On Thu, Jul 18, 2024, at 8:22 AM, Kees Bakker via Bacula-users wrote:
> Hi,
>
> Today I installed bacula-postgresql 15.0.2 on a Ubuntu 22.04 system.
> This was done through ansible scripts, so everything that apt install
> did was non-interactive.
>
> Then I was curious what the password for the database was. I saw a new
> random password in
> /etc/dbconfig-common/bacula-postgresql.conf
> That file is owned by root and has 600 permission bits. Great.
>
> However, during apt install it also seems to set this same random
> password in
> /opt/bacula/scripts/grant_postgresql_privileges
> That file has 755 permissions. That doesn't seem right to me.
No it's not right. Why the password needs to be duplicated, I'm not sure.
Looking at what is installed by FreeBSD (disclaimer, I am the maintainer for
the
FreeBSD package), I find:
Is that file installed by the package?
[13:17 bacula dvl ~] % pkg info -l bacula15-server | grep
grant_postgresql_privileges
/usr/local/share/bacula/grant_postgresql_privileges
Yes, let's look at it:
[13:17 bacula dvl ~] % ls -l
/usr/local/share/bacula/grant_postgresql_privileges
-rwxr-xr-x 1 bacula bacula 3456 2024.07.05 12:21
/usr/local/share/bacula/grant_postgresql_privileges
Yes, world readable.
[13:17 bacula dvl ~] % grep pass
/usr/local/share/bacula/grant_postgresql_privileges
db_password=
if [ "$db_password" != "" ]; then
pass="password '$db_password'"
create user ${db_user} ${pass};
[13:17 bacula dvl ~] %
However, there is no password set in there.
Sorry for what apt is doing.
--
Dan Langille
d...@langille.org
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
