From 8f80834e934b7deaccabb7bf81876190d72800f8 Mon Sep 17 00:00:00 2001 From: Joe Ferguson Date: Wed, 11 Feb 2015 15:12:11 -0800 Subject: [PATCH] Update pg_hba generation --- 8.4/docker-entrypoint.sh | 8 +++++++- 9.0/docker-entrypoint.sh | 8 +++++++- 9.1/docker-entrypoint.sh | 8 +++++++- 9.2/docker-entrypoint.sh | 8 +++++++- 9.3/docker-entrypoint.sh | 8 +++++++- 9.4/docker-entrypoint.sh | 8 +++++++- docker-entrypoint.sh | 8 +++++++- 7 files changed, 49 insertions(+), 7 deletions(-) diff --git a/8.4/docker-entrypoint.sh b/8.4/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/8.4/docker-entrypoint.sh +++ b/8.4/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/9.0/docker-entrypoint.sh b/9.0/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/9.0/docker-entrypoint.sh +++ b/9.0/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/9.1/docker-entrypoint.sh b/9.1/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/9.1/docker-entrypoint.sh +++ b/9.1/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/9.2/docker-entrypoint.sh b/9.2/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/9.2/docker-entrypoint.sh +++ b/9.2/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/9.3/docker-entrypoint.sh b/9.3/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/9.3/docker-entrypoint.sh +++ b/9.3/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/9.4/docker-entrypoint.sh b/9.4/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/9.4/docker-entrypoint.sh +++ b/9.4/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 28f8354f70..ed1f2c7292 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -19,6 +19,12 @@ if [ "$1" = 'postgres' ]; then cat >&2 <<-'EOWARN' **************************************************** WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + Use "-e POSTGRES_PASSWORD=password" to set it in "docker run". **************************************************** @@ -44,7 +50,7 @@ if [ "$1" = 'postgres' ]; then EOSQL echo - { echo; echo "host all \"$POSTGRES_USER\" 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf if [ -d /docker-entrypoint-initdb.d ]; then for f in /docker-entrypoint-initdb.d/*.sh; do