[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
06/06: services: zabbix-server: Do not write database password to the st
From: |
guix-commits |
Subject: |
06/06: services: zabbix-server: Do not write database password to the store. |
Date: |
Wed, 26 Jan 2022 03:34:26 -0500 (EST) |
mbakke pushed a commit to branch master
in repository guix.
commit 078f5bfae7ee174177791defcfd350117a503a6d
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Wed Jan 26 09:28:46 2022 +0100
services: zabbix-server: Do not write database password to the store.
* gnu/services/monitoring.scm (zabbix-front-end-config): Read the secret
file
from zabbix.conf.php at runtime instead of embedding the contents.
---
gnu/services/monitoring.scm | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm
index 5337161462..1b49dbd3cb 100644
--- a/gnu/services/monitoring.scm
+++ b/gnu/services/monitoring.scm
@@ -577,7 +577,7 @@ $DB['SERVER'] = '" db-host "';
$DB['PORT'] = '" (number->string db-port) "';
$DB['DATABASE'] = '" db-name "';
$DB['USER'] = '" db-user "';
-$DB['PASSWORD'] = '" (let ((file (location-file %location))
+$DB['PASSWORD'] = " (let ((file (location-file %location))
(line (location-line %location))
(column (location-column %location)))
(if (string-null? db-password)
@@ -592,15 +592,14 @@ $DB['PASSWORD'] = '" (let ((file (location-file
%location))
(condition
(&error-location
(location %location)))))
- (string-trim-both
- (with-input-from-file db-secret-file
- read-string)))
+ (string-append "trim(file_get_contents('"
+ db-secret-file "'));\n"))
(begin
(display-hint (format #f (G_ "~a:~a:~a: ~a:
Consider using @code{db-secret-file} instead of @code{db-password} for better
security.") file line column 'zabbix-front-end-configuration))
- db-password))) "';
-
+ db-password)))
+"
// Schema name. Used for IBM DB2 and PostgreSQL.
$DB['SCHEMA'] = '';
- branch master updated (3563558172 -> 078f5bfae7), guix-commits, 2022/01/26
- 04/06: gnu: zabbix-server: Don't install agent., guix-commits, 2022/01/26
- 03/06: gnu: zabbix-server: Adjust style., guix-commits, 2022/01/26
- 02/06: services: zabbix-agent: Respect user and group configuration., guix-commits, 2022/01/26
- 06/06: services: zabbix-server: Do not write database password to the store.,
guix-commits <=
- 05/06: gnu: zabbix-server: Remove duplicate input., guix-commits, 2022/01/26
- 01/06: etc: Remove redundant SELinux permissions block., guix-commits, 2022/01/26