def enable_root(self, context, root_password=None):
"""Create a superuser user or reset the superuser password.
The default PostgreSQL administration account is 'postgres'.
This account always exists and cannot be removed.
Its attributes and access can however be altered.
Clients can connect from the localhost or remotely via TCP/IP:
Local clients (e.g. psql) can connect from a preset *system* account
called 'postgres'.
This system account has no password and is *locked* by default,
so that it can be used by *local* users only.
It should *never* be enabled (or its password set)!!!
That would just open up a new attack vector on the system account.
Remote clients should use a build-in *database* account of the same
name. It's password can be changed using the "ALTER USER" statement.
Access to this account is disabled by Trove exposed only once the
superuser access is requested.
Trove itself creates its own administrative account.
{"_name": "postgres", "_password": "******"}
"""
user = models.PostgreSQLRootUser(password=root_password)
query = pgutil.UserQuery.alter_user(
user.name,
user.password,
None,
*self.ADMIN_OPTIONS
)
pgutil.psql(query, timeout=30)
return user.serialize()
def _find_root_user(self, context, instance_id):
user = guest_models.PostgreSQLRootUser()
# This is currently using MySQL model.
# MySQL extension *should* work for now, but may lead to
# future bugs (incompatible input validation, unused field etc).
return models.User.load(
context, instance_id, user.name, user.host, root_user=True)
def _secure(self, context):
# Create a new administrative user for Trove and also
# disable the built-in superuser.
os_admin_db = models.PostgreSQLSchema(self.ADMIN_USER)
self._create_database(context, os_admin_db)
self._create_admin_user(context, databases=[os_admin_db])
pgutil.PG_ADMIN = self.ADMIN_USER
postgres = models.PostgreSQLRootUser()
self.alter_user(context, postgres, 'NOSUPERUSER', 'NOLOGIN')
def _find_root_user(self, context, instance_id):
user = guest_models.PostgreSQLRootUser()
# TODO(pmalik): This should be ultimately using Postgres model
# extensions. MySQL extensions will work for now, but may lead to
# future bugs as it makes use of the 'host' field which
# does not exist/has different meaning in Postgres.
return models.User.load(context,
instance_id,
user.name,
user.host,
root_user=True)
def build_root_user(self, password=None):
return models.PostgreSQLRootUser(password=password)