"Disabling remote access for root" actually does nothing

[michalmedvecky]

This task: https://github.com/uoi-io/ansible-galera/blob/master/tasks/secure.yml#L9 actually does nothing.

It's either wrongly named (it does not actually disable anything) or does not what the author intended to write (remove all records for root except those three?)

FYI: the default mysql.user table on a fresh mariadb-server package installation on Ubuntu (xenial) looks this way:

MariaDB [mysql]> select Host,User,Password from user;
+-------------------+------------------+-------------------------------------------+
| Host              | User             | Password                                  |
+-------------------+------------------+-------------------------------------------+
| localhost         | root             | *D7DBCE5AF4004B1307B9E6D1F2DDBA11783B0D16 |
| mmedvecky-mariadb | root             | *D7DBCE5AF4004B1307B9E6D1F2DDBA11783B0D16 |
| 127.0.0.1         | root             | *D7DBCE5AF4004B1307B9E6D1F2DDBA11783B0D16 |
| ::1               | root             | *D7DBCE5AF4004B1307B9E6D1F2DDBA11783B0D16 |
| localhost         | debian-sys-maint | *F31116F9F769AA4B256569F15C7843E81AF1D5C7 |
+-------------------+------------------+-------------------------------------------+

(mmedvecky-mariadb is the name of my test host)

and playing the task on such host results in

TASK [Disabling remote access for root] ****************************************
ok: [db] => (item=localhost)
ok: [db] => (item=127.0.0.1)
ok: [db] => (item=::1)

I am actually looking for a correct way to add root access permitted from my own admin host.

[goldyfruit]

@michalmedvecky Thanks for the report, I'll have a look on that 👍