Project

General

Profile

Actions

Bug #2828

closed

On Rudder 2.4.0~beta3, in distributePolicy/1.0/passwordCheck.st it seems that postgresql credentials are hardcoded

Added by Nicolas PERRON over 12 years ago. Updated over 12 years ago.

Status:
Rejected
Priority:
1 (highest)
Assignee:
Nicolas PERRON
Category:
System techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

distributePolicy/1.0/passwordCheck.st is a CFEngine promise which permit to check that LDAP, PostgreSQL and WebDAV passwords are correct. Nevertheless, it seems that the test about PostgreSQL use hardcoded credentials:

"psql_cant_connect" not => returnszero("/usr/bin/psql --host localhost --username rudder --dbname rudder --quiet --output /dev/null --command 'select id from ruddersysevents limit 1'","noshell");

If I only change Postgresql User (in /opt/rudder/etc):

RUDDER_PSQL_USER:churk_norris

No change is made, since the wrong user (rudder) is checked:

# /var/rudder/cfengine-community/bin/cf-agent -KI -b root_password_check_psql
 !! Duplicate selection of value for variable "execRun" in scope g
 !! Rule from /var/rudder/cfengine-community/inputs/common/1.0/site.cf at/before line 58
 !! Duplicate selection of value for variable "execRun" in scope g
 !! Rule from /var/rudder/cfengine-community/inputs/distributePolicy/1.0/passwordCheck.cf at/before line 295
 >> Using command line specified bundlesequence
R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@21@@distributePolicy@@None@@2012-08-20 14:51:16+02:00##root@#The Rudder Webapp configuration files are OK (checked SQL password)
R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@21@@distributePolicy@@None@@2012-08-20 14:51:16+02:00##root@#The Rudder PostgreSQL user account's password is correct and works

Actions

Also available in: Atom PDF