Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce login_user and login_password for user and database creation #43

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

szEvEz
Copy link

@szEvEz szEvEz commented May 14, 2024

No description provided.

@fauust
Copy link
Owner

fauust commented May 15, 2024

Hi @szEvEz!
Thanks for your PR.

Can you describe why you think that this is necessary? Also, as you can see, this role is tested with the molecule framework, if we introduce this new feature, I would like to add a test for it. Do you have any suggestion?

@szEvEz
Copy link
Author

szEvEz commented May 15, 2024

Hi @fauust,

if I set the root users password and disallow socket_authentication, I need to be able to pass username and password for user and database creation.

I can have a look at writing a test for it!

@fauust
Copy link
Owner

fauust commented May 15, 2024

Ok, rephrasing: why won't you use the socket authentication?

I am just curious about the use case since it seems really not practical to me (in the context of Ansible deployment).

(There might be an excellent reason that I am no aware of)...

@szEvEz
Copy link
Author

szEvEz commented May 15, 2024

Ah, got it!

From my point of view this is a security concern. I want to set a password for the root user and disallow socket_authentication because I do not want passwordless authentication for the root user.
There is even a script provided by the initial installation process mysql_secure_installation, which configures these settings.

There were also some comments on this here

To clarify: I don't want any local user (not even root) to be able to connect to the database directly using unix_socket without issuing a password. This is because I setup encryption-at-rest and it would not add too much extra security if one can 'root' the machine and easily circumvent this encryption (by just logging in as root using the unix_socket).

Some weaknesses using this mechanism are documented here as well.

With the arguments I've introduced, the end-user can still chose which path to go, which from my perspective is pretty neat - what do you think?

@fauust
Copy link
Owner

fauust commented May 16, 2024

Ok, so, I am in favor of giving as much flexibility to users but I am wondering if there is not a miss-understanding of what unix_socket authentication is.

Am I understanding correctly that in your setup the root user can't read (or write) the MariaDB data directory ( /var/lib/mysql usually). If that's not the case and if the root user has read/write access to the datadir, then adding a password authentication does not add any extra security (it's the contrary actually).

If that's the case then I understand your point and I am curious of some pointers about how you achieve that (encryption-at-rest ?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants