Merge pull request #585 from ONLYOFFICE/bugfix/psql-owner

fix Bug 59826 - Fix database creation without onlyoffice owner
Fix database creation without onlyoffice owner
2026-04-07 14:01:38 +08:00 · 2023-02-07 18:53:11 +05:00 · 2023-02-07 16:08:40 +03:00 · 2023-02-07 13:02:08 +05:00 · 2023-02-07 11:02:40 +05:00 · 2023-02-02 20:41:49 +05:00
2 changed files with 3 additions and 5 deletions
--- a/3
+++ b/3
@ -57,9 +57,8 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types && \
    pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
    service postgresql restart && \
-    sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
    sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
-    sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \ 
+    sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
    service postgresql stop && \
    service redis-server stop && \
    service rabbitmq-server stop && \
--- a/run-document-server.sh
+++ b/run-document-server.sh
@ -87,7 +87,7 @@ fi

 [ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'

-JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
+JWT_SECRET=${JWT_SECRET:-$(pwgen -s 32)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}

@ -358,9 +358,8 @@ create_postgresql_cluster(){
 }

 create_postgresql_db(){
-  sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
  sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
-  sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
+  sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
 }

 create_db_tbl() {
Author	SHA1	Message	Date
Alexey Golubev	4c05627d1f	Merge pull request #585 from ONLYOFFICE/bugfix/psql-owner fix Bug 59826 - Fix database creation without onlyoffice owner	2023-02-07 18:53:11 +05:00
evgeniy-antonyuk	985bc4020a	Fix database creation without onlyoffice owner	2023-02-07 16:08:40 +03:00
Alexey Golubev	46215d4372	Merge pull request #584 from ONLYOFFICE/hotfix/v7.3.2 Merger hotfix/v7.3.2 into hotfix/v7.3.3	2023-02-07 13:02:08 +05:00
Thomas Gerbet	83825d26e9	Generated JWT secret is too small for HMAC SHA256 (#582 ) The key that is automatically generated weaken the security strength. As noted in RFC7518 section 3.2 [0]: ``` A key of the same size as the hash output (for instance, 256 bits for "HS256") or larger MUST be used with this algorithm. (This requirement is based on Section 5.3.4 (Security Effect of the HMAC Key) of NIST SP 800-117 [NIST.800-107], which states that the effective security strength is the minimum of the security strength of the key and two times the size of the internal hash value.) ``` Some JWT libraries are rejecting by default keys that are too small in a attempt to prevent misusages so generating a key that does not respect the minimal length can be problematic for OO integrations. [0] https://www.rfc-editor.org/rfc/rfc7518.html#section-3.2	2023-02-07 11:02:40 +05:00
Danil Titarenko	cac79dea01	Install rabbitmq-server from default ubuntu repo, fixed bug closes #575 (#578 )	2023-02-02 20:41:49 +05:00