[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Health-dev] Secure PostgreSQL connection?

From: Gerald Wiese
Subject: Re: [Health-dev] Secure PostgreSQL connection?
Date: Mon, 28 Feb 2022 17:22:04 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0

Hey again,

another thought on this:

Why is the username not consistent? Couldn't we agree on either having a psql user tryton or gnuhealth?

Not sure if I'm missing something: As far as I understand there is an operating system user and a postgresql user. But there is no actual need to have the same name for both of them.

Here it says

1) "gives permissions to your newly created gnuhealth administrator"

And here

2) "The owner of the database should be the same user, as under which the tryton server runs (default:tryton)"

From my understanding for 1) what is happening is creating a database user having the same name as the os user and 2) is not true. (When the database could even be on another system it would obviously be another user)



On 25.02.22 14:09, Luis Falcon wrote:
Dear Gerald

On 2/24/22 12:27, Gerald Wiese wrote:

getting back to this PostgreSQL config:

I tried to replace "local all all trust" by "local health tryton trust" on openSUSE and "local health gnuhealth trust" on Ubuntu/Debian and it works. As it's more precise / secure I suggest to change it in the documentation (regarding wikibooks installation chapter and openSUSE specific installation instructions).

Great! It's very good to have alternative options, as long as they are documented, and they don't cause confusion with the user (ie, make sure that the user does not include both authentication methods :) ).

Also, as you mention, OS specific users should be noted. The generic installation uses "gnuhealth" user, and not "tryton".

Besides I tested to have PostgreSQL on another system which is not part of the documentation yet. I could work on this as well. Until here I got it running but not yet fulfilling best practices I think.

Before editing wikibooks I would like to know if there is already work in progress for a HMIS documentation in RST like for MyGNUHealth / Thalamus?

Excellent! Yes. We need to have the documentation of the HMIS, version dependent, in the GNU Health federation portal, as in the case of Thalamus or MyGH.

In general having an up to date documentation with 4.0 would be nice as there are some very old parts like mentionning HMIS version 3.0 or even Python2.

Absolutely! Thank you Gerald!!

Have a great weekend,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]