Re: [Postfixadmin-devel] config.local.php not being read.
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
Re: [Postfixadmin-devel] config.local.php not being read.
|
From: Christian B. <pos...@cb...> - 2009-04-13 16:24:10
|
Hello,
Am Montag, 13. April 2009 schrieb me...@td...:
> On Sun, 12 Apr 2009, Christian Boltz wrote:
> > You have to add a setup password: (that's quite new! - r616)
> > $CONF['setup_password'] = "topsecret";
>
> That was it. I missed the setup_password parameter but set it in
> config.inc.local when I needed to add the superuser. It never
> occurred to me that not having that parameter set would keep
> config.local.php from working.
Not having the setup_password set will keep postfixadmin from working at
all.
@GingerDog:
- What about checking setup_password only in setup.php?
- What about storing the password md5-hashed? That makes it harder for
the admin to set it up, but is more secure if someone manages to read
config.inc.php...
> I was thinking that the values set in config.inc.local will over
> write values set in config.inc.php
Typo? The first filename should be ...local.php ;-)
> but if a value parameter does not
> exist in config.local.php then the value in config.inc.php will be in
> effect.
Correct.
> This would appear to be wrong since the default
> config.inc.php was set to $CONF['setup_password'] = 'changeme';
We have a special check if the setup_password is "changeme" ;-)
if($CONF['setup_password'] == 'changeme') {
die("You must specify a password in config.inc.php
(\$CONF['setup_password']) in order to access setup.php");
}
(see also .sig below *g*)
> So my question is does config.inc.php get read at all if
> config.local.php exists? It would appear not but I just want to be
> sure.
First config.inc.php is read, then config.local.php.
This means that settings in config.local.php will overwrite settings
from config.inc.php.
Regards,
Christian Boltz
--
looks like you have some special code in yast for password "x", maybe I
should use the even more secure new password "y" in the future ?! ;-)
[Harald Koenig in https://bugzilla.novell.com/show_bug.cgi?id=148464]
|
