[Mageia-sysadm] [646] - do not include password on command line, but use a environnement
root at mageia.org
root at mageia.org
Fri Dec 17 02:45:21 CET 2010
Revision: 646
Author: misc
Date: 2010-12-17 02:45:21 +0100 (Fri, 17 Dec 2010)
Log Message:
-----------
- do not include password on command line, but use a environnement
variable, so we avoid password leak on the mailling list
Modified Paths:
--------------
puppet/modules/postgresql/manifests/init.pp
Modified: puppet/modules/postgresql/manifests/init.pp
===================================================================
--- puppet/modules/postgresql/manifests/init.pp 2010-12-17 00:50:58 UTC (rev 645)
+++ puppet/modules/postgresql/manifests/init.pp 2010-12-17 01:45:21 UTC (rev 646)
@@ -91,10 +91,11 @@
}
define user($password) {
- $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
+ $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '\$pass' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
exec { "psql -U postgres -c \"$sql\" ":
user => root,
+ environment => "pass=$password",
unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101217/ee21d61a/attachment.html>
More information about the Mageia-sysadm
mailing list