[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] trying to bootstrap database on Mac "Cannot bootstrap

From: Jim Busser
Subject: Re: [Gnumed-devel] trying to bootstrap database on Mac "Cannot bootstrap bundles."
Date: Mon, 05 Jul 2010 12:35:46 -0700

On 2010-07-01, at 12:05 AM, Karsten Hilbert wrote:

>> alter the pg_hba.conf file, which had very few lines in it, and into which I 
>> inserted (hopefully at a suitable place) the "local samegroup ..." line:
>> *************************************************
>> # allow anyone knowing the proper password to
>> # log into our GNUmed databases
>> local   samegroup      +gm-logins                    md5
>> # "local" is for Unix domain socket connections only
>> local   all         all                               md5
> The place is suitable (that is, before the catch-all "local
> all all" phrase) but OTOH the catch all was non-dangerously
> suitable as well already:
> It allowed anyone (all-2) to connect to any database (all-1)
> via UNIX domain sockets (local) if they knew the appropriate
> password (md5).
> It would have been problematic if it had had "ident" rather
> than "md5" because that would have required the PG account
> "any-doc" to exist in the system as well (be IDENTical).
> But the line you added does not hurt either and also
> documents an explicit security decision.
> For bootstrapping, however, it isn't even necessary :-)

I *think* the newest bootstrapper as recently checked-in (to master) -- 
supplemented by my uncommenting prompts for postgres password -- works even 
despite letting the downloaded master.tgz reside in user space (and not, as 
Sebastian previously found necessary, to copy it to /tmp/).

However, in regard to the need (or lack of need) for

        local   samegroup   +gm-logins   md5

which was missing from my freshly-reinstalled postgres, the bottom of the 
bootstrap log yielded the following, in which it seemed to look for 

        regex: local.*samegroup.*\+gm-logins

making me wonder...was that just for information, or are the warnings relevant?


2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #245): trying DB connection to 
gnumed_v14 on localhost as postgres
2010-07-05 12:03:30  DEBUG     gm.db 
 #1204): new database connection, backend PID: 21975, readonly: False
2010-07-05 12:03:30  DEBUG     gm.db 
 #1241): access mode [READ WRITE]
2010-07-05 12:03:30  DEBUG     gm.db 
 #1304): client string encoding [UTF8], isolation level [serializable], time 
zone [America/Dawson], datestyle [ISO], sql_inheritance [ON]
2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #256): successfully connected
2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #893): hba file: 
2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #912): did not find 
standard GNUmed authentication directive in pg_hba.conf
2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #913): regex: 
2010-07-05 12:03:30  WARNING   gm.bootstrapper 
(./ #1470): open connection detected: 
database.__connect_owner_to_db via database.__connect_superuser_to_db
2010-07-05 12:03:30  WARNING   gm.bootstrapper 
(./ #1471): <connection object at 0x1013a7260; 
dsn: 'dbname=gnumed_v14 port=5432 user=postgres password=xxxxxxxx 
sslmode=prefer', closed: 0>
2010-07-05 12:03:30  WARNING   gm.bootstrapper 
(./ #1472): closing connection
2010-07-05 12:03:30  INFO      gm.bootstrapper 
(./ #1475): shutdown

-- Jim

reply via email to

[Prev in Thread] Current Thread [Next in Thread]