mysql - Mysql为任何主机授予root权限

我正在尝试在ec2实例上使用salt-stack安装MySQL。我想为root用户添加授权。任何主机都可以使用密码访问它。

这是我的状态文件：

mysql-server:
  pkg:
    - installed
    - pkgs:
      - mysql-server
      - python-mysqldb
  service:
    - running
    - name: mysql
    - enable: True
    - require:
      - pkg: mysql-server
    - watch:
      - file: /etc/mysql/my.cnf
  mysql_user:
    - present
    - name: root
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - require:
      - service: mysql

/srv/.my.cnf:
  file:
    - managed
    - source: salt://files/mysql/app-my.cnf
    - user: app
    - group: app
    - mode: 0600
    - template: jinja
    - require:
      - user: app

/root/.my.cnf:
  file:
    - managed
    - source: salt://files/mysql/root-my.cnf
    - user: root
    - group: root
    - mode: 0600
    - template: jinja

{{pillar.default_database.name}}:
  mysql_database.present

mysql-app-user:
  mysql_user.present:
    - name: app
    - host: '%'
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - connection_user: root
    - connection_pass: {{ pillar['mysql']['server']['root_password'] }}
    - connection_charset: utf8
    - saltenv:
      - LC_ALL: "en_US.utf8"
    - require:
      - service: mysql

mysql-app-local-user:
  mysql_user.present:
    - name: app
    - host: localhost
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - connection_user: root
    - connection_pass: {{ pillar['mysql']['server']['root_password'] }}
    - connection_charset: utf8
    - saltenv:
      - LC_ALL: "en_US.utf8"
    - require:
      - service: mysql

mysql_root_remote_grant:
   mysql_grants.present:
    - grant: all privileges
    - database: '*.*'
    - user: root

mysql_app_remote_grant:
   mysql_grants.present:
    - grant: all privileges
    - database: '*.*'
    - user: app

mysql_app_local_grant:
   mysql_grants.present:
    - grant: all privileges
    - database: '*.*'
    - user: app
    - host: localhost

此部分可访问任何主机，但无需密码。

mysql_root_remote_grant:
   mysql_grants.present:
    - grant: all privileges
    - database: '*.*'
    - user: root

此方法有效，但是它无需密码即可从任何主机授予对root的访问权限。我不知道我在做什么错。如何通过盐堆栈安装使用密码从任何主机访问root？

最佳答案

这是解决问题的方法，我只需要为root（任何主机）添加另一个mysql_user.present-%，如下所示。

mysql-root-user-remote:
  mysql_user.present:
    - name: root
    - host: '%'
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - connection_user: root
    - connection_pass: {{ pillar['mysql']['server']['root_password'] }}
    - connection_charset: utf8
    - saltenv:
      - LC_ALL: "en_US.utf8"
    - require:
      - service: mysql

因此，mysql_user.present用户有两个root声明，一个声明为localhost，另一个声明为任何主机。此后，mysql_grant.present起作用。

关于mysql - Mysql为任何主机授予root权限，我们在Stack Overflow上找到一个类似的问题：https://stackoverflow.com/questions/31488033/