Skip to content

.my.cnf file is not created when using eyaml to encrypt the root password #1651

Open
@marketier

Description

@marketier

Describe the Bug

I am seeing the following error due to the .my.cnf file not being created in the /root/ folder on a Rocky Linux 9 host.

Info: /Stage[main]/Mysql::Server::Service/Service[mysqld]: Unscheduling refresh on Service[mysqld]
Error: Could not prefetch mysql_user provider 'mysql': Execution of '/usr/bin/mysql -NBe SELECT CONCAT(User, '@',Host) AS User FROM mysql.user' returned 1: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
Warning: /Stage[main]/Mysql::Server::Root_password/Mysql_user[root@localhost]: Skipping because provider prefetch failed
Notice: /Stage[main]/Mysql::Server::Root_password/File[/root/.my.cnf]: Dependency Mysql_user[root@localhost] has failures:
true

Expected Behavior

The .my.cnf file should be created in the /root/ folder to allow subsequent tasks to be executed after connecting to the MySQL instance.

Steps to Reproduce

  1. Install the eyaml module if required on the Puppet server.
  2. Generate keys for eyaml and define in your environment hiera.yaml:
    eyaml createkeys --pkcs7-private-key=/etc/puppetlabs/puppet/keys/private_key.pkcs7.pem --pkcs7-public-key=/etc/puppetlabs/puppet/keys/public_key.pkcs7.pem
  3. Encrypt the password:
    eyaml encrypt -s 'mypassword' --pkcs7-private-key=/etc/puppetlabs/puppet/keys/private_key.pkcs7.pem --pkcs7-public-key=/etc/puppetlabs/puppet/keys/public_key.pkcs7.pem
  4. Store the encrypted password in your emvironments data/common.yaml file
---
mysql::server::root_password: >
  ENC[PKCS7,...==]
  1. In the environment manifest site.pp, declare the class for the node:
class { 'mysql::server':
        package_name            => 'mariadb-server',
        remove_default_accounts => true,
        restart                 => true,
      }
  1. On the new database server, do a puppet agent -t to apply the configuration.

Environment

  • Version 16.0.0
  • Rocky Linux 9
  • Puppet 8

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions