# This file should be copied to 'shadowpw' if required, and it should
# be readable only by the user that runs GEAS

# This file contains the password for the GEAS super user, and the access
# username and passwords for the GEAS account on every SQL database being
# used. Items containing spaces must be surrounded by quote marks. Quotes
# are optional for other items. Blank lines and lines starting with a
# hash (#) will be ignored white space is also ignored

# GEAS admin (super user)
# format:
#  adminuser: <password>
#  (note: the username for the admin user is set in geas.conf)
adminuser: secret

# SQL backend databases
# the <dbasename> field determines which database section from the config
# file uses the given username/password.  (Both are kept in this file only,
# for security: plain text passwords are required, and with them stored in
# this shadow file, the main config file can be read without worrying that
# people will find the passwords by reading an admin's screen. The
# operating system then becomes a critical link in the security system.
# Plain text passwords are required because GEAS is acting as a client to
# the database backends, and needs a useful password. They could be
# encrypted, but the server would need an additional key for decrypting
# them, and that key could be no more secure than the operating system can
# make this file. Rather than giving a false sense of security, this shadow
# file will store plain text passwords.)
# format:
#   database: <password>

# test_mysql: hello
# test_postgresql: there

# not supported format:
# database: "GEAS acct"

# WARNING: quoting items to allow spaces is NOT yet supported. A
# username/password must each be a single word.
