I continue to understand why database create doesn't work (opscode database coobook)

Vladimir_Skubriev · October 23, 2013, 1:02pm

I use the following code in my own cookbook redmine:

And use each time I use a new container with ubuntu 12.04 lts and new
node in chef

A whole clear environment )

If I uncomment this

node.set[‘mysql’][‘server_root_password’]= ""
node.set[‘mysql’][‘server_repl_password’]= ""
node.set[‘mysql’][‘server_debian_password’]= “”

Then recipe will break on error:

FATAL: Mysql::Error: mysql_database[redmine] (credmine::database line
49) had an error: Mysql::Error: Access denied for user
’root’@‘localhost’ (using password: YES)

in this code

Using database cookbook ::: to create redmine database

mysql_database node.run_state[‘redmine-mysql-name’] do
connection mysql_connection_info
action :create
end

Why this error occurs ?

I use this code to clear password from chef node attributes, because
this is no good.

And why this occurs clear attributes code in the end of recipe?

How I can use a databags with mysql cookbook secure ?

Some code of _loaddatabags.rb

databag = node[‘databag_redmine_mysql_root’][‘name’]
item = node[‘databag_redmine_mysql_root’][‘item’]
secretfile =
Chef::EncryptedDataBagItem.load_secret("#{node[‘chef’][‘privatekeysdir’]}/#{databag}/#{item}")
retriveditem = Chef::EncryptedDataBagItem.load(databag,item, secretfile)
#node.run_state[‘redmine_mysql_root_password’] = retriveditem[‘password’]

We must override mysql server_root_password, server_repl_password,

server_debian_password for mysql cookbook

If we setup node attibute then this attribute are in the server chef

after chef run

It is not secure !

We need to ensure that this node attribute will clear at the end of

recipe

------- Setup mysql service users passwords used in cookbook for

succesful installation of MYSQL
node.set[‘mysql’][‘server_root_password’] = retriveditem[‘password’]
node.set[‘mysql’][‘server_repl_password’] = retriveditem[‘password’]
node.set[‘mysql’][‘server_debian_password’] = retriveditem[‘password’]

------- Need to delete this attributes in the end of recipes.

Excusme for bad english. I has no time. I spend much time to find this
reason (

–
Best regards,

CVision Lab System Administrator
Vladmir Skubriev

Vladimir_Skubriev · October 23, 2013, 2:20pm

FATAL: Mysql::Error: mysql_database[redmine] (credmine::database line 49)
had an error: Mysql::Error: Access denied for user 'root'@'localhost'
(using password: YES)

IN ADDITION
After that mysql has root users and don't have a password.

I can login in it over network or from localhost with username root and
without password )

Whay this happens I can't understand.

Topic		Replies	Views
Why I need to set mysql root password MANUAL when using mysql recipes(opscode) in my cookbook? Chef Infra (archive)	3	1079	October 24, 2013
Access denied error using mysql & database cookbooks Chef Infra (archive)	1	721	September 13, 2015
I want to use data bag for store password with community cookbook mysql - how can i do this in elegant way? Chef Infra (archive)	0	258	August 7, 2013
RE: Access denied error using mysql & database cookbooks Chef Infra (archive)	1	1102	September 14, 2015
MySql chef coookBook (Access Denied Error) Chef Infra (archive)	2	547	October 3, 2019