From: Kern S. <ke...@si...> - 2004-06-01 13:37:56
|
Yes, I agree this is a good solution. On Tue, 2004-06-01 at 15:00, Dan Langille wrote: > On 1 Jun 2004 at 13:05, Piotr Jaworski wrote: > > > Kern Sibbald wrote: > > > > > I admit there is a small problem with passwords even though they are one > > > way encrypted, but this does not seem serious to me. I wasn't aware > > > that email addresses were in the database. > > > > How about this? > > > > 1. Backup whole database except "mantis_user_table" table > > (mysqldump mantis |grep -v mantis_user_table > backup.sql) > > to public CVS. > > > > 2. Backup only "mantis_user_table" by Dan (with Bacula of'course :). > > > > That's way we can grab all Mantis's history from a point of time and > > don't be afraid to passwords and emails problem. If needed, Kern or Dan > > can always restore the newest version of "mantis_user_table" to rest > > from CVS. > > I'm glad to see others noticed the password/email issue. I also > thought about it earlier today. > > I investigated stripping personal data from the database. It was > suggested by some of the Bacula folks that this might be useful: > > - import the original backup into another database > - overwrite the personal data > - export > - distribute the sanitized export > > I am not keen to do this work, but if someone else wanted it, feel > free. Don't delete records, as that will break things. But some > fields will need masking. This was my starting point: > > update mantis_user_table set email = null, password = '*', > cookie_string = null; > > For now, the database will be backed up daily. Copies will be kept > at on the server in question, here at my home, and with Kern. We can > expand the locations as required. |