[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnumed-devel] Re: Updated server packages
|
From: |
Andreas Tille |
|
Subject: |
[Gnumed-devel] Re: Updated server packages |
|
Date: |
Sun, 20 Sep 2009 21:32:20 +0200 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Sun, Sep 20, 2009 at 12:30:12AM +0200, Karsten Hilbert wrote:
> Thanks for this valuable feedback ! We will see to it to
> make this necessary change much more prominent so users know
> what to do.
>
> @Andreas: can we add this to the README.Debian for
> gnumed-server, too ? I will send you a patch.
Sure! Any patch is perfectly welcome. If you would apply for an alioth
account (as I recommended for the live CD stuff) I would grant you
permissions which enable you to commit such changes yourself.
> > I am an experienced Linux user, but never touched Postgre before, and
> > for the first time it took me a few days to et it running - this could
> > be eased very simply by making the bootstrap script add this line
> > automatically to the file if run as root,
>
> Unfortunately, this is *not safely possible*.
Well, *technically* it is "quite" save to do this - but it is simply
forbidden by Debian policy to tweak other packages config files (and
that's for a reason):. So the only policy compliant way to work do this
is via documentation in the GNUMed package (even if I see a chance to
provide a "documented shell script" which you can start and which does
the job for you. But changing ph_hba.conf from GNUmed's postinst is
just forbidden.
> Note that I am not talking about the fact that Debian
> policy does not allow one package to change the
> configuration of another packages -- this I would gladly
> overcome by providing a
>
> /usr/bin/gm-add_holy_authentication_line_to_pg_hba_conf.sh
Yes - something like this.
> But this is not safely *possible*.
IMHO for those people who have problems maintaining PostgreSQL servers
it is "quite" safe (in combination with a big warning I'd consider it
OK), because you can assume some reasonable defaults. (Otherwise the
admin is an expert which just would not call the script.)
> Moreover, it may be
> contrary to what a local admin desires to be the
> authentication policy ! There are other ways to allow access
> to GNUmed databases.
Yes.
> > or by just telling the user that he should do this if run
> > as other user.
>
> A good suggestion. I will add some code to the bootstrapper
> which warns about the line missing in pg_hba.conf.
I'd consider this as a very sane compromise which comes quite cheap.
Kind regards
ANdreas.
--
http://fam-tille.de
Klarmachen zum Ă„ndern!
- Re: [Gnumed-devel] Updated server packages, (continued)
- Re: [Gnumed-devel] Updated server packages, Sebastian Hilbert, 2009/09/19
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/19
- Re: [Gnumed-devel] Updated server packages, Christian A. Reiter, 2009/09/19
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/19
- Re: [Gnumed-devel] Updated server packages, Rogerio Luz Coelho, 2009/09/19
- Re: [Gnumed-devel] Updated server packages, Christian A. Reiter, 2009/09/20
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/20
- Re: [Gnumed-devel] Updated server packages, Christian A. Reiter, 2009/09/20
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/20
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/20
- [Gnumed-devel] Re: Updated server packages,
Andreas Tille <=
- Re: [Gnumed-devel] Re: Updated server packages, Christian A. Reiter, 2009/09/21
- Re: [Gnumed-devel] Re: Updated server packages, Karsten Hilbert, 2009/09/22
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/21
- Re: [Gnumed-devel] Updated server packages, Jim Busser, 2009/09/21
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/21
- Re: [Gnumed-devel] Updated server packages, Karsten Hilbert, 2009/09/21
Re: [Gnumed-devel] Updated server packages, Jim Busser, 2009/09/19