Davor Ocelic wrote: > Ok as said, > I've moved db/logs volume creation to create-user/destroy-user. > > Logs volume is , like databases, mount to /afs/hcoop/common/logs/ . > > I am too tired now and don't remember whether I made $USER > to be created in there as U/US/USER or just USER. If I did it > to be just USER, I will adjust it tomorrow to U/US/USER (I suppose > this is the scheme we want to use everywhere). >
Great. I noticed that you changed the dbtool scripts to assume that the MySQL/Postgres users were also created at adduser time. Is that really the right thing to do? We can get some easy extra security by still only running the SQL commands to add users for people who really want to use those databases. For instance, few people use both database systems, so we'd might as well make each user immune to any vulnerabilities that rely on opening a connection to his unused system. _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
