[oi-dev] Barman packaging

Adam Števko adam.stevko at gmail.com
Wed Nov 6 22:50:32 UTC 2013


Hi,

My idea is to convert postgres role to user (uid 90 afaik) and create a profile PostgreSQL Management, which can be used for barman needs once it is assigned to some user.

I am not sure if IPS can assign profiles to users, but doing that would be much easier for the user than to find all the pitfalls himself.

RBAC integration into userland is something we should generally agree on and try to write some best practices into wiki.

Are there any thoughts why the solution I propose is wrong? DB simply gets the user and pgsql mgmt profile will exists and it's up to user to assign it to an user account, which he wants.

Cheers,
Adam


> On Nov 6, 2013, at 3:26 PM, Alexander Pyhalov <alp at rsu.ru> wrote:
> 
> Hello.
> Have a question on packaging Barman PostgreSQL backup manager.
> 
> Usually when providing software we expect that it works at least in some way with minimal manual configuration. However, it seems barman suggests accessing PostgreSQL data directories using rsync+ssh.
> By default this attempt will fail (even if ssh is configured in a necessary way), because postgres is a role, not a user (and to find out what's wrong may be problematic, for example, for me it took about an hour to configure minimal barman installation and find out what's wrong)
> So I have a question - what's better?
> Deliver just software (and perhaps a note in a wiki) and allow user to find all pitfalls himself or at least change postgres to be a user (not a role) with perhaps some incompatibility disadvantage and not so secure configuration by default...
> -- 
> Best regards,
> Alexander Pyhalov,
> system administrator of Computer Center of Southern Federal University
> 
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> http://openindiana.org/mailman/listinfo/oi-dev




More information about the oi-dev mailing list