l-arnold
commented
9 years ago Jeremy, Have you run a Test Install? I can run one. Will do so from your Branch.
thanks, Landis
Closed JedMeister closed 9 years ago
l-arnold
commented
9 years ago Jeremy, Have you run a Test Install? I can run one. Will do so from your Branch.
thanks, Landis
l-arnold
commented
9 years ago Caution on "User Names"
We have a USER - openerp (configured in firstboot inithooks) We have a Postgresql USER - openuser (named differently to avoid confusion)
I will look at the code.
JedMeister
commented
9 years ago Have you run a Test Install?
yes I have and works fine for me; although I didn't test very deep. (just checked everything was running ok and the main page loads)
Caution on "User Names"
We have a USER - openerp (configured in firstboot inithooks) We have a Postgresql USER - openuser (named differently to avoid confusion)
Do we need to avoid confusion? I though that it would make sense to have them the same so you don't need to remember which is which?
Consistent naming for users and db users is common practice in MySQL appliances but I'm not very experienced with PostgreSQL so perhaps that makes things different?
Unless there is a good reason not to, I think it would be good to keep the naming consistent.
l-arnold
commented
9 years ago I looked at the code and it was pretty straight forward. Not sure we need to "avoid confusion" per say. Lots of people actually link users and database users come to think of it.
I've been trying to build and keep getting package disconnects. On round 5 now of attempts. Might be getting through now.
Back soon. If it is running it is running generally. Can you run "Git Branch" effectively from all the Odoo Directories?
I was working on a review of "add ons" this AM. Didn't really see any major changes needed but will do a "eyes on" after we close the Pull.
l-arnold
commented
9 years ago Actually the "failures" were space on my TKLDEV machine. Just cleaned out the various ISOs.
l-arnold
commented
9 years ago Well, Generally running. What I am missing is "where" the Odoo Database Manager is changing the Admin Password to. The Original ADMIN Password is being set to /etc/odoo/openerp-server.conf. I am not seeing any change after the Odoo DB Manager change is all in that folder. Normally it should. That said, it is changing the Admin Password somewhere in the system.
I can Merge the Pull but I would like that we explore this just a bit.
Sound Good?
l-arnold
commented
9 years ago I just restarted the System. Starts up OK. However, going to Database Manager again, I can only "create" a Database by using the Original Admin PW that we set in /etc/odoo/openerp-server.conf
IE, the Odoo "reset password" is only a temporary change (for that session it seems)
FirstBoot Inithooks would likely reset it permanently.
We should see that the OpenERP Service is looking for that Config properly. Not sure if we shouldn't have a "pointer" to openerp-server.conf also be in /opt/openerp/odoo/
I am going to "test" a Pointer Solution on this install now. (UPDATED INSERT LINE)
l-arnold
commented
9 years ago @DocCyblade Want to be sure you are up on this.
Jeremy and Ken, should I "merge" into dev-wip1 now and then we fix, or should we try to fix first?
DocCyblade
commented
9 years ago This could be a permissions issue, odoo service user may not have write access to the config file to write to it? Just a thought. Root should own it but openerp should have write access via group permissions
l-arnold
commented
9 years ago OK. So The Pointer and the Config File both need to have ownership set to openerp:openerp
Doing The ODOO Password Update then Reformats the file but does change the password.
I am going to recomend that We store a "Backup" of the openerp-server.conf file along side so the formatting can be "kept" (along with various notations) and re set when needed.
It looks like we need a Ponter, plus 2 x chown Statements and we will be good to go.
I don't know how to make a Pointer in GIT. Something I should learn.
I'll be back in about 1 Hour.
DocCyblade
commented
9 years ago When you say pointer you mean symlink? That is a Linux file system thing not git.
Wondering why put a symlink at all and just point the init script for the service as the
Also as for secerity, should the permissions be root:openerp with read write for both owner and group with read only for everyone for the program files, the config file should be the same as well?
I know in web apps I have created and set up, root was always the owner, we used the group bits to control permission. Most of the time the service user just needs read and execute for the scripts, but there are files that need to be written to like logs and cache files those directories have write for the group as well.
Config files were always read only unless the app could or needed to edit the file like odoo
Like to know Jermerys thought s on this.
l-arnold
commented
9 years ago (editing phone input) All I know is chown openerp:openerp plus the symlink with same ownership on .conf. file and symlink file seems to work.
Ownership questions and security are good ones. Not sure the answer. Jeremy I hope will comment.
We could look at openerp.init. good idea but i think it is pointing correctly now.
Do you want to merge and tweak? I believe @JedMeister is sleeping about now.
If I don't see any commits, I will go ahead and merge right now. Lots of good in it in terms of becoming even more "consistent" with TKL call terminology.
JedMeister
commented
9 years ago This could be a permissions issue, odoo service user may not have write access to the config file to write to it? Just a thought. Root should own it but openerp should have write access via group permissions
Great point Ken! Write perms to config files is pretty common IME. I reckon even just chown openerp $CONF would do it (i.e. owned by openerp but root group...)
All I knkw is chown openerp:openerp plus the symlinkbwith same ownership seems tobwotk.
Greeat! :smile:
As for symlinks, I'm pretty sure they inherit the permissions of the file that they link to... Could be wrong though.
Also what is the symlink needed for? I should have moved the files so that a symlink isn't needed anymore... What needs the symlink?
This should also resolve #27