From 0fbf3fa4d868034a804b30cfc4716f52cefdd263 Mon Sep 17 00:00:00 2001
From: Solomon Gifford <sgifford@blackmesh.com>
Date: Fri, 10 Apr 2015 09:26:24 -0400
Subject: [PATCH 1/5] Support for setting root password when running as
 local_action

---
 tasks/secure-installation.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml
index a3a4f90..acbd3ff 100644
--- a/tasks/secure-installation.yml
+++ b/tasks/secure-installation.yml
@@ -1,15 +1,16 @@
 ---
+- name: Get list of hosts for root user
+  command: mysql -NBe 'SELECT Host from mysql.user WHERE User = "root" order by (Host="localhost") ASC'
+  register: mysql_root_hosts
+  changed_when: false
+
 # 'localhost' needs to be last for idempotency.
 - name: Update MySQL root password for localhost root account.
   mysql_user:
     name: "root"
     host: "{{ item }}"
     password: "{{ mysql_root_password }}"
-  with_items:
-    - "{{ ansible_hostname }}"
-    - 127.0.0.1
-    - ::1
-    - localhost
+  with_items: mysql_root_hosts.stdout_lines
 
 # Has to be after the root password assignment, for idempotency.
 - name: Copy .my.cnf file with root password credentials.

From 75cf220549b38cc59fe25f268a4e06e712cfbe22 Mon Sep 17 00:00:00 2001
From: Solomon Gifford <sgifford@blackmesh.com>
Date: Fri, 10 Apr 2015 09:29:52 -0400
Subject: [PATCH 2/5] Fixes #26 to remove all anonymous users, particularly the
 one with the host as the hostname

---
 tasks/secure-installation.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml
index a3a4f90..0e4d368 100644
--- a/tasks/secure-installation.yml
+++ b/tasks/secure-installation.yml
@@ -20,8 +20,17 @@
     group: root
     mode: 0600
 
+- name: Get list of hosts for anonymous user
+  command: mysql -NBe 'SELECT Host from mysql.user WHERE User = ""'
+  register: mysql_anonymous_hosts
+  changed_when: false
+
 - name: Remove anonymous MySQL user.
-  mysql_user: "name='' state=absent"
+  mysql_user:
+     name: ""
+     host: "{{ item }}"
+     state: absent
+  with_items: mysql_anonymous_hosts.stdout_lines
 
 - name: Remove MySQL test database.
   mysql_db: "name='test' state=absent"
\ No newline at end of file

From fc0d2006cf3260e19e9035102d141b60edb77a3e Mon Sep 17 00:00:00 2001
From: Solomon Gifford <sgifford@blackmesh.com>
Date: Fri, 10 Apr 2015 09:36:01 -0400
Subject: [PATCH 3/5] Renamed python-my.cnf.j2 to user-my.cnf.j2 - has nothing
 to do with python

---
 tasks/secure-installation.yml                  | 2 +-
 templates/{python-my.cnf.j2 => user-my.cnf.j2} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename templates/{python-my.cnf.j2 => user-my.cnf.j2} (100%)

diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml
index a3a4f90..d47989e 100644
--- a/tasks/secure-installation.yml
+++ b/tasks/secure-installation.yml
@@ -14,7 +14,7 @@
 # Has to be after the root password assignment, for idempotency.
 - name: Copy .my.cnf file with root password credentials.
   template:
-    src: "python-my.cnf.j2"
+    src: "user-my.cnf.j2"
     dest: "{{ mysql_user_home }}/.my.cnf"
     owner: root
     group: root
diff --git a/templates/python-my.cnf.j2 b/templates/user-my.cnf.j2
similarity index 100%
rename from templates/python-my.cnf.j2
rename to templates/user-my.cnf.j2

From e8575a76c3a08a1c4de86e0f74880c8c9d6a6985 Mon Sep 17 00:00:00 2001
From: Jeff Geerling <geerlingguy@mac.com>
Date: Fri, 10 Apr 2015 15:43:06 -0500
Subject: [PATCH 4/5] Syntax adjustment for #28.

---
 tasks/secure-installation.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml
index acbd3ff..39b850b 100644
--- a/tasks/secure-installation.yml
+++ b/tasks/secure-installation.yml
@@ -1,6 +1,6 @@
 ---
-- name: Get list of hosts for root user
-  command: mysql -NBe 'SELECT Host from mysql.user WHERE User = "root" order by (Host="localhost") ASC'
+- name: Get list of hosts for the root user.
+  command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC'
   register: mysql_root_hosts
   changed_when: false
 

From 0885558bb8ba2b90e944aa5ca2d937049e47ba0d Mon Sep 17 00:00:00 2001
From: Jeff Geerling <geerlingguy@mac.com>
Date: Fri, 10 Apr 2015 15:51:22 -0500
Subject: [PATCH 5/5] Syntax adjustment for #29.

---
 tasks/secure-installation.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml
index 5ea5a60..a72125c 100644
--- a/tasks/secure-installation.yml
+++ b/tasks/secure-installation.yml
@@ -21,12 +21,12 @@
     group: root
     mode: 0600
 
-- name: Get list of hosts for anonymous user
-  command: mysql -NBe 'SELECT Host from mysql.user WHERE User = ""'
+- name: Get list of hosts for the anonymous user.
+  command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""'
   register: mysql_anonymous_hosts
   changed_when: false
 
-- name: Remove anonymous MySQL user.
+- name: Remove anonymous MySQL users.
   mysql_user:
      name: ""
      host: "{{ item }}"