[Users] Can I avoid password openser.cfg ?

List overview All Threads
Download

newer

older

[Users] "BUG: io_watch_del" logs

[Users] New Rules: no line...

Ronald Wiplinger

28 Sep 2006 28 Sep '06

1:06 a.m.

How can I avoid details in the openser.cfg?

modparam("usrloc|auth_db","db_url","mysql://openser:openserrw@localhost/openser")

bye

Ronald

Show replies by date

Bogdan-Andrei Iancu

28 Sep 28 Sep

8:30 a.m.

Roland,

you can not hide the passwd. What you can do is to set more restrictive access to your config file (use chmod)

regards, bogdan

Ronald Wiplinger wrote:

...

How can I avoid details in the openser.cfg?

modparam("usrloc|auth_db","db_url","mysql://openser:openserrw@localhost/openser")

bye

Ronald

Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users

Ronald Wiplinger

8:52 a.m.

Bogdan-Andrei Iancu wrote:

...

Roland,

you can not hide the passwd. What you can do is to set more restrictive access to your config file (use chmod)

Is it possible to use include a file? and keep the passwords there? If you have a problem, you would like to share the real code, but with passwords in it, it is difficulty.

bye

Ronald

...

regards, bogdan

Ronald Wiplinger wrote:

...
How can I avoid details in the openser.cfg?

modparam("usrloc|auth_db","db_url","mysql://openser:openserrw@localhost/openser")

bye

Ronald

Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users

avast! Antivirus: Inbound message clean. Virus Database (VPS): 0639-3, 2006/09/27 Tested on: 2006/9/28 ¤U¤È 04:36:54 avast! - copyright (c) 1988-2006 ALWIL Software. http://www.avast.com

-- Ronald Wiplinger (CEO of ELMIT) http://www.elmit.com http://voip.elmit.com http://e-paper.elmit.com Tel. (M) +886.939.775.516 (O) +886.2.2835.7765 (ENUM) or FWD 511208 - I'm a SpamCon Foundation Member, #694, Verify it at http://www.spamcon.org PS: Spam prevention! Our system is protected with a spam prevention program. If you send us an e-mail, our system will send you a confirmation message back. Just reply to this confirmation message please. After receiving this confirmation message, our system will send the hold message (one) and all future messages (after the received confirmation message) to me without asking you again.

Bogdan-Andrei Iancu

9:10 a.m.

Ronald Wiplinger wrote:

...

Bogdan-Andrei Iancu wrote:

...
Roland,

you can not hide the passwd. What you can do is to set more restrictive access to your config file (use chmod)

Is it possible to use include a file? and keep the passwords there? If you have a problem, you would like to share the real code, but with passwords in it, it is difficulty.

the cfg file does not support an "include" directive - you can use M4 for this purpose, but guess it will not help in your case, as the generated cfg file will contain the passwd. I think the only solution is to set restrictive "read" permission on the file.

regards, bogdan

Atle Samuelsen

9:19 a.m.

* Bogdan-Andrei Iancu bogdan@voice-system.ro [060928 11:11]:

...

Ronald Wiplinger wrote:

...
Bogdan-Andrei Iancu wrote:

...
Roland,

you can not hide the passwd. What you can do is to set more restrictive access to your config file (use chmod)

Is it possible to use include a file? and keep the passwords there? If you have a problem, you would like to share the real code, but with passwords in it, it is difficulty.

the cfg file does not support an "include" directive - you can use M4 for this purpose, but guess it will not help in your case, as the generated cfg file will contain the passwd. I think the only solution is to set restrictive "read" permission on the file.

What about dropping the password in the config file, and rather put them directly in the config.h file for *ser ? (or what ever that file is called ...) then he wouldBnt need to have the database config in the config file at all :)

-A

Bogdan-Andrei Iancu

10:13 a.m.

Atle Samuelsen wrote:

...

...
...
...
you can not hide the passwd. What you can do is to set more restrictive access to your config file (use chmod)

Is it possible to use include a file? and keep the passwords there? If you have a problem, you would like to share the real code, but with passwords in it, it is difficulty.

the cfg file does not support an "include" directive - you can use M4 for this purpose, but guess it will not help in your case, as the generated cfg file will contain the passwd. I think the only solution is to set restrictive "read" permission on the file.

What about dropping the password in the config file, and rather put them directly in the config.h file for *ser ? (or what ever that file is called ...) then he wouldBnt need to have the database config in the config file at all :)

yes, it's about the config.h file #define DEFAULT_DB_URL "mysql://openser:openserrw@localhost/openser"

and

#define DEFAULT_RODB_URL "mysql://openserro:openserro@localhost/openser"

it is a solution, but is not quite flexible as you need to recompile/reinstall each time you change the passwd :).

regards, bogdan

Atle Samuelsen

5:26 p.m.

Hi Again Bogdan-Andrei,

...

it is a solution, but is not quite flexible as you need to recompile/reinstall each time you change the passwd :).

Offcource. :) but, it should'nt really be tooo hard to make it as mysql, when starting *ser you can either use a default username/password (my.cnf in mysql, *ser.cfg in this case) OR use a command line parameter.

But, dont see the problem to just have it in the config file, and do rather strict rights on it.

-A

6842

Age (days ago)

6842

Last active (days ago)

sr-users@lists.kamailio.org

6 comments

3 participants

tags (0)

participants (3)

Atle Samuelsen
Bogdan-Andrei Iancu
Ronald Wiplinger