nixos/mysql: secure access to database in one of the nixos tests

2019-06-30 22:01:02 -04:00 · 2019-06-30 22:01:02 -04:00 · d9193f9eda
commit d9193f9eda
parent d0a147e841
1 changed files with 6 additions and 0 deletions
--- a/nixos/tests/mysql.nix
+++ b/nixos/tests/mysql.nix
@ -28,6 +28,12 @@ import ./make-test.nix ({ pkgs, ...} : {
      {
        users.users.testuser = { };
        services.mysql.enable = true;
+        services.mysql.initialScript = pkgs.writeText "mariadb-init.sql" ''
+          echo "ALTER USER root@localhost IDENTIFIED WITH unix_socket;"
+          echo "DELETE FROM mysql.user WHERE password = ''' AND plugin = ''';"
+          echo "DELETE FROM mysql.user WHERE user = ''';"
+          echo "FLUSH PRIVILEGES;"
+        '';
        services.mysql.ensureDatabases = [ "testdb" ];
        services.mysql.ensureUsers = [{
          name = "testuser";