samuel/netoik-db
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: restrict access to postgres socket
Some checks failed
Continuous Delivery / build_n_upload (push) Has been cancelled
Details

Browse Source
This commit is contained in:
samuel
2026-02-24 13:37:10 +01:00
parent fe30792dbf
commit 6e7800721f
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
netoik-db.spec
View File

@@ -34,7 +34,8 @@ systemctl restart postgresql.service
# Create databases and users from DB_USERS variable (separator is ",") if not existing
IFS="," read -ra users <<< "$DB_USERS";
for user in "${users[@]}"; do
if ! runuser --user=postgres -- psql --quiet --tuples-only --command='\du' | grep --invert-match postgres | grep --quiet "$user"; then
usermod --append --groups postgres "$user";
if ! runuser --user=postgres -- psql --quiet --tuples-only --command='\du' | grep --quiet "$user"; then
runuser --user=postgres -- createuser "$user"
runuser --user=postgres -- createdb --owner="$user" "$user"
fi
@@ -50,4 +51,3 @@ done
%changelog
%autochangelog