Appliance versions < 3.0 have the issue already mentioned in #60: If the pi-appliance tool reads and writes /etc/privacyidea/pi.cfg, some of the resulting values are malformed, e.g.:
PI_ENGINE_REGISTRY_CLASS = '"shared": '"shared'" is an invalid value, so we fall back to "null", which disables connection pooling for SQL audit and resolver connections.
Currently, the user has to edit the config file manually to restore the correct config values.
In the version of the pi-appliance tool, we could add a sanity check that detects the malformed pi.cfg above, and offers to fix the values automatically.
Appliance versions < 3.0 have the issue already mentioned in #60: If the
pi-appliancetool reads and writes/etc/privacyidea/pi.cfg, some of the resulting values are malformed, e.g.:Note that privacyIDEA still works because the malformed values are handled as follows:
PI_AUDIT_SQL_TRUNCATE = 'True'is treated likePI_AUDIT_SQL_TRUNCATE = Truebecause we check for the config option using.get("PI_AUDIT_SQL_TRUNCATE"): https://github.com/privacyidea/privacyidea/blob/5cd6730e3925931740e0ea72c051140f17c57aff/privacyidea/lib/auditmodules/sqlaudit.py#L225PI_ENGINE_REGISTRY_CLASS = '"shared":'"shared'"is an invalid value, so we fall back to"null", which disables connection pooling for SQL audit and resolver connections.PI_AUDIT_POOL_SIZE = '20'causes privacyIDEA to throw an exception here: https://github.com/privacyidea/privacyidea/blob/5cd6730e3925931740e0ea72c051140f17c57aff/privacyidea/lib/auditmodules/sqlaudit.py#L125 but this exception is caught. As a result, pooling of SQL audit connections is disabled.Currently, the user has to edit the config file manually to restore the correct config values.
In the version of the
pi-appliancetool, we could add a sanity check that detects the malformed pi.cfg above, and offers to fix the values automatically.