[Systems] [Sugar-devel] trac breakage

Samuel Cantero scanterog at gmail.com
Thu Mar 17 15:07:49 EDT 2016


Hi all,

I just recently removed all users. I've tested it by registering one user
for me. Apparently all is working.

You must register with the same username you've had in order to get all
your privileges again. This is very important for the ticket moderators'
users and trac admin users.

Please, if you find something broken just let me know. In the worst case
scenario, we have a backup of our previous database.

Best regards,

Samuel Cantero.

On Mon, Mar 14, 2016 at 8:38 PM, Walter Bender <walter.bender at gmail.com>
wrote:

> Thanks for digging into this.
>
> FWIW, I am fine with having my account deleted and re-registering.
> Whatever is most expedient for the trac maintainers.
>
> -walter
>
> On Mon, Mar 14, 2016 at 4:48 PM, Samuel Cantero <scanterog at gmail.com>
> wrote:
>
>> On Mon, Mar 14, 2016 at 5:21 PM, James Cameron <quozl at laptop.org> wrote:
>>
>>> On Mon, Mar 14, 2016 at 08:49:15AM -0300, Samuel Cantero wrote:
>>> > On Mon, Mar 14, 2016 at 3:39 AM, James Cameron <[1]quozl at laptop.org>
>>> wrote:
>>> >
>>> >     On Mon, Mar 14, 2016 at 02:32:36AM -0300, Samuel Cantero wrote:
>>> >     > Regarding to the inability to access the user page, I've checked
>>> our
>>> >     > current users and I found 97426 users. We had a lot of spam
>>> >     > here. I've checked this by doing:
>>> >     >
>>> >     > sqlite> select count(*) from session;
>>> >     > 97426
>>> >
>>> >     Perhaps "session" is wrong table.  My notes on this are;
>>> >
>>> >     0. trac.htdigest file is used to form list shown on manage user
>>> accounts,
>>> >
>>> >     1. passphrase is stored in trac.htdigest file,
>>> >
>>> >     2. the last login and authenticated flag are taken from session
>>> table,
>>> >
>>> >        select * from session where sid = 'Quozl';
>>> >
>>> >     3. name and e-mail are taken from session_attribute table,
>>> >
>>> >        select * from session_attribute where sid = 'Quozl';
>>> >
>>> > We should delete all information inside session and session_attribute
>>> tables.
>>> > We don't have any trac.htdigest file. Maybe 'cause we're storing pwd
>>> in the
>>> > trac database (SessionStore) [1].
>>> >
>>> > The ideal would be to delete users through the trac-admin utility:
>>> >
>>> >   • List users: trac-admin /project session list
>>> >
>>> >     I can find here the same users that we find in the session table.
>>> >
>>> >   • Delete users: trac-admin /project session delete <username1> ...
>>> >     <usernameN>
>>> >
>>> > But doing this for ~90.000 users is not viable.
>>>
>>> I'm guessing that you mean the unviable step is identifying the users.
>>>
>>
>> Yes.
>>
>>>
>>> Take the entire set of users, then remove the set of users who have
>>> created tickets or made comments, then use the set in a script that
>>> deletes each user.
>>>
>>> Eventually it should complete.
>>>
>>
>> I can only test this kind of procedure on weekends when I usually have
>> more time. If you have time, go ahead.
>>
>>>
>>> Then use whatever tools are necessary to optimise the table.
>>>
>>> >
>>> >     4. deletion of the users via manage user accounts results in
>>> removal
>>> >        from trac.htdigest, removal from session table, removal from
>>> >        session_attribute table.
>>> >
>>> >     Hope that helps.
>>> >
>>> >     > [...]
>>> >     > I tried to remove all suspicious users with the trac-admin
>>> utility
>>> >     > and directly by database but this is almost imposible.
>>> >
>>> >     It may require very careful scripting, yes.  Last time I looked at
>>> >     that, I made a mistake deleted all users.  (3rd March 2014, for
>>> >     [2]dev.laptop.org).  It hasn't been a problem since.
>>> >
>>> >     > I guess we should delete all users and ask them to re-register
>>> >     > again. However, I don't want to proceed before your approval.
>>> >
>>> >     I'm fine with that.  Let's hear from others.
>>> >
>>> >     --
>>> >     James Cameron
>>> >     [3]http://quozl.netrek.org/
>>> >
>>> > [1] [4]https://trac-hacks.org/wiki/AccountManagerPlugin/AuthStores
>>> >
>>> > References:
>>> >
>>> > [1] mailto:quozl at laptop.org
>>> > [2] http://dev.laptop.org/
>>> > [3] http://quozl.netrek.org/
>>> > [4] https://trac-hacks.org/wiki/AccountManagerPlugin/AuthStores
>>>
>>> --
>>> James Cameron
>>> http://quozl.netrek.org/
>>>
>>
>>
>
>
> --
> Walter Bender
> Sugar Labs
> http://www.sugarlabs.org
> <http://www.sugarlabs.org>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/systems/attachments/20160317/5bf1b4f5/attachment.html>


More information about the Systems mailing list