Jason, The --set-password thing is to ensure there are no plaintext passwords in the first place, which eliminates the oddness of couch rewriting a plaintext pwd to a digested pwd (and putting the output in a different file).
This is only for admin passwords. User passwords are held in _users as normal (though many are concerned that digested passwords are visible, and rightly so). And, as ever, holding your ego together is our primary concern but I think it can survive an improvement to how admin passwords are managed in couchdb. :) B. On 17 August 2011 15:58, Jason Smith <j...@iriscouch.com> wrote: > On Wed, Aug 17, 2011 at 9:22 PM, Robert Newson <rnew...@apache.org> wrote: >> <distilled from IRC chat> >> >> A separate password file as described above, but can only be updated thus; >> >> # couchdb --set-password admin >> Password: foo >> Password updated. > > What problem is this solving exactly? This thread started because you > edit foo.ini and subsequent changes go to bar.ini. > > That foo.ini happens to hold plaintext passwords instead of, say, TCP > nodelay only underscores the problem. But plaintext vs. hashed > passwords is a totally different matter. > > But regarding passwords, would you humor me and please re-state the > requirements? > > I think it is a solution looking for a problem. Are we talking about > moving *all* passwords to this file (ignoring _user doc .salt and > .password_sha)? Or are we keeping those in sync now? Or is this just > admin passwords? But only admins can see (hashed) passwords over HTTP. > On Unix filesystems, if you have permission to read > /etc/couchdb/local.ini then you very likely have permission to read > /var/lib/couchdb/everything.couch, so what is the point? > > Regarding --set-password and couchctl, unless I am missing some > serious requirement (possible), it sounds like CouchDB is poised to > get much more complex soon. I spend all my free time bragging about > how simple it is so that would be quite a blow to my ego. > > Thanks. > > -- > Iris Couch >