inspec/docs/resources/mysql_conf.md.erb

103 lines
2.6 KiB
Text
Raw Normal View History

2016-09-22 12:43:57 +00:00
---
title: About the mysql_conf Resource
---
# mysql_conf
Use the `mysql_conf` InSpec audit resource to test the contents of the configuration file for MySQL, typically located at `/etc/mysql/my.cnf` or `/etc/my.cnf`.
# Syntax
A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
describe mysql_conf('path') do
its('setting') { should eq 'value' }
end
where
* `'setting'` specifies a setting in the `my.cnf` file, such as `max_connections`
* `('path')` is the non-default path to the `my.cnf` file
* `should eq 'value'` is the value that is expected
# Matchers
This InSpec audit resource has the following matchers:
## be
<%= partial "/shared/matcher_be" %>
## cmp
<%= partial "/shared/matcher_cmp" %>
## eq
<%= partial "/shared/matcher_eq" %>
## include
<%= partial "/shared/matcher_include" %>
## match
<%= partial "/shared/matcher_match" %>
## setting
The `setting` matcher tests specific, named settings in the `my.cnf` file:
its('setting') { should eq 'value' }
Use a `setting` matcher for each setting to be tested.
# Examples
The following examples show how to use this InSpec audit resource.
## Test the maximum number of allowed connections
describe mysql_conf do
its('max_connections') { should eq '505' }
its('max_user_connections') { should eq '500' }
end
## Test slow query logging**
describe mysql_conf do
its('slow_query_log_file') { should eq 'hostname_slow.log' }
its('slow_query_log') { should eq '0' }
its('log_queries_not_using_indexes') { should eq '1' }
its('long_query_time') { should eq '0.5' }
its('min_examined_row_limit') { should eq '100' }
end
## Test the port and socket on which MySQL listens
describe mysql_conf do
its('port') { should eq '3306' }
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
end
## Test connection and thread variables
describe mysql_conf do
its('port') { should eq '3306' }
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
its('max_allowed_packet') { should eq '12M' }
its('default_storage_engine') { should eq 'InnoDB' }
its('character_set_server') { should eq 'utf8' }
its('collation_server') { should eq 'utf8_general_ci' }
its('max_connections') { should eq '505' }
its('max_user_connections') { should eq '500' }
its('thread_cache_size') { should eq '505' }
end
## Test the safe-user-create parameter
describe mysql_conf.params('mysqld') do
its('safe-user-create') { should eq('1') }
end