官术网_书友最值得收藏!

Hardening a database service

We have seen setting up the database. The following code snippet shows how we can harden the MySQL service by binding it to localhost and the required interfaces for interacting with the application. It then removes the anonymous user and test databases:

- name: delete anonymous mysql user for localhost
mysql_user:
user: ""
state: absent
login_password: "{{ mysql_root_password }}"
login_user: root

- name: secure mysql root user
mysql_user:
user: "root"
password: "{{ mysql_root_password }}"
host: "{{ item }}"
login_password: "{{ mysql_root_password }}"
login_user: root

with_items:
- 127.0.0.1
- localhost
- ::1
- "{{ ansible_fqdn }}"

- name: removes mysql test database
mysql_db:
db: test
state: absent
login_password: "{{ mysql_root_password }}"
login_user: root
主站蜘蛛池模板: 无棣县| 烟台市| 甘洛县| 宁明县| 曲水县| 石嘴山市| 抚松县| 格尔木市| 曲松县| 黎平县| 十堰市| 阿坝| 溧水县| 三穗县| 沙田区| 万盛区| 嘉义市| 久治县| 凌海市| 长岛县| 文安县| 陆丰市| 洪江市| 烟台市| 仲巴县| 长沙市| 遵化市| 白沙| 阿坝县| 南昌县| 开鲁县| 伊金霍洛旗| 宣化县| 达日县| 鄂尔多斯市| 汉中市| 旬阳县| 壤塘县| 灌南县| 枝江市| 广德县|