[Decaf-devel] Merging pam module, killd and status packages?

Fanen Ahua afanen01 at gmail.com
Wed Dec 20 11:14:00 CET 2006 

i tried it just now and it installed successfully. i just upgraded
packages on my system to sync with latest etch.

should i use postgres 7.4 or 8.1? cos i haven't been able to run
decaf-cashier it fails to connecto to the db server.. here's my hba_conf

been digging thru pgdocs without success.

# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the PostgreSQL Administrator's Guide, chapter "Client
# Authentication" for a complete description.  A short synopsis
# follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access.  Records take one of seven forms:
#
# local      DATABASE  USER  METHOD  [OPTION]
# host       DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
# hostssl    DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
# hostnossl  DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
# host       DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
# hostssl    DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
# hostnossl  DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
#
# (The uppercase quantities should be replaced by actual values.)
# The first field is the connection type: "local" is a Unix-domain
socket,
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is
an
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
# DATABASE can be "all", "sameuser", "samegroup", a database name (or
# a comma-separated list thereof), or a file name prefixed with "@".
# USER can be "all", an actual user name or a group name prefixed with
# "+" or a list containing either.  IP-ADDRESS and IP-MASK specify the
# set of hosts the record matches.  CIDR-MASK is an integer between 0
# and 32 (IPv4) or 128 (IPv6) inclusive, that specifies the number of
# significant bits in the mask, so an IPv4 CIDR-MASK of 8 is equivalent
# to an IP-MASK of 255.0.0.0, and an IPv6 CIDR-MASK of 64 is equivalent
# to an IP-MASK of ffff:ffff:ffff:ffff::. METHOD can be "trust",
"reject",
# "md5", "crypt", "password", "krb4", "krb5", "ident", or "pam".  Note
# that "password" uses clear-text passwords; "md5" is preferred for
# encrypted passwords.  OPTION is the ident map or the name of the PAM
# service.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal.  If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect, or use
# "pg_ctl reload".

# Put your actual configuration here
# ----------------------------------
#
# CAUTION: The default configuration allows any local user to connect
# using any PostgreSQL user name, including the superuser, over either
# Unix-domain sockets or TCP/IP.  If you are on a multiple-user
# machine, the default configuration is probably too liberal for you.
# Change it to use something other than "trust" authentication.
#
# If you want to allow non-local connections, you need to add more
# "host" records.  Also, remember TCP/IP connections are only enabled
# if you enable "tcpip_socket" in postgresql.conf.


# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database
# super user can access the database using some other method.
# Noninteractive
# access to all databases is required during automatic maintenance
# (autovacuum, daily cronjob, replication, and similar tasks).
#
# Database administrative login by UNIX sockets
local   all         postgres                          ident sameuser

# TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK
METHOD
local   all         all         127.0.0.1
ident sameuser
local   all         all                                            ident
sameuser
# IPv4-style local connections:
host    all         all         127.0.0.1         255.255.255.255
ident sameuser
host    all         all                 255.255.255.255   ident sameuser
# IPv6-style local connections:
host    all         all         ::1
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        md5

On Wed, 2006-12-20 at 09:46 +0000, Joachim Breitner wrote:
> Hi,
> 
> 
> Am Mittwoch, den 20.12.2006, 10:23 +0100 schrieb Fanen Ahua:
> > On Tue, 2006-12-19 at 21:14 +0000, Luis Matos wrote:
> > > Ter, 2006-12-19 às 16:44 +0100, Fanen Ahua escreveu:
> > > > sorry if this is coming late, i think the 'decaf_cashier' package should
> > > > create the database, as well as a default '/etc/decaf.conf'
> > > 
> > > 
> > > disagree ... the database server can be a standalone database server.
> > > for example, a tester for decaf works like that. He has a central server
> > > for shares and the cashier machine (his) is not the server.
> > > 
> > since decaf-cashier can connect to the database server, i suppose it can
> > create the db anyway, even if its on a different machine?
> 
> I’d rather go with a decaf-db package. I think it is more intuitive to
> install a specific package on the server, than just a GUI somewhere on
> the network. Also, dbconfig-common can automatically create the database
> on the local server, over the network this involves more work, such as
> allowing a remote user the creation of databases.
> 
> Additionally, the decaf-cashier might not be the only frontend (someone
> could write a web frontend, or a timecode vending machine :-)), and it
> might be installed on a few machines.
> 
> And the decaf-db package will be even more useful when there will be
> management scripts (think daily cron jobs). It most likely makes sense
> that they are separate from a GUI, as the cashier computer might not be
> switched on over night.
> 
> > > > it would be useful to include info concerning the fact that you need to
> > > > create a /etc/decaf.conf file if you decide not to create it
> > > > automatically.
> > > 
> > also, which user should be the owner (chown) of /etc/decaf.conf? should
> > decaf-cashier be run as user 'decaf'?
> 
> I was thinking about that issue. My current plan would
> be: /etc/decaf.conf is only readable by root, and decaf-cashier stores
> it’s database connection information independently, e.g. in
> ~/.decaf.conf, or in gconf. Comments on that?
> 
> > i hope my novice comments aren't boring you all.
> 
> Not at all, any discussion will be helpful, and if only to help me think
> about my plans :-)
> 
> > > > also drop a hint on how to create the database in the how-to...
> > > 
> > > this maybe is missing from the docs. something like:
> > > 
> > > createdb decaf
> > > createuser decaf-user ...
> > > 
> > > psql decaf -h host -U decaf-user < decaf-scheme.sql
> 
> With debconf-db, this will be done automatically, by dbconfig-common.
> But for those who do not want to use that, it should be added to the
> docs. Feel free to add it to
> http://wiki.debian.org/DeCaf/Documentation
> That page will be included (as html and text) on further releases.
> 
> 
> > > > the package 'decaf_killd' refuses to install on my machine. it fails at the 
> > > > 'setting up..' stage. i'm running
> > > > debian etch official snapshot (october 25th)
> 
> Hmm. Can you give me more information on the failure?
> 
> 
> Greetings,
> Joachim

More information about the Decaf-devel mailing list