[Decaf-devel] Merging pam module, killd and status packages?
Fanen Ahua
afanen01 at gmail.com
Wed Dec 20 11:14:00 CET 2006
i tried it just now and it installed successfully. i just upgraded
packages on my system to sync with latest etch.
should i use postgres 7.4 or 8.1? cos i haven't been able to run
decaf-cashier it fails to connecto to the db server.. here's my hba_conf
been digging thru pgdocs without success.
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the PostgreSQL Administrator's Guide, chapter "Client
# Authentication" for a complete description. A short synopsis
# follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access. Records take one of seven forms:
#
# local DATABASE USER METHOD [OPTION]
# host DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
# hostssl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
# hostnossl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
# host DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
# hostssl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
# hostnossl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
#
# (The uppercase quantities should be replaced by actual values.)
# The first field is the connection type: "local" is a Unix-domain
socket,
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is
an
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
# DATABASE can be "all", "sameuser", "samegroup", a database name (or
# a comma-separated list thereof), or a file name prefixed with "@".
# USER can be "all", an actual user name or a group name prefixed with
# "+" or a list containing either. IP-ADDRESS and IP-MASK specify the
# set of hosts the record matches. CIDR-MASK is an integer between 0
# and 32 (IPv4) or 128 (IPv6) inclusive, that specifies the number of
# significant bits in the mask, so an IPv4 CIDR-MASK of 8 is equivalent
# to an IP-MASK of 255.0.0.0, and an IPv6 CIDR-MASK of 64 is equivalent
# to an IP-MASK of ffff:ffff:ffff:ffff::. METHOD can be "trust",
"reject",
# "md5", "crypt", "password", "krb4", "krb5", "ident", or "pam". Note
# that "password" uses clear-text passwords; "md5" is preferred for
# encrypted passwords. OPTION is the ident map or the name of the PAM
# service.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect, or use
# "pg_ctl reload".
# Put your actual configuration here
# ----------------------------------
#
# CAUTION: The default configuration allows any local user to connect
# using any PostgreSQL user name, including the superuser, over either
# Unix-domain sockets or TCP/IP. If you are on a multiple-user
# machine, the default configuration is probably too liberal for you.
# Change it to use something other than "trust" authentication.
#
# If you want to allow non-local connections, you need to add more
# "host" records. Also, remember TCP/IP connections are only enabled
# if you enable "tcpip_socket" in postgresql.conf.
# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database
# super user can access the database using some other method.
# Noninteractive
# access to all databases is required during automatic maintenance
# (autovacuum, daily cronjob, replication, and similar tasks).
#
# Database administrative login by UNIX sockets
local all postgres ident sameuser
# TYPE DATABASE USER IP-ADDRESS IP-MASK
METHOD
local all all 127.0.0.1
ident sameuser
local all all ident
sameuser
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255
ident sameuser
host all all 255.255.255.255 ident sameuser
# IPv6-style local connections:
host all all ::1
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff md5
On Wed, 2006-12-20 at 09:46 +0000, Joachim Breitner wrote:
> Hi,
>
>
> Am Mittwoch, den 20.12.2006, 10:23 +0100 schrieb Fanen Ahua:
> > On Tue, 2006-12-19 at 21:14 +0000, Luis Matos wrote:
> > > Ter, 2006-12-19 às 16:44 +0100, Fanen Ahua escreveu:
> > > > sorry if this is coming late, i think the 'decaf_cashier' package should
> > > > create the database, as well as a default '/etc/decaf.conf'
> > >
> > >
> > > disagree ... the database server can be a standalone database server.
> > > for example, a tester for decaf works like that. He has a central server
> > > for shares and the cashier machine (his) is not the server.
> > >
> > since decaf-cashier can connect to the database server, i suppose it can
> > create the db anyway, even if its on a different machine?
>
> I’d rather go with a decaf-db package. I think it is more intuitive to
> install a specific package on the server, than just a GUI somewhere on
> the network. Also, dbconfig-common can automatically create the database
> on the local server, over the network this involves more work, such as
> allowing a remote user the creation of databases.
>
> Additionally, the decaf-cashier might not be the only frontend (someone
> could write a web frontend, or a timecode vending machine :-)), and it
> might be installed on a few machines.
>
> And the decaf-db package will be even more useful when there will be
> management scripts (think daily cron jobs). It most likely makes sense
> that they are separate from a GUI, as the cashier computer might not be
> switched on over night.
>
> > > > it would be useful to include info concerning the fact that you need to
> > > > create a /etc/decaf.conf file if you decide not to create it
> > > > automatically.
> > >
> > also, which user should be the owner (chown) of /etc/decaf.conf? should
> > decaf-cashier be run as user 'decaf'?
>
> I was thinking about that issue. My current plan would
> be: /etc/decaf.conf is only readable by root, and decaf-cashier stores
> it’s database connection information independently, e.g. in
> ~/.decaf.conf, or in gconf. Comments on that?
>
> > i hope my novice comments aren't boring you all.
>
> Not at all, any discussion will be helpful, and if only to help me think
> about my plans :-)
>
> > > > also drop a hint on how to create the database in the how-to...
> > >
> > > this maybe is missing from the docs. something like:
> > >
> > > createdb decaf
> > > createuser decaf-user ...
> > >
> > > psql decaf -h host -U decaf-user < decaf-scheme.sql
>
> With debconf-db, this will be done automatically, by dbconfig-common.
> But for those who do not want to use that, it should be added to the
> docs. Feel free to add it to
> http://wiki.debian.org/DeCaf/Documentation
> That page will be included (as html and text) on further releases.
>
>
> > > > the package 'decaf_killd' refuses to install on my machine. it fails at the
> > > > 'setting up..' stage. i'm running
> > > > debian etch official snapshot (october 25th)
>
> Hmm. Can you give me more information on the failure?
>
>
> Greetings,
> Joachim
More information about the Decaf-devel
mailing list