Skip to Content.
Sympa Menu

devel - [daniel@rimspace.net] Bug#116597: sympa: Poor integration with default Postgres security settings.

Subject: Developers of Sympa

List archive

Chronological Thread  
  • From: address@concealed (Jérôme Marant)
  • To: address@concealed
  • Subject: [address@concealed] Bug#116597: sympa: Poor integration with default Postgres security settings.
  • Date: 22 Oct 2001 08:51:43 +0200


Hi,

I've just received the following feature request.

Cheers,


--- Begin Message ---
  • From: address@concealed
  • To: address@concealed
  • Subject: Bug#116597: sympa: Poor integration with default Postgres security settings.
  • Date: Mon, 22 Oct 2001 11:36:58 +1000 (EST)
  • Resent-cc: Jerome Marant <address@concealed>
  • Resent-date: Mon, 22 Oct 2001 01:48:01 GMT
  • Resent-from: address@concealed
  • Resent-to: address@concealed
Package: sympa
Version: 3.2.1-3
Severity: normal

The default security model for Postgres, when installed as the latest unstable
packages, is that Unix domain socket connections authenticate a user as
themselves through the 'peer' mechanism.

Sympa, on the other hand, *requires* that a username and password pair be
supplied for the connection. This means that Postgres must be configured
to accept this, which makes it impossible (as far as I can tell) to continue
to use the default peer authentication model.

This requires further reconfiguration of Postgres to change the nightly
maintenance scripts, et al, to use a username and password...

This caused me over three hours work getting Sympa installed as I needed to
learn, by trial and error, all of this. This is a real pain.

Could Sympa (and wwsympa) be adapted to use the default authentication model
that Postgres supplies and, perhaps, fall back to (or ask if) password
authentication?

This would make it possible to install a clean system, then:
] apt-get install postgresql
] apt-get install sympa wwsympa

This *isn't* possible without significant manual work at present. It's
also work that took reasonably significant knowledge of the internals of
Perl/DBI, Postgres security and such. :(

Regards,
Daniel

-- System Information
Debian Release: testing/unstable
Kernel Version: Linux inanna 2.4.13-pre2 #1 Mon Oct 15 12:03:30 EST 2001 i686
unknown

Versions of the packages sympa depends on:
ii adduser 3.42 Add and remove users and groups to resp. fro
ii debconf 1.0.13 Debian configuration management system
ii libc6 2.2.4-3 GNU C Library: Shared libraries and Timezone
ii libdbd-pg-perl 1.01-1 a PostgreSQL interface for Perl 5 using DBI.
ii libdbi-perl 1.19-1 The Perl5 Database Interface by Tim Bunce
ii libio-stringy- 2.108-1 Perl5 modules for IO from scalars and arrays
ii libmd5-perl 2.02-2 backwards-compatible wrapper for Digest::MD5
ii libmime-base64 2.12-4 MIME/Base64 decoding for Perl
ii libmime-perl 5.410-1 Perl5 modules for MIME-compliant messages (M
ii libmsgcat-perl 1.03-2 Locale::Msgcat perl module
ii mailtools 1.40-3 Package to facilitate upgrades
ii perl 5.6.1-5 Larry Wall's Practical Extraction and Report
ii sysklogd 1.4.1-2 System logging daemons
sendmail Not installed or no info
sendmail-tls Not installed or no info
ii postfix 0.0.20011008.S A high-performance mail transport agent
^^^ (Provides virtual package mail-transport-agent)
libdbd-mysql-perl Not installed or no info

--- Ignoring conffile /etc/sympa/sympa.conf-smime.in (not world readable)

--- End Message ---


--
Jérôme Marant <address@concealed>
<address@concealed>

http://marant.org



  • [address@concealed] Bug#116597: sympa: Poor integration with default Postgres security settings., Jérôme Marant, 10/22/2001

Archive powered by MHonArc 2.6.19+.

Top of Page