feat(socket_authentication): allow unix_socket authentication

Co-authored-by: Tristan Charbonneau <tcharbonneau@oceanet-technology.com>

feat(socket_authentication): allow unix_socket authentication
8eccd5a6 · Yoda-BZH · GitHub · f1084e59 · 8eccd5a6 · 8eccd5a6
Unverified Commit 8eccd5a6 authored 5 years ago by Yoda-BZH Committed by GitHub 5 years ago
--- a/mysql/user.sls
+++ b/mysql/user.sls
@@ -42,6 +42,9 @@ include:
      - password_hash: '{{ user['password_hash'] }}'
    {%- elif user['password'] is defined and user['password'] != None %}
      - password: '{{ user['password'] }}'
+    {%- elif user['unix_socket'] is defined and user['unix_socket'] != None %}
+      - allow_passwordless: True
+      - unix_socket: True
    {%- else %}
      - allow_passwordless: True
    {%- endif %}

--- a/pillar.example
+++ b/pillar.example
@@ -135,6 +135,13 @@ mysql:
        - database: bar
          table: foobar
          grants: ['select', 'insert', 'update', 'delete']
+    # User 'alice' will be allowed to connect to the server without password
+    # as long as she has access to the unix socket.
+    # This option forces allow_passwordless to be set to True
+    alice:
+      host: 'localhost'
+      unix_socket: true
    nopassuser:
      password: ~
      host: localhost