Opened 6 years ago
Closed 6 years ago
#2175 closed task (fixed)
Trac should connect as trac-specific user, not "postgres' user
Reported by: | strk | Owned by: | strk |
---|---|---|---|
Priority: | critical | Milestone: | Sysadmin Contract 2018-I |
Component: | SysAdmin/Trac | Keywords: | |
Cc: |
Description
I found out that all trac instances are connecting to database as the "postgres" user. This is a security issue, and makes it harder to maintain the service in that "postgres" user can (and does) fill up all available connections thus preventing maintainer from connecting.
Change History (5)
comment:1 by , 6 years ago
Owner: | changed from | to
---|
comment:2 by , 6 years ago
comment:3 by , 6 years ago
Yes there is a guide and I think there's also a script, check out the wiki.
I did create a "trac" user, we want to also provide a password and stop using "trust" strategy.
comment:4 by , 6 years ago
Owner: | changed from | to
---|
Password in use now. Centralized storage in pgpass. Wiki updated: https://wiki.osgeo.org/wiki/Trac#Creating_a_trac_instance
comment:5 by , 6 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
I'm fine with changing all these into connecting as database role "trac".
Not sure if there's a guide about "how to create new OSGeo Trac instances", we might need to change that one as well.