[SAC] PostgreSQL on TracSVN machine over max connections
Sandro Santilli
strk at kbt.io
Tue Jun 26 03:21:08 PDT 2018
On Tue, Jun 26, 2018 at 10:30:09AM +0200, Sandro Santilli wrote:
> According to netstat there are only 2 TCP connections (which I think
> we should forbid, unless there's a reason not to) so I guess all
> others are done via unix sockets.
I found that at least one of the 2 TCP connections was coming
from Gitea, which is now fixed to use unix socket:
https://git.osgeo.org/gitea/sac/gitea-config/commit/a5db6075
(you need authorization to see)
All the other connections were from Trac,
for which I filed a ticket about:
https://trac.osgeo.org/osgeo/ticket/2176
During the audit I found we're also using a very unsecure
configuration of PostgreSQL which should be fixed ASAP.
Martin, is your contract still ongoing ? Can you look at it ?
Fixing Trac access would be the first step:
https://trac.osgeo.org/osgeo/ticket/2175
--strk;
More information about the Sac
mailing list