From 35e6673e04a22d88ecd7641e12be46d553edc504 Mon Sep 17 00:00:00 2001 From: mj Date: Mon, 24 Sep 2001 20:32:25 +0000 Subject: [PATCH] Added some comments about PostgreSQL password usage with Mir. --- doc/INSTALL.mir | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/doc/INSTALL.mir b/doc/INSTALL.mir index fdc33f96..58d747d6 100755 --- a/doc/INSTALL.mir +++ b/doc/INSTALL.mir @@ -77,6 +77,36 @@ Do not put any JkMount lines into your httpd.conf! If mod_jk.conf-auto doesn't get written or is 0 bytes in size, check your system for file ownership/permissions problems. + +12. Add a password to your PostgreSQL user and link it to Mir (optional) + +Add a hard to guess password to the PostgreSQL user database: + +# psql -U postgres Mir +alter user postgres with password 'yourpassword'; + + +Then, in /etc/postgresql/pg_hba.conf you should make sure that nobody can +use the database without a password: + +local all password +host all 127.0.0.1 255.0.0.0 password +host all 0.0.0.0 0.0.0.0 reject + + +Then, change the database password line in config.properties: + +Database.Username=postgres +Database.Password=yourpassword + +You should make sure that no copy of config.properties (neither in mir nor +in Mir/src nor in Mir/WEB-INF/classes) is world-readable. Else you wouldn't +have to install a password, anyway. + +If you can't access PostgreSQL after this for any reason, try to change +"password" in /etc/postgresql/pg_hba.conf into "trust". This should disable +any authentication method and make the database accessible again. + that's it :) now the admin-application is accesable via: -- 2.11.0