From 1fbd4b57a20b98a64de25465a359146d3824ff08 Mon Sep 17 00:00:00 2001 From: Richard Shade Date: Fri, 23 Jun 2017 10:28:15 -0500 Subject: [PATCH] Mysql socket (#1933) * showing how to shellout in docs Signed-off-by: Richard Shade * adding basic example Signed-off-by: Richard Shade * cleanup Signed-off-by: Richard Shade * adding in mysql socket, as this doesn't work with non-default installs Signed-off-by: Richard Shade * updating per peer review to make socket not a req, and adding port Signed-off-by: Richard Shade * updating docs Signed-off-by: Richard Shade --- docs/resources/mysql_session.md.erb | 12 ++++++++++++ lib/resources/mysql_session.rb | 15 +++++++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/docs/resources/mysql_session.md.erb b/docs/resources/mysql_session.md.erb index 5c00932b2..f2ee35ea1 100644 --- a/docs/resources/mysql_session.md.erb +++ b/docs/resources/mysql_session.md.erb @@ -61,3 +61,15 @@ The following examples show how to use this InSpec audit resource. describe sql.query('show databases like \'test\';') do its('stdout') { should_not match(/test/) } end + +### Alternate Connection: Different Host + + sql = mysql_session('my_user','password','db.example.com') + +### Alternate Connection: Different Port + + sql = mysql_seesion('my_user','password','localhost',3307) + +### Alternate Connection: Using a socket + + sql = mysql_session('my_user','password', nil, nil, '/var/lib/mysql-default/mysqld.sock') diff --git a/lib/resources/mysql_session.rb b/lib/resources/mysql_session.rb index b46819158..0c4f80792 100644 --- a/lib/resources/mysql_session.rb +++ b/lib/resources/mysql_session.rb @@ -16,10 +16,12 @@ module Inspec::Resources end " - def initialize(user = nil, pass = nil, host = 'localhost') + def initialize(user = nil, pass = nil, host = 'localhost', port = nil, socket = nil) @user = user @pass = pass @host = host + @port = port + @socket = socket init_fallback if user.nil? or pass.nil? skip_resource("Can't run MySQL SQL checks without authentication") if @user.nil? or @pass.nil? end @@ -30,7 +32,16 @@ module Inspec::Resources escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$') # run the query - cmd = inspec.command("mysql -u#{@user} -p#{@pass} -h #{@host} #{db} -s -e \"#{escaped_query}\"") + command = "mysql -u#{@user} -p#{@pass}" + if !socket.nil? + command += " -S #{@socket}" + else + command += " -h #{@host}" + end + command += " --port #{@port}" unless @port.nil? + command += " #{db} -s -S #{@socket} -e \"#{escaped_query}\"" + + cmd = inspec.command(command) out = cmd.stdout + "\n" + cmd.stderr if out =~ /Can't connect to .* MySQL server/ or out.downcase =~ /^error/