Bug 703948 - db schema upgrade failure exposes DB password
Summary: db schema upgrade failure exposes DB password
Status: NEW
Alias: None
Product: RHQ Project
Classification: Other
Component: Installer
Version: 4.0.1
Hardware: Unspecified
OS: Unspecified
medium
unspecified vote
Target Milestone: ---
: ---
Assignee: RHQ Project Maintainer
QA Contact: Mike Foley
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: jon3
TreeView+ depends on / blocked
 
Reported: 2011-05-11 18:56 UTC by dgao
Modified: 2011-07-19 21:25 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed:


Attachments (Terms of Use)

Description dgao 2011-05-11 18:56:44 UTC
[root@localhost bin]# head rhq-server.properties
### RHQ Server Configuration Properties

# Database
rhq.server.database.connection-url=jdbc:postgresql://127.0.0.1:5432/rhq
rhq.server.database.driver-class=org.postgresql.Driver
rhq.server.database.xa-datasource-class=org.postgresql.xa.PGXADataSource
rhq.server.database.user-name=rhqadmin
rhq.server.database.password=1eeb2f255e832171df8592078de921bc
rhq.server.database.type-mapping=PostgreSQL
rhq.server.database.server-name=127.0.0.1

[root@localhost bin]# ./rhq-server.sh start

==========================================================
[root@localhost bin]# tail ../logs/*

2011-05-11 14:11:34,708 INFO  [org.rhq.enterprise.installer.ServerInformation] Database is supported: postgresql8.4(postgresql:8.4)
2011-05-11 14:11:36,333 FATAL [org.rhq.enterprise.installer.ServerInformation] Cannot upgrade the database schema - RHQ Server will not run properly
java.lang.RuntimeException: Cannot run ANT on script [/opt/rhq-server-4.0.1-SNAPSHOT/logs/db-upgrade.xml]. Cause: /opt/rhq-server-4.0.1-SNAPSHOT/logs/db-upgrade.xml:27: Failed to upgrade - error in spec version [2.107]. Cause: Error executing the task [org.rhq.core.db.ant.dbupgrade.SST_CreateSequence] in schema spec version [2.107]. Cause: The schema spec task [CreateSequence] has encountered an error. Cause: org.postgresql.util.PSQLException: ERROR: relation "rhq_operation_schedule_id_seq" already exists
	at org.rhq.enterprise.installer.ServerInformation.startAnt(ServerInformation.java:785)
	at org.rhq.enterprise.installer.ServerInformation.upgradeExistingDatabaseSchema(ServerInformation.java:276)
	at org.rhq.enterprise.installer.ConfigurationBean.save(ConfigurationBean.java:735)
	at org.rhq.enterprise.installer.AutoInstallServlet.init(AutoInstallServlet.java:49)
	at javax.servlet.GenericServlet.init(GenericServlet.java:212)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

..............
 
==========================================================

[root@localhost bin]# head rhq-server.properties 
### RHQ Server Configuration Properties

# Database
rhq.server.database.connection-url=jdbc:postgresql://127.0.0.1:5432/rhq
rhq.server.database.driver-class=org.postgresql.Driver
rhq.server.database.xa-datasource-class=org.postgresql.xa.PGXADataSource
rhq.server.database.user-name=rhqadmin
rhq.server.database.password=rhqadmin
rhq.server.database.type-mapping=PostgreSQL
rhq.server.database.server-name=127.0.0.1


Observed on Fedora 13 w/ Postgres 8.4.4.1


Note You need to log in before you can comment on or make changes to this bug.