From 9f0fbef9eca88cc6921aa52b42472651267a40c4 Mon Sep 17 00:00:00 2001
From: Nathan Flynn <nathan.flynn@zeninternet.co.uk>
Date: Mon, 25 Mar 2013 17:09:51 +0000
Subject: [PATCH] Added Salting for MySQL

---
 manifests/init.pp   | 11 ++++++++++-
 manifests/params.pp |  1 +
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index dede2b8..5054ff4 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -12,6 +12,11 @@
 #   If blank, no password is set
 #   If 'auto' a random password is generated
 #
+# [*password_salt*]
+#   Uses a salt with FQDN_RAND when generating the root password.
+#   If you do not use this, the password can be reverse engineered very easily.
+#   Example: $password_salt = 'smeg'
+#
 # Standard class parameters
 # Define the general class behaviour and customizations
 #
@@ -207,6 +212,7 @@
 #
 class mysql (
   $root_password       = params_lookup( 'root_password' ),
+  $password_salt       = params_lookup( 'password_salt' ),
   $my_class            = params_lookup( 'my_class' ),
   $source              = params_lookup( 'source' ),
   $source_dir          = params_lookup( 'source_dir' ),
@@ -260,7 +266,10 @@
   $bool_audit_only=any2bool($audit_only)
 
   ### Root password setup
-  $random_password = fqdn_rand(100000000000)
+  $random_password = $mysql::password_salt ? {
+    ''       => fqdn_rand(100000000000),
+    default  => fqdn_rand(100000000000,$mysql::password_salt),
+  }
 
   $real_root_password = $mysql::root_password ? {
     ''      => '',
diff --git a/manifests/params.pp b/manifests/params.pp
index e7f0466..0c69f0b 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -16,6 +16,7 @@
 
   ### Module specific parameters
   $root_password = ''
+  $password_salt = ''
 
   ### Application related parameters