diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2015-06-03 19:11:25 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:54:11 +0200 |
| commit | 9eb84317dd1ecca2f43cb4d5ffa940753eb5984a (patch) | |
| tree | 21245b28d4c1a5dfc00deaeacd8bc787c2e0adcc | |
| parent | 2b308feeeaf36017e4255c2685b7a5609b290957 (diff) | |
SQL: Set empty passwords for auth_socket authentication.
| -rw-r--r-- | roles/IMAP/tasks/spam.yml | 2 | ||||
| -rw-r--r-- | roles/common-SQL/tasks/main.yml | 2 | ||||
| -rw-r--r-- | roles/lists/tasks/sympa.yml | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/roles/IMAP/tasks/spam.yml b/roles/IMAP/tasks/spam.yml index a8fbe71..b8ac466 100644 --- a/roles/IMAP/tasks/spam.yml +++ b/roles/IMAP/tasks/spam.yml @@ -34,30 +34,30 @@ - spamassassin/local.cf - spamassassin/v310.pre - spamassassin/v320.pre notify: - Restart Amavis - name: Provision /etc/default/spamassassin lineinfile: dest=/etc/default/spamassassin regexp='^(\s*#)?\s*{{ item.var }}=' "line={{ item.var }}={{ item.value }}" owner=root group=root mode=0644 with_items: - { var: ENABLED, value: 0 } - { var: CRON, value: 1 } - name: Create a 'amavis' SQL user # This *must* be the user we run spamd as # See https://svn.apache.org/repos/asf/spamassassin/trunk/sql/README.bayes mysql_user: > - name=amavis auth_plugin=auth_socket + name=amavis password= auth_plugin=auth_socket priv="spamassassin.awl: SELECT,INSERT,UPDATE,DELETE /spamassassin.bayes_seen: SELECT,INSERT, DELETE /spamassassin.bayes_token: SELECT,INSERT,UPDATE,DELETE /spamassassin.bayes_global_vars: SELECT /spamassassin.bayes_vars: SELECT,INSERT,UPDATE,DELETE /spamassassin.bayes_expire: SELECT,INSERT, DELETE" state=present notify: - Restart Amavis diff --git a/roles/common-SQL/tasks/main.yml b/roles/common-SQL/tasks/main.yml index a26f5f4..b5c6773 100644 --- a/roles/common-SQL/tasks/main.yml +++ b/roles/common-SQL/tasks/main.yml @@ -9,37 +9,37 @@ # users. - mysql-common - mysql-server - python-mysqldb - name: Copy MySQL's configuration copy: src=etc/mysql/my.cnf dest=/etc/mysql/my.cnf owner=root group=root mode=0644 register: r notify: - Restart MySQL # We need to restart now and load the relevant authplugin before we # connect to the database. - meta: flush_handlers # XXX Dirty fix for #742046 - name: Force root to use UNIX permissions - mysql_user: name=root auth_plugin=auth_socket + mysql_user: name=root password= auth_plugin=auth_socket state=present - name: Disallow anonymous and TCP/IP root login mysql_user: name={{ item.name|default('') }} host={{ item.host }} state=absent with_items: - { host: '{{ inventory_hostname_short }}' } - { host: 'localhost' } - { host: '127.0.0.1'} - { host: '::1'} - { name: root, host: '{{ inventory_hostname_short }}' } - { name: root, host: '127.0.0.1'} - { name: root, host: '::1'} - name: Start MySQL service: name=mysql state=started diff --git a/roles/lists/tasks/sympa.yml b/roles/lists/tasks/sympa.yml index 49a1423..245e148 100644 --- a/roles/lists/tasks/sympa.yml +++ b/roles/lists/tasks/sympa.yml @@ -1,27 +1,27 @@ - apt: pkg={{ item }} install_recommends=no with_items: - mysql-server - sympa - name: Make the 'sympa' MySQL user use auth_socket - mysql_user: name=sympa auth_plugin=auth_socket + mysql_user: name=sympa password= auth_plugin=auth_socket state=present - name: Configure Sympa copy: src=etc/sympa/{{ item }} dest=/etc/sympa/{{ item }} owner=root group=sympa mode=0644 with_items: - sympa.conf - wwsympa.conf - topics.conf register: r1 notify: - Restart Sympa - name: Create Virtual hosts for Sympa (1) file: path=/etc/sympa/{{ item }} state=directory owner=root group=root mode=0755 |