Remove database management from tryton

added type::feature + 1 deleted label

2016-03-10 19:47 GMT+01:00 Luis Falcon @tryton.org>:

>
> New submission from Luis Falcon <falcon@gnu.org>:
>
> Hi !
>
> I would like to implement the following additional features :
>
> * A native mechanism in Tryton that imposes a timeout upon a failed login
> attempt to the Tryton administrator user (responsible to create / backup /
> drop / restore ) database through the client.
>
>
check: https://bitbucket.org/nantic/trytond-password_expiry

> * Include serverpass[1] in the standard Tryton distribution
>
> * Make Trytond PAM-aware[2]
>
> 1.-
> https://en.wikibooks.org/wiki/GNU_Health/Security#Serverpass:_The_Server_Password_Utility
>
> 2.- https://www.netbsd.org/docs/guide/en/chap-pam.html
>
> ----------
> messages: 24736
> nosy: meanmicio
> priority: feature
> status: unread
> title: Additional security features for Tryton server
> type: feature request
>
> _______________________________________________
> Tryton issue tracker @tryton.org>
> <https://bugs.tryton.org/#5384>
> _______________________________________________
>

--
Àngel Àlvarez Serra
Tel. 93 553 18 03
@aasnan
www.NaN-tic.com <http://www.nan-tic.com/>

Avís legal >>

_______________________________________________
Nan mailing list
Nan@lists.nan-tic.com
http://lists.nan-tic.com/listinfo/nan

added 1 deleted label and removed 1 deleted label

Hi, Angel !
On Thu, 10 Mar 2016 19:50:07 +0100
Angel Alvarez @tryton.org> wrote:

> Angel Alvarez <angel@nan-tic.com> added the comment:
>
> 2016-03-10 19:47 GMT+01:00 Luis Falcon @tryton.org>:
>
> >
> > New submission from Luis Falcon <falcon@gnu.org>:
> >
> > Hi !
> >
> > I would like to implement the following additional features :
> >
> > * A native mechanism in Tryton that imposes a timeout upon a failed
> > login attempt to the Tryton administrator user (responsible to
> > create / backup / drop / restore ) database through the client.
> >
> >
> check: https://bitbucket.org/nantic/trytond-password_expiry
>

It looks great, thanks !

We can integrate it with cracklib, as I did with serverpass[1]

Just a couple of comments :

* By timeout I refer to not the "expiry", but the timeout in seconds if
someone enters the wrong password.

* It probably it would be good to separate the roles from the admin
user (ie, admin in res.user) and the trytond "super" user.

> > * Include serverpass[1] in the standard Tryton distribution
> >
> > * Make Trytond PAM-aware[2]
> >
> > 1.-
> > https://en.wikibooks.org/wiki/GNU_Health/Security#Serverpass:_The_Server_Password_Utility
> >
> > 2.- https://www.netbsd.org/docs/guide/en/chap-pam.html
> >
> > ----------
> > messages: 24736
> > nosy: meanmicio
> > priority: feature
> > status: unread
> > title: Additional security features for Tryton server
> > type: feature request
> >
> > _______________________________________________
> > Tryton issue tracker @tryton.org>
> > <https://bugs.tryton.org/#5384>
> > _______________________________________________
> >
>

Bests

I think it is better to move database manage to only neso and to remove the RPC database management API from the server.
It was a mistake to keep the poor database manager from TinyERP.

Hi, Cedric

On Thu, 10 Mar 2016 21:06:55 +0100
Cédric Krier @tryton.org> wrote:

> Cédric Krier <cedric.krier@b2ck.com> added the comment:
>
> I think it is better to move database manage to only neso and to
> remove the RPC database management API from the server. It was a
> mistake to keep the poor database manager from TinyERP.

Agree.
It will be great to remove the DB management options from the client.
We will end up with a much more secure environment.

We don't need to care about neso with #5642 (closed).

I'm wondering if we should also remove the multidatabase support from trytond, and use one server per database and the pool should only have the classes of the current database.

New review30261003 at https://codereview.tryton.org/30261003/#ps1

Here is review30261003 for tryton and review29311002 for trytond

assigned to @pokoli

added 1 deleted label and removed 1 deleted label

New review29311002 at https://codereview.tryton.org/29311002/#ps1

review30261003 updated at https://codereview.tryton.org/30261003/#ps20001

review30261003 updated at https://codereview.tryton.org/30261003/#ps40001

review29311002 updated at https://codereview.tryton.org/29311002/#ps40001

review29311002 updated at https://codereview.tryton.org/29311002/#ps60001

review30261003 updated at https://codereview.tryton.org/30261003/#ps60001

review30261003 updated at https://codereview.tryton.org/30261003/#ps80001

Hi Pokoli,

I fully support removal of database management on client side.
I make an intensive use of multi-db feature and need an alternative if trytond no longer supports it.

> Hi Pokoli,
>
> I fully support removal of database management on client side.
You just have to manage from server-side :)

> I make an intensive use of multi-db feature and need an alternative if trytond no longer supports it.

For me, it's as easy as using on trytond process per database, so each database is isolated from other databases.

Please move the multi-database discussion to another separated issue.

review30261003 updated at https://codereview.tryton.org/30261003/#ps100001

review30261003 updated at https://codereview.tryton.org/30261003/#ps120001

review30261003 updated at https://codereview.tryton.org/30261003/#ps140001

review29311002 updated at https://codereview.tryton.org/29311002/#ps80001

review30261003 updated at https://codereview.tryton.org/30261003/#ps180001

review30261003 updated at https://codereview.tryton.org/30261003/#ps200001

review30261003 updated at https://codereview.tryton.org/30261003/#ps210001

review30261003 updated at https://codereview.tryton.org/30261003/#ps230001

review30261003 updated at https://codereview.tryton.org/30261003/#ps250001

review29311002 updated at https://codereview.tryton.org/29311002/#ps100001

review29311002 updated at https://codereview.tryton.org/29311002/#ps120001

review29311002 updated at https://codereview.tryton.org/29311002/#ps140001

review29311002 updated at https://codereview.tryton.org/29311002/#ps160001

review29311002 updated at https://codereview.tryton.org/29311002/#ps200001

review29311002 updated at https://codereview.tryton.org/29311002/#ps200002

review29311002 updated at https://codereview.tryton.org/29311002/#ps220001

review29311002 updated at https://codereview.tryton.org/29311002/#ps240001

New changeset 8f2297978263 by Sergi Almacellas Abellana in branch 'default':
Remove database management from RPC
http://hg.tryton.org/trytond/rev/8f2297978263

added 1 deleted label and removed 1 deleted label

closed

New changeset 9da26612368c by Sergi Almacellas Abellana in branch 'default':
Remove database management
http://hg.tryton.org/tryton/rev/9da26612368c

I reopen it because test is failing on postgresql:

https://drone.tryton.org/trypod.tryton.org/tryton/trytond/default/8f2297978263a17dad33f4ded33edc871c0cc5c6

added 1 deleted label and removed 1 deleted label

reopened

Here is review27481002 to fix it

added 1 deleted label and removed 1 deleted label

On 2016-07-07 17:22, Sergi Almacellas Abellana wrote:
>
> Sergi Almacellas Abellana <sergi@koolpi.com> added the comment:
>
> I reopen it because test is failing on postgresql:
>
> https://drone.tryton.org/trypod.tryton.org/tryton/trytond/default/8f2297978263a17dad33f4ded33edc871c0cc5c6

I think it is the sleep of 1 second that was removed.

New review27481002 at https://codereview.tryton.org/27481002/#ps1

Remove database management from tryton

Files

Child items ...

Activity

Admin message

Remove database management from tryton

Files

Activity