Closed
Bug 660842
Opened 13 years ago
Closed 13 years ago
Set up different PostgreSQL account for processors
Categories
(Data & BI Services Team :: DB: MySQL, task)
Data & BI Services Team
DB: MySQL
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: laura, Assigned: mpressman)
References
Details
As above. This is part of bug 629144.
Comment 1•13 years ago
|
||
Completed with 1.7.8 push.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 2•13 years ago
|
||
apparently, the new "monitor" user cannot insert into the private priority jobs table owned by the "processor" user. 2011-06-02 23:03:06,939 ERROR - priorityLoopingThread - Caught Error: <class 'psycopg2.ProgrammingError'> 2011-06-02 23:03:06,939 ERROR - priorityLoopingThread - permission denied for relation priority_jobs_1158 The ability of the monitor to write to the private priority jobs table is pivotal to the communication between those two processes. The processors themselves are responsible for creating there own private priority jobs tables. Under the new system of each process having its own username, will the processors have to explicitly grant insert permission to the monitor? Or is there a way for the monitor to automatically have this privilege?
Updated•13 years ago
|
Assignee: josh → mpressman
Severity: critical → blocker
Updated•13 years ago
|
Assignee: mpressman → server-ops
Component: Socorro → Server Operations
Product: Webtools → mozilla.org
QA Contact: socorro → mrz
Target Milestone: 1.7.8 → ---
Version: 1.7 → other
Updated•13 years ago
|
Assignee: server-ops → mpressman
Component: Server Operations → Server Operations: Database
Assignee | ||
Comment 3•13 years ago
|
||
Since I am not sure of how locked down we want the 'monitor' user, I can go about this several ways. I can change the monitor to a superuser which will allow it access to all objects, I can explicitly give it permissions to objects that already exist or change the 'monitor' user to be a member of 'processor' table which will allow it access to all 'processor' objects Any ideas?
Comment 4•13 years ago
|
||
the monitor should be allowed to access all "processor" objects. Let's set it there and see how it goes.
Assignee | ||
Comment 5•13 years ago
|
||
breakpad=# grant processor to monitor; GRANT ROLE breakpad=#
Comment 6•13 years ago
|
||
the permission errors are no longer happening in the logs. I think we can call this fixed.
Status: REOPENED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
Comment 7•13 years ago
|
||
Matt, can you add that grant statement to the 1.7.8 upgrade scripts, just so it's in SVN? Thanks.
Updated•10 years ago
|
Product: mozilla.org → Data & BI Services Team
You need to log in
before you can comment on or make changes to this bug.
Description
•