#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+--------------------------------------
Reporter: strk | Owner: strk
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Keywords:
----------------------+--------------------------------------
I found out that all trac instances are connecting to database as the
"postgres" user. This is a security issue, and makes it harder to maintain
the service in that "postgres" user can (and does) fill up all available
connections thus preventing maintainer from connecting.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+---------------------------------------
Reporter: strk | Owner: martin
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Resolution:
Keywords: |
----------------------+---------------------------------------
Changes (by strk):
* owner: strk => martin
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+---------------------------------------
Reporter: strk | Owner: martin
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Resolution:
Keywords: |
----------------------+---------------------------------------
Comment (by martin):
I'm fine with changing all these into connecting as database role "trac".
Not sure if there's a guide about "how to create new OSGeo Trac
instances", we might need to change that one as well.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+---------------------------------------
Reporter: strk | Owner: martin
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Resolution:
Keywords: |
----------------------+---------------------------------------
Comment (by strk):
Yes there is a guide and I think there's also a script,
check out the wiki.
I did create a "trac" user, we want to also provide
a password and stop using "trust" strategy.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+---------------------------------------
Reporter: strk | Owner: strk
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Resolution:
Keywords: |
----------------------+---------------------------------------
Changes (by strk):
* owner: martin => strk
Comment:
Password in use now. Centralized storage in pgpass. Wiki updated:
https://wiki.osgeo.org/wiki/Trac#Creating_a_trac_instance
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2175: Trac should connect as trac-specific user, not "postgres' user
----------------------+---------------------------------------
Reporter: strk | Owner: strk
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2018-I
Component: Trac | Resolution: fixed
Keywords: |
----------------------+---------------------------------------
Changes (by strk):
* status: new => closed
* resolution: => fixed
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2175#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.