /bin/false \
+ --system
+sudo usermod --home "$home" mysql
+sudo adduser mysql mysql-data
+sudo install -d -m 755 -o mysql -g mysql \
+ "$home" \
+ "$home"/bin
+sudo rm -rf /etc/mysql
+sudo install -d -m 750 -o mysql -g mysql-data \
+ /etc/mysql \
+ /etc/mysql/conf.d \
+ "$home"/etc
+sudo ln -fns \
+ /etc/mysql \
+ "$home"/etc/mysql
+sudo install -m 644 -o mysql -g mysql \
+ "$tool"/etc/mysql/my.cnf \
+ /etc/mysql/my.cnf
+if sudo test ! -d "$home"/data
+ then
+ sudo install -d -m 750 -o mysql -g mysql-data \
+ "$home"/data
+ sudo -u mysql mysql_install_db \
+ --datadir="$home"/data \
+ --no-defaults
+ fi
+
+sudo find "$tool"/etc/mysql/bin/ -type f -perm /+x -exec \
+ install -m 755 -o root -g root \
+ -t /home/mysql/bin/ {} +
+
+sudo ln -fns \
+ ../sv/"$sv" \
+ /etc/service/"$sv"
+rule _runit_sv_start "$sv"
+while ! sudo -u mysql mysql -u mysql </dev/null
+do sleep 1; done
+
+# NOTE:
+# - ajoute l'accès par socket Unix à mysql
+# - ajoute les droits de super-utilisateur à mysql
+# - supprime l'accès par mot-de-passe à root
+# - supprime les bases de données de l'utilisateurice anonyme
+# - supprime l'utilisateurice anonyme
+# NOTE: mémo :
+# GRANT USAGE ON *.* TO 'root'@'*' IDENTIFIED WITH auth_socket;
+# CREATE USER 'root'@'localhost' IDENTIFIED WITH auth_socket;
+# UPDATE mysql.user SET Password='' WHERE user='root';
+# DELETE FROM mysql.user WHERE user = 'root' AND host NOT IN ('localhost', '127.0.0.1', '::1');
+sudo mysql -u root --batch --verbose <<-EOF
+ DELETE FROM mysql.user WHERE user = 'root' and plugin = '';
+
+ DROP PROCEDURE IF EXISTS mysql.create_user_mysql;
+ DELIMITER //
+ CREATE PROCEDURE mysql.create_user_mysql ()
+ BEGIN
+ IF NOT (EXISTS (SELECT User
+ FROM mysql.user
+ WHERE User='mysql'
+ AND Host='localhost'
+ LIMIT 1))
+ THEN GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' IDENTIFIED WITH auth_socket;
+ END IF;
+ END;
+ //
+ CALL mysql.create_user_mysql();
+ DROP PROCEDURE mysql.create_user_mysql;
+ UPDATE mysql.user SET grant_priv='Y',super_priv='Y' WHERE user='mysql';
+ DELETE FROM mysql.db WHERE user = '';
+ DELETE FROM mysql.user WHERE user = '';
+
+ DROP PROCEDURE IF EXISTS mysql.create_user;
+ CREATE PROCEDURE mysql.create_user (username VARCHAR(16), hostname VARCHAR(60))
+ BEGIN
+ IF NOT (EXISTS (SELECT User
+ FROM mysql.user
+ WHERE User = username
+ AND Host = hostname
+ LIMIT 1))
+ THEN
+ SET @QUERY = CONCAT("CREATE USER ", username, "@", hostname, " IDENTIFIED WITH auth_socket");
+ PREPARE stmt FROM @QUERY;
+ EXECUTE stmt;
+ END IF;
+ END;
+ //
+
+ DROP PROCEDURE IF EXISTS mysql.create_database;
+ CREATE PROCEDURE mysql.create_database (dbname VARCHAR(16), username VARCHAR(16), hostname VARCHAR(60))
+ BEGIN
+ IF NOT (EXISTS (SELECT SCHEMA_NAME
+ FROM INFORMATION_SCHEMA.SCHEMATA
+ WHERE SCHEMA_NAME = dbname
+ LIMIT 1))
+ THEN
+ SET @QUERY = CONCAT("CREATE DATABASE ", dbname, " CHARACTER SET utf8 COLLATE utf8_general_ci");
+ PREPARE stmt FROM @QUERY;
+ EXECUTE stmt;
+ END IF;
+ SET @QUERY = CONCAT("GRANT ALL PRIVILEGES ON ", dbname, ".* TO ", username, "@", hostname);
+ PREPARE stmt FROM @QUERY;
+ EXECUTE stmt;
+ END;
+ //
+
+ FLUSH PRIVILEGES;
+ EOF
dépôts / lhc / ateliers.git / blobdiff