marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77cd8a823f
ids.alfacom.it/attached_assets/Pasted-sudo-cp-var-lib-pgsql-data-pg-hba-conf-var-lib-pgsql-data-pg-hba-conf-backup-manual-root-ids-pyth-1763397517711_1763397517711.txt
marco370 1936a29ae4 Improve database connection security and restart log parser 
Modify pg_hba.conf to use SCRAM-SHA-256 for database authentication and restart the syslog parser service.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 2c44c1cf-5725-4dd8-8305-3fa9b2a5136c
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
2025-11-17 16:39:09 +00:00

71 lines
3.8 KiB
Plaintext
Raw Blame History

sudo cp /var/lib/pgsql/data/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf.backup_manual
[root@ids python_ml]# sudo sed -i '/^local.*ids_database.*ids_user/d' /var/lib/pgsql/data/pg_hba.conf
sudo sed -i '/^host.*ids_database.*ids_user/d' /var/lib/pgsql/data/pg_hba.conf
[root@ids python_ml]# cat << 'EOF' | sudo tee -a /var/lib/pgsql/data/pg_hba.conf
# IDS Database - SCRAM-SHA-256
local ids_database ids_user scram-sha-256
host ids_database ids_user 127.0.0.1/32 scram-sha-256
host ids_database ids_user ::1/128 scram-sha-256
EOF
# IDS Database - SCRAM-SHA-256
local ids_database ids_user scram-sha-256
host ids_database ids_user 127.0.0.1/32 scram-sha-256
host ids_database ids_user ::1/128 scram-sha-256
[root@ids python_ml]# systemctl reload postgresql
[root@ids python_ml]# sudo grep "ids_database" /var/lib/pgsql/data/pg_hba.conf
local ids_database ids_user scram-sha-256
host ids_database ids_user 127.0.0.1/32 scram-sha-256
host ids_database ids_user ::1/128 scram-sha-256
[root@ids python_ml]# export PGPASSWORD="TestPassword123"
[root@ids python_ml]# psql -h ::1 -U ids_user -d ids_database -c "SELECT 1;"
?column?
----------
1
(1 row)
[root@ids python_ml]# pkill -f syslog_parser
[root@ids python_ml]# sudo -u ids nohup python3.11 syslog_parser.py > /var/log/ids/syslog_parser.log 2>&1 &
[1] 59373
[root@ids python_ml]# tail -20 /var/log/ids/syslog_parser.log
nohup: ignoring input
=== SYSLOG PARSER PER ROUTER MIKROTIK ===
Pressione Ctrl+C per interrompere
[ERROR] Connessione database fallita: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "ids_user"
[INFO] Disconnesso da PostgreSQL
Traceback (most recent call last):
File "/opt/ids/python_ml/syslog_parser.py", line 215, in <module>
main()
File "/opt/ids/python_ml/syslog_parser.py", line 203, in main
parser.connect_db()
File "/opt/ids/python_ml/syslog_parser.py", line 48, in connect_db
self.conn = psycopg2.connect(**self.db_config)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/ids/.local/lib/python3.11/site-packages/psycopg2/__init__.py", line 122, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
psycopg2.OperationalError: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "ids_user"
[1]+ Exit 1 sudo -u ids nohup python3.11 syslog_parser.py > /var/log/ids/syslog_parser.log 2>&1
[root@ids python_ml]# tail -20 /var/log/ids/syslog_parser.log
nohup: ignoring input
=== SYSLOG PARSER PER ROUTER MIKROTIK ===
Pressione Ctrl+C per interrompere
[ERROR] Connessione database fallita: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "ids_user"
[INFO] Disconnesso da PostgreSQL
Traceback (most recent call last):
File "/opt/ids/python_ml/syslog_parser.py", line 215, in <module>
main()
File "/opt/ids/python_ml/syslog_parser.py", line 203, in main
parser.connect_db()
File "/opt/ids/python_ml/syslog_parser.py", line 48, in connect_db
self.conn = psycopg2.connect(**self.db_config)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/ids/.local/lib/python3.11/site-packages/psycopg2/__init__.py", line 122, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
psycopg2.OperationalError: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "ids_user"
Reference in New Issue View Git Blame Copy Permalink