Christoph Berg [2014-03-07 13:40 +0100]: > pg_createcluster will still want to write to /etc/postgresql which is > owned by postgres, so the stats_temp_directory doesn't make the > situation worse.
That's different, though. If you use /etc/postgresql/ then pg_createcluster of course still needs to run as root, but if you specify a different owner than postgres, the cluster won't be able to start. You can also do this entirely as user by setting $PG_CLUSTER_CONF_ROOT. > > One idea is to add a new "%s" macro to the evaluation of > > createcluster.conf which expands to the used socket dir, and set > > stats_temp_directory = '%s/%v-%c_stat_tmp'. That's a little more > > complex, but always ought to work since we know that the socket dir is > > writable. > > For non-postgres clusters, the socket dir will be /tmp, which isn't a > tmpfs at least on my machine (I forgot which default Debian really > decided on in that flameware). Yes, this approach would keep the status quo for non-postgres clusters. > > A simpler solution might be to use /var/run/lock/ instead, which is > > world-writable (same permissions as /tmp/). It's just a bit of an > > abuse as these are not really lock files. > > /var/run/lock wouldn't work because it's too small (5120k here). *nod* > I think this, and the %s idea are too complex for the resulting > effect. Imho what Christian proposed is just the right approach, > people can still disable it in createcluster.conf. Then we need to ignore the option in pg_createcluster if the owner cannot write to it. It's special-casing a known option, but it's certainly doable. Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org