Yeah, we're going to add a 'default_user' and 'default_pass' setting so you can handle this situation. It should be in 0.17.0
How to set root password using salt states
-
31-05-2022 - |
Question
I want to set strong password for mysql root user. But there is a egg-hen problem. I have empty server. I salt it. The root password is empty (by default after install).
If I use
root:
mysql_user.present:
- name: root
- password: $ecur3h4x0r
- host: %
Then I would not be able to call any other mysql states because they would need the password. But the next time I do highstate this call would not work, because the state tries to connect with empty password.
Solution
OTHER TIPS
Just in case someone stumbles upon this question while starting to manage mysql with saltstack.
Here is how it works in the current salt version (salt 2015.5.0 (Lithium)). Notice that the mysql_user.present-state is smart enough to try it without a password at first. In subsequent runs the state will use the root password to connect and realize that the password for root is in the right state.
root:
mysql_user.present:
- host: localhost
- password: s3cure_root_password
another_user:
mysql_user.present:
- host: localhost
- password: anoth3r_user_password
- connection_user: root
- connection_pass: s3cure_root_password
I'd like to note 2 things that worked for me in master / minion version '2019.2.0' under ubuntu 18.04:
- One will be able to set the password of the user 'root' the first time with:
mysql_user.present:
- name: root
- host: localhost
- password: pillar['mysql']['mysqlrootpassword']
- connection_charset: utf8
- saltenv:
- LC_ALL: "en_US.utf8"
After that, the command will always succeed with User root@localhost is already present with the desired password
regardless of the value of the root password.
- MySql user
root
is only permitted to login if you usesudo
or as root user