On Sun, Apr 1, 2012 at 4:14 PM, Jay Levitt <jay.lev...@gmail.com> wrote:
> The Mac installation docs currently recommend the EDB one-click installer as
> the first choice. While this does install pgadmin and some other
> refinements, it also is fairly confusing to troubleshoot:
> - By default, it installs to /Library/PostgreSQL, which is also (I think)
> where the Apple-supplied Lion install is

No, Apple's version is installed in /usr on mine.

> - The uninstaller is hidden in /Library/PostgreSQL, which (since Finder
> hides /Library by default) you're likely to go to via Terminal. But the
> uninstaller is a Mac app, so even if you find it you have to know to use
> "open" to run it, because Mac apps are really directories that the Finder
> abstracts away from you.


> - The EDB docs are written against 8.4.

Only if you install 8.4. If you install 8.3 you get the 8.3 docs, 9.0
the 9.0 docs and so on.

> - There are, as @lluad points out, no fewer than eight ways to install
> Postgres on a Mac (fink, macports, homebrew, Lion default, build from
> source, EDB, and two other binary installers)

That isn't any more of a reason to discount the EDB installer than any other.

> - We have few Mac experts hanging out in #postgresql.

Not sure how this is relevant to the proposal.

> - We just had two folks within an hour, BOTH with conflicting installs of
> Postgres.

Not sure how that is relevant either. You can have conflicting
installation using any of the installation methods, including a
home-built source tree.

> 1. homebrew installs everything under /usr/local and makes that
> user-writeable.  Sorry.  It does because most Mac users don't know how to
> edit PATH for GUI apps (it's in a .plist in a hidden directory in your home
> dir), and /usr/local is already in PATH by default.

Your reasoning doesn't make sense. Why does putting something in the
path require a directory to be world writeable.

In any case, the fact that Homebrew does that to /usr/local should be
enough to make any user run away screaming in terror. If it opens up a
security hole like that, what else does it do to break your system?

> 2. The current formula installs Postgres as the desktop user, not as the
> _postgres role account.

That's not very helpful on shared machines - and whilst it may be fine
for developers etc, it's not the recommended way to setup PostgreSQL
for any kind of production use.

> I'm personally of the strong opinion that user-to-user privilege escalation
> attacks are NOT an issue on desktops; all important files are already owned
> by the desktop user. The attack vector is *maybe* root escalation attacks,
> but if you want root, it's so common for installers to ask permission that
> your malware could just ask.  The real attack vector is "I'm in your
> browser", and that has nothing to do with root, permissions, or users at
> all.

I, and I suspect many others, would disagree that user to user
security is not important.

> Meanwhile, the EDB installer by default installs both app and data to a
> directory that requires root - so I assume it runs as root too - and
> nobody's complained.

No it doesn't. It installs the app to a root owned directory for
security, and the data goes in a postgres owned directory so it can
only be modified by the account the service runs under.

> 4. TCF also spits out instructions for adding Postgres to launchctl (Mac's
> version of /etc/init.d or Windows Services), rather than doing it for you,
> but again, I'd happily add the option.  (I'm checking with Homebrew folks to
> see if there's some dictum against that; it's a common pattern to put
> launchctl in the instructions, but IME the usability is poor.)
> 5. TCF doesn't update your shared memory settings. Again, happy to add that.
> 6. TCF doesn't look for existing installs. This is especially a problem on
> Lion, since Apple bundles PG 8.4, either client or server IIUC, and although
> /usr/local/bin is in your PATH, it comes *after* /usr/bin (grumble), so
> you'll either have the homebrew server fail to launch (since port 5432 is in
> use), or you'll have an outdated client version.

They seem like a number of reasons not to use Homebrew too (at least
as it is now).

> In IRC, both users had actually installed the EDB version months ago and
> forgotten about it, but over time, Lion users will grow, since all new Macs
> come with only Lion.  There are several ways to address this; my preference
> is to have homebrew warn about existing installs but take care of any magic
> to make them go away, a la
> http://nextmarvel.net/blog/2011/09/brew-install-postgresql-on-os-x-lion/.

So you propose to make it silently disable existing servers? I know
various people whose machines would be broken by that, including mine.
We went to great lengths to allow side by side installations of
different versions, precisely because developers (and occasionally
users) need to use multiple versions to support current and future
versions of their applications, and to experiment with new features.

> 7. There's no homebrew formula for pgadmin. I've never built it, and might
> be able to add that, but probably not right away.
> 8. There might be other popular things that EDB's StackBuilder does.

PostGIS, Slony, psqlODBC, pgJDBC, Npgsql, phpPgAdmin...

> 9. EDB is an important contributor to the PG core community, and maybe the
> link juice/publicity is politically important.  Lemme know.

What's right for the community is guiding people towards the easiest
to use and most reliable and useful packages - but we try to make all
alternatives known to the user (assuming they don't do nasty things to
the security of your system etc), so more experienced users can choose
what suits them the best. Currently (in my somewhat biased - see my
sig - but honestly trying to be objective) opinion, I believe the best
option for most users is our installers.

> That's all I can think of... thoughts? Objections? Which do you think are
> prerequisites?

It seems to me that most of your arguments against the installers are
based on incorrect understanding or information, and most of your
arguments for Homebrew actually come across as arguments against!

Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to