[Dbconfig-common-devel] Re: dbconfig-common Problems
Andreas Tille
tillea at rki.de
Fri Jul 29 10:15:41 UTC 2005
On Fri, 29 Jul 2005, sean finney wrote:
> assuming you mean ssl and not ssh?
Sure. :)
> okay, in that case you should select "password" for the authentication
> method questions. looking at the dbconfig code, it's not clear whether
> or not you can preseed this value (by setting something like
> dbc_pgsql_authmethod_user="password" etc), though you ought to be able to
> for just this reason.
OK, if I add
local all all password
to /etc/postgresql/pg_hba.conf I will be asked at least for a password,
but this does not really help, because I have no password information about
any user in postgresql default configuration because the default is just
ident. On the other hand this is a to rude hack because it will break other
applications which are using ident authentication.
IMHO the following steps are necessary to do in dbconfig-common to work out
of the box:
1. Edit /etc/postgresql/pg_hba.conf
### -- Begin dbconfig-common -- ##
local @dbconfig-common.databases @dbconfig-common.users password
### -- End dbconfig-common -- ##
2. Set links to database / username lists
ln -s /etc/dbconfig-common/pgDatabases.list /var/lib/postgres/data/dbconfig-common.database
ln -s /etc/dbconfig-common/pgUser.list /var/lib/postgres/data/dbconfig-common.users
3. List Databases and users in the according config files
echo "dbtestpgsql" >> /etc/dbconfig-common/pgDatabases.list
echo "dbtestpgsql" >> /etc/dbconfig-common/pgUser.list
The user names and database names can be obtained via debconf
4. Restart postgresql server to enable the changed configuration
> i'd try the above mentioned debug routines to see if that sheds any
> more light on why things are failing. you could then forward this
> information to me and/or the bts and we could take things from
> there.
I tried
$ export dbc_debug=1
$ export dbc_authmethod_admin="password"
$ export dbc_authmethod_user="password"
$ sudo dpkg -i db-test-pgsql_2.1_all.deb
Selecting previously deselected package db-test-pgsql.
(Reading database ... 174973 files and directories currently installed.)
Unpacking db-test-pgsql (from db-test-pgsql_2.1_all.deb) ...
dbconfig-common: writing config to /etc/dbconfig-common/db-test-pgsql.conf
Creating config file /etc/dbconfig-common/db-test-pgsql.conf with new version
Setting up db-test-pgsql (2.1) ...
dbconfig-common: writing config to /etc/dbconfig-common/db-test-pgsql.conf
dbconfig-common: writing config to /etc/dbconfig-common/db-test-pgsql.conf
Replacing config file /etc/dbconfig-common/db-test-pgsql.conf with new version
dbconfig-common: writing config to /etc/dbconfig-common/db-test-pgsql.conf
creating postgres user dbtestpgsql: success.
verifying creation of user: success.
creating database dbtestpgsql: success.
verifying database dbtestpgsql exists: success.
chown: `dbtestpgsql': invalid user
error encountered populating database:
Unknown id: dbtestpgsql
dbconfig-common: db-test-pgsql configure: aborted.
dbconfig-common: flushing administrative password
dpkg: error processing db-test-pgsql (--install):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
db-test-pgsql
Interestingly enough setting dbc_authmethod_* in the environment did not
succeed, because /etc/dbconfig-common/db-test-pgsql.conf says:
dbc_authmethod_admin="ident"
dbc_authmethod_user="ident"
Moreover my database setup above did not really to the expected result that
user dbtestpgsql for database dbtestpgsql has to use password authentication.
I have to sort this out on my local machine. Wenn I used the "all all" setting
I was asked for a password for user dbtestpgsql which I do not know because
it is not set and thus the situation is not really better, but at least there
was a sign of password authentication method. But as I said the "all all"
setting breaks other applications like otrs or zope and probably a lot more.
> you can also always hand-edit the config files under /etc, whose
> settings trump those of what's stored in debconf (in fact, they
> are loaded into debconf before debconf is run).
I do not realize a slightest change when I replace "ident" by "password"
for both values mentioned above.
> i believe that password does not work out of the box because postgres
> is not set up out of the box to do password based authentication. if
> you enable password authentication in pg_hba.conf do you get any
> further?
See above.
Kind regards
Andreas.
--
http://fam-tille.de
More information about the Dbconfig-common-devel
mailing list