aboutsummaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2023-09-15 09:51:09 +0200
committerChristian Grothoff <christian@grothoff.org>2023-09-15 10:04:06 +0200
commit82f353ce4e3c19f01fcf078b76ae613550673c75 (patch)
tree47ece38def2a17aa2ab9e3c121e48b0e20f75339 /contrib
parente3da5b29072b8254039675ae250f69da753171ec (diff)
have dbconfig also set permissions
Diffstat (limited to 'contrib')
-rwxr-xr-xcontrib/taler-exchange-dbconfig25
1 files changed, 24 insertions, 1 deletions
diff --git a/contrib/taler-exchange-dbconfig b/contrib/taler-exchange-dbconfig
index dc92abbd1..8fb05d738 100755
--- a/contrib/taler-exchange-dbconfig
+++ b/contrib/taler-exchange-dbconfig
@@ -21,13 +21,14 @@ set -eu
RESET_DB=0
SKIP_DBINIT=0
+FORCE_PERMS=0
DBUSER="taler-exchange-httpd"
DBGROUP="taler-exchange-db"
DBNAME="exchange"
CFGFILE="/etc/taler/secrets/exchange-db.secret.conf"
# Parse command-line options
-while getopts ':g:hn:rsu:' OPTION; do
+while getopts ':g:hn:prsu:' OPTION; do
case "$OPTION" in
h)
echo 'Supported options:'
@@ -36,6 +37,7 @@ while getopts ':g:hn:rsu:' OPTION; do
echo " -h -- print this help text"
echo " -n NAME -- user NAME for database name (default: $DBNAME)"
echo " -r -- reset database (dangerous)"
+ echo " -p -- force permission setup even without database initialization"
echo " -s -- skip database initialization"
echo " -u USER -- taler-exchange to be run by USER (default: $DBUSER)"
exit 0
@@ -43,6 +45,9 @@ while getopts ':g:hn:rsu:' OPTION; do
n)
DBNAME="$OPTARG"
;;
+ p)
+ FORCE_PERMS="1"
+ ;;
r)
RESET_DB="1"
;;
@@ -132,6 +137,24 @@ then
sudo -u "$DBUSER" taler-exchange-dbinit
fi
+if [ 0 = "$SKIP_DBINIT" ] || [ 1 = "$FORCE_PERMS" ]
+then
+ DB_GRP="$(getent group "$DBGROUP" | sed -e "s/.*://g" -e "s/,/ /g")"
+ echo "Initializing permissions for '$DB_GRP'." 1>&2
+ for GROUPIE in $DB_GRP
+ do
+ if [ "$GROUPIE" != "$DBUSER" ]
+ then
+ sudo -u "$DBUSER" \
+ echo -e 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "'"$GROUPIE"'";\n' \
+ 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "'"$GROUPIE"'";\n' \
+ | psql taler-exchange
+ fi
+ done
+fi
+
+
+
echo "Database configuration finished." 1>&2
exit 0