mysql_conf
Use the mysql_conf
Chef InSpec audit resource to test the contents of the configuration file for MySQL, typically located at /etc/mysql/my.cnf
or /etc/my.cnf
.
Availability
Installation
This resource is distributed along with Chef InSpec itself. You can use it automatically.
Version
This resource first became available in v1.0.0 of InSpec.
Syntax
A mysql_conf
resource block declares one (or more) settings in the my.cnf
file, and then compares the setting in the configuration file to the value stated in the test:
describe mysql_conf('path') do
its('setting') { should eq 'value' }
end
# Test a parameter set within the [mysqld] section
describe mysql_conf do
its('mysqld.port') { should cmp 3306 }
end
# Test a parameter set within the [mariadb] section using array notation
describe mysql_conf do
its(['mariadb', 'max-connections']) { should_not be_nil }
end
where
'setting'
specifies a setting in themy.cnf
file, such asmax_connections
- when checking a setting within sections, such as
[mysqld]
, the section name must be included
- when checking a setting within sections, such as
('path')
is the non-default path to themy.cnf
fileshould eq 'value'
is the value that is expected
Examples
The following examples show how to use this Chef InSpec audit resource.
Test the maximum number of allowed connections
describe mysql_conf do
its('max_connections') { should eq '505' }
its('max_user_connections') { should eq '500' }
end
Test slow query logging**
describe mysql_conf do
its('slow_query_log_file') { should eq 'hostname_slow.log' }
its('slow_query_log') { should eq '0' }
its('log_queries_not_using_indexes') { should eq '1' }
its('long_query_time') { should eq '0.5' }
its('min_examined_row_limit') { should eq '100' }
end
Test the port and socket on which MySQL listens
describe mysql_conf do
its('port') { should eq '3306' }
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
end
Test connection and thread variables
describe mysql_conf do
its('port') { should eq '3306' }
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
its('max_allowed_packet') { should eq '12M' }
its('default_storage_engine') { should eq 'InnoDB' }
its('character_set_server') { should eq 'utf8' }
its('collation_server') { should eq 'utf8_general_ci' }
its('max_connections') { should eq '505' }
its('max_user_connections') { should eq '500' }
its('thread_cache_size') { should eq '505' }
end
Test the safe-user-create parameter
describe mysql_conf.params('mysqld') do
its('safe-user-create') { should eq('1') }
end
Matchers
For a full list of available matchers, please visit our matchers page.
setting
The setting
matcher tests specific, named settings in the my.cnf
file:
its('setting') { should eq 'value' }
Use a setting
matcher for each setting to be tested.