REJECT: openerp6.1
Jamie Strandboge
jamie at canonical.com
Mon Jul 23 21:21:48 UTC 2012
On Mon, 2012-07-09 at 14:38 +0200, Martin Pitt wrote:
> Hello Yolanda, Jamie,
>
> Jamie Strandboge [2012-07-09 7:09 -0500]:>
> > In thinking about this some more, the PGPASSFILE won't work for you here
> > since you are trying to add a password, not use an existing one.
> > Instead, I suggest you echo an sql statement into a temp file and then
> > use psql on that. Eg:
> > echo "ALTER USER openerp WITH PASSWORD '$pass''" > "$tmp"
> > su - postgres -c "psql -f $tmp"
> If on the other hand the OpenERP server is talking to a remote
> PostgreSQL server and thus needs a password, an approach like what
> Jamie suggested is valid if the password is being asked over debconf
> (instead of being generated automatically).
So, as it turns out, db_get from debconf doesn't handle this well
either. From
/usr/share/debconf/confmodule:
_db_cmd () {
...
RET="${_db_internal_line#[! ][ ]}"
case ${_db_internal_line%%[ ]*} in
1) # escaped data
RET="$(printf '%s' "$RET" | debconf-escape -u)"
...
That printf exposes the password in /proc.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-archive/attachments/20120723/38d7927e/attachment.pgp>
More information about the ubuntu-archive
mailing list