Hello. When testing backup script as zamad user, backup failed because of unknown db password.
When running backup script as root, no problem.
I set debug=yes in config, and got this log from backup script (running as zamad user):
adapter=postgresql dbname=zammad dbuser=zammad dbpass=
timestamp is 20191010125739
backup dir is /var/tmp/zammad_backup
creating file backup…
creating postgresql backup…
Password:
su: Authentication failure
mv: cannot stat ‘/tmp/20191010125739_zammad_db.psql.gz’: No such file or directory
-# Zammad backuped successfully - Thu Oct 10 12:58:14 EEST 2019!
/opt/zammad/config/database.yml has no password.
My installation on Centos 7, installed from package, ver 3.1.x (upgraded via software update).
The default backup script does a simple change owner to pgsql and runs the backup as pgsql which has access rights on the Zammad-DB (based on sockets). postgresql is by default not using any password and uses socks authentication.
So in short: The method used to backup the database in the script requires rights to change the user to pgsql. This is normally nothing you want to allow to a normal user without authentication.
As workaround you simply change the backup function as implied on my Github post.
Please don’t forget, if you do, to copy the backup files away to ensure a backup doesn’t remove your changes.
If you e.g. already have a postgresql host (or want to run services independed from each other), you need the password to tell Zammad where to find it’s database and how to authenticate.
In a normal use case I’d say the way it is (user based authentication) should be good enough.
Just my opinion though.