diff options
| author | Christian Grothoff <christian@grothoff.org> | 2023-09-15 09:51:09 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2023-09-15 10:04:06 +0200 |
| commit | 82f353ce4e3c19f01fcf078b76ae613550673c75 (patch) | |
| tree | 47ece38def2a17aa2ab9e3c121e48b0e20f75339 | |
| parent | e3da5b29072b8254039675ae250f69da753171ec (diff) | |
| download | exchange-82f353ce4e3c19f01fcf078b76ae613550673c75.tar.xz | |
have dbconfig also set permissions
| -rwxr-xr-x | contrib/taler-exchange-dbconfig | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/contrib/taler-exchange-dbconfig b/contrib/taler-exchange-dbconfig index dc92abbd1..8fb05d738 100755 --- a/contrib/taler-exchange-dbconfig +++ b/contrib/taler-exchange-dbconfig @@ -21,13 +21,14 @@ set -eu RESET_DB=0 SKIP_DBINIT=0 +FORCE_PERMS=0 DBUSER="taler-exchange-httpd" DBGROUP="taler-exchange-db" DBNAME="exchange" CFGFILE="/etc/taler/secrets/exchange-db.secret.conf" # Parse command-line options -while getopts ':g:hn:rsu:' OPTION; do +while getopts ':g:hn:prsu:' OPTION; do case "$OPTION" in h) echo 'Supported options:' @@ -36,6 +37,7 @@ while getopts ':g:hn:rsu:' OPTION; do echo " -h -- print this help text" echo " -n NAME -- user NAME for database name (default: $DBNAME)" echo " -r -- reset database (dangerous)" + echo " -p -- force permission setup even without database initialization" echo " -s -- skip database initialization" echo " -u USER -- taler-exchange to be run by USER (default: $DBUSER)" exit 0 @@ -43,6 +45,9 @@ while getopts ':g:hn:rsu:' OPTION; do n) DBNAME="$OPTARG" ;; + p) + FORCE_PERMS="1" + ;; r) RESET_DB="1" ;; @@ -132,6 +137,24 @@ then sudo -u "$DBUSER" taler-exchange-dbinit fi +if [ 0 = "$SKIP_DBINIT" ] || [ 1 = "$FORCE_PERMS" ] +then + DB_GRP="$(getent group "$DBGROUP" | sed -e "s/.*://g" -e "s/,/ /g")" + echo "Initializing permissions for '$DB_GRP'." 1>&2 + for GROUPIE in $DB_GRP + do + if [ "$GROUPIE" != "$DBUSER" ] + then + sudo -u "$DBUSER" \ + echo -e 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "'"$GROUPIE"'";\n' \ + 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "'"$GROUPIE"'";\n' \ + | psql taler-exchange + fi + done +fi + + + echo "Database configuration finished." 1>&2 exit 0 |