[Engine-patches] Change in ovirt-engine[master]: packaging: engine-backup: Safer password input

Sun, 27 Oct 2013 13:46:39 -0700 

Alon Bar-Lev has posted comments on this change.

Change subject: packaging: engine-backup: Safer password input
......................................................................


Patch Set 8:

(2 comments)

....................................................
File packaging/bin/engine-backup.sh
Line 75:     database access credentials: PGHOST PGPORT PGUSER PGDATABASE .
Line 76:     For more details, see the documentation of postgresql. Options
Line 77:     passed on the command line take precedence over these environment
Line 78:     variables. They are used only if '--change-db-credentials' is
Line 79:     passed on the command line.
I do not want us to provide utilities that expose the fact that we use specific 
database.

And there is no actual need to specify anything but password via environment 
variable as we provide cmdline arguments.
Line 80: 
Line 81:     Similarly, the database password can also be passed using the
Line 82:     environment variable PGPASSWORD. For security reasons it's
Line 83:     recommended to use --db-password or --db-passfile=file. Using


Line 126:       [ -n "${PGHOST}" ] && MY_DB_HOST="${PGHOST}"
Line 127:       [ -n "${PGPORT}" ] && MY_DB_PORT="${PGPORT}"
Line 128:       [ -n "${PGUSER}" ] && MY_DB_USER="${PGUSER}"
Line 129:       [ -n "${PGDATABASE}" ] && MY_DB_DATABASE="${PGDATABASE}"
Line 130:       [ -n "${PGPASSWORD}" ] && MY_DB_PASSWORD="${PGPASSWORD}"
this can be removed.

if you like you can leave:

 MY_DB_PASSWORD="${OVIRT_ENGINE_DATABASE_PASSWORD}"

or similar.
Line 131: 
Line 132:       while [ -n "$1" ]; do
Line 133:               local x="$1"
Line 134:               local v="${x#*=}"


-- 
To view, visit http://gerrit.ovirt.org/20423
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Icbc497af2653417beab54a9be307332cdf69a48a
Gerrit-PatchSet: 8
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yedidyah Bar David <[email protected]>
Gerrit-Reviewer: Alex Lourie <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Ofer Schreiber <[email protected]>
Gerrit-Reviewer: Sandro Bonazzola <[email protected]>
Gerrit-Reviewer: Yedidyah Bar David <[email protected]>
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to