ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-06 10:40:36 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Remove parsing of REQUIRE SSL in privileges

Browse source 
tls_require is handled separately (in `user_mod()` lines 673-690.  
By adding the `REQUIRESSL` option to the current privileges, it gets passed to to the `curr_priv` variable in `user_mod()`, causing the privileges intersection between `curr_priv` and `new_priv` on line 663 to always contain `REQUIRESSL` (because `new_priv` will never never have it if we use `tls_requires`) and therefore the module would always be marked as "changed" (because it would always try removing the REQUIRESSL via `privileges_revoke()` at line 669 and then add it back via the explicit TLS route at lines 673-690).
This commit is contained in:
Bas Zoetekouw 2020-09-30 15:50:58 +02:00 committed by GitHub
parent 998913e5d2
commit 1cf1dbeca7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
plugins/modules/mysql_user.py
View file

@ -746,8 +746,6 @@ def privileges_get(cursor, user, host):
privileges = [pick(x.strip()) for x in privileges] privileges = [pick(x.strip()) for x in privileges]
if "WITH GRANT OPTION" in res.group(7): if "WITH GRANT OPTION" in res.group(7):
privileges.append('GRANT') privileges.append('GRANT')
if 'REQUIRE SSL' in res.group(7):
privileges.append('REQUIRESSL')
db = res.group(2) db = res.group(2)
output.setdefault(db, []).extend(privileges) output.setdefault(db, []).extend(privileges)
return output return output