Galaxy database user rights
Hello again, [Again, apologies if this is documented somewhere - if it is I haven't found it yet.] I see that for production servers you recommend running Galaxy on PostgreSQL (or maybe MySQL) rather than SQLite: http://bitbucket.org/galaxy/galaxy-central/wiki/Config/ProductionServer I'm wondering if there is any specific advice about what permissions to give the galaxy database user account beyond this:
Give Galaxy its own database user and database. Galaxy's schema could conflict with other tables in your database. Also, restrict Galaxy's database user so it only has access to its own database.
For example, I'd guess that normally (i.e. run.sh) all that Galaxy needs is to insert/delete/modify data in existing tables. On the other hand setup.sh would also need to add/drop/modify tables (particularly for creating the database and also for the database migration system). Does it make sense to have separate PostgreSQL/MySQL accounts for an everyday "galaxy user" (which can't alter the schema, used via run.sh) and a separate "galaxy admin" (used by setup.py)? Or, do you just recommend a single "galaxy" user in PostgreSQL/MySQL which has complete control over the Galaxy database? Simple, but less secure. Thanks, Peter
Peter wrote:
Hello again,
[Again, apologies if this is documented somewhere - if it is I haven't found it yet.]
I see that for production servers you recommend running Galaxy on PostgreSQL (or maybe MySQL) rather than SQLite: http://bitbucket.org/galaxy/galaxy-central/wiki/Config/ProductionServer
I'm wondering if there is any specific advice about what permissions to give the galaxy database user account beyond this:
Give Galaxy its own database user and database. Galaxy's schema could conflict with other tables in your database. Also, restrict Galaxy's database user so it only has access to its own database.
For example, I'd guess that normally (i.e. run.sh) all that Galaxy needs is to insert/delete/modify data in existing tables. On the other hand setup.sh would also need to add/drop/modify tables (particularly for creating the database and also for the database migration system).
Does it make sense to have separate PostgreSQL/MySQL accounts for an everyday "galaxy user" (which can't alter the schema, used via run.sh) and a separate "galaxy admin" (used by setup.py)?
Or, do you just recommend a single "galaxy" user in PostgreSQL/MySQL which has complete control over the Galaxy database? Simple, but less secure.
This is preferred since as we change the schema, additional create/drop/alters will be required. Although slightly less secure, it has never been an issue. Make regular database backups and there's nothing to worry about. --nate
Thanks,
Peter _______________________________________________ galaxy-dev mailing list galaxy-dev@lists.bx.psu.edu http://lists.bx.psu.edu/listinfo/galaxy-dev
On Fri, Sep 3, 2010 at 5:20 PM, Nate Coraor <nate@bx.psu.edu> wrote:
Peter wrote:
I'm wondering if there is any specific advice about what permissions to give the galaxy database user account ...
Or, do you just recommend a single "galaxy" user in PostgreSQL/MySQL which has complete control over the Galaxy database? Simple, but less secure.
This is preferred since as we change the schema, additional create/drop/alters will be required. Although slightly less secure, it has never been an issue. Make regular database backups and there's nothing to worry about.
OK - thanks. Peter
On Fri, Sep 3, 2010 at 5:20 PM, Nate Coraor <nate@bx.psu.edu> wrote:
Peter wrote:
Or, do you just recommend a single "galaxy" user in PostgreSQL/MySQL which has complete control over the Galaxy database? Simple, but less secure.
This is preferred since as we change the schema, additional create/drop/alters will be required. Although slightly less secure, it has never been an issue. Make regular database backups and there's nothing to worry about.
--nate
Hi Nate (and others), I have a follow up question, perhaps an SQLalchemy question really, but can we hide the Galaxy user's PostgreSQL password in file universe_wsgi.ini in the database_connection string? The documentation says to use this format: database_connection = postgres://user:pass@host/galaxy Is there any alternative - like passing the MD5 hash of the password? Or do we just have to make sure that the Unix permissions of universe_wsgi.ini are suitably locked down to prevent exposing the password? (I may be worrying too much - but better safe than sorry) Thanks, Peter
participants (2)
-
Nate Coraor
-
Peter