From d9193f9edab2383c7f9285baf6b11007938b0d64 Mon Sep 17 00:00:00 2001
From: Aaron Andersen <aaron@fosslib.net>
Date: Sun, 30 Jun 2019 22:01:02 -0400
Subject: [PATCH] nixos/mysql: secure access to database in one of the nixos
 tests

---
 nixos/tests/mysql.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/nixos/tests/mysql.nix b/nixos/tests/mysql.nix
index cfe10bc41b0c..f712357b9ff0 100644
--- a/nixos/tests/mysql.nix
+++ b/nixos/tests/mysql.nix
@@ -28,6 +28,12 @@ import ./make-test.nix ({ pkgs, ...} : {
       {
         users.users.testuser = { };
         services.mysql.enable = true;
+        services.mysql.initialScript = pkgs.writeText "mariadb-init.sql" ''
+          echo "ALTER USER root@localhost IDENTIFIED WITH unix_socket;"
+          echo "DELETE FROM mysql.user WHERE password = ''' AND plugin = ''';"
+          echo "DELETE FROM mysql.user WHERE user = ''';"
+          echo "FLUSH PRIVILEGES;"
+        '';
         services.mysql.ensureDatabases = [ "testdb" ];
         services.mysql.ensureUsers = [{
           name = "testuser";