mirror of
https://github.com/dev-sec/ansible-collection-hardening
synced 2024-09-20 13:21:52 +00:00
Execute check of error logfile permissions only when log_error is defined (#477)
Signed-off-by: 123quhiwiwk <70281681+123quhiwiwk@users.noreply.github.com>
This commit is contained in:
parent
78bab3f710
commit
4671a32062
2 changed files with 7 additions and 0 deletions
|
@ -23,6 +23,7 @@
|
||||||
owner: '{{ mysql_hardening_user }}'
|
owner: '{{ mysql_hardening_user }}'
|
||||||
group: '{{ mysql_hardening_group }}'
|
group: '{{ mysql_hardening_group }}'
|
||||||
mode: '0640'
|
mode: '0640'
|
||||||
|
when: mysql_settings.settings.log_error != ""
|
||||||
|
|
||||||
- name: Check mysql configuration-directory exists and has right permissions
|
- name: Check mysql configuration-directory exists and has right permissions
|
||||||
file:
|
file:
|
||||||
|
|
|
@ -44,6 +44,12 @@
|
||||||
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
|
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
|
||||||
register: mysql_version
|
register: mysql_version
|
||||||
|
|
||||||
|
- name: Check MySQL/MariaDB settings
|
||||||
|
community.mysql.mysql_info:
|
||||||
|
filter: settings
|
||||||
|
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
|
||||||
|
register: mysql_settings
|
||||||
|
|
||||||
# see https://stackoverflow.com/a/59451077/2953919 for the
|
# see https://stackoverflow.com/a/59451077/2953919 for the
|
||||||
# dict2items and vice versa magic
|
# dict2items and vice versa magic
|
||||||
- name: Drop the secure-auth parameter on MySQL >=8.0.3 (not mariadb)
|
- name: Drop the secure-auth parameter on MySQL >=8.0.3 (not mariadb)
|
||||||
|
|
Loading…
Reference in a new issue