Re: [HACKERS] tests for client programs

Tue, 06 May 2014 17:58:29 -0700 

On 2014-05-06 20:44:56 -0400, Peter Eisentraut wrote:
> On Wed, 2014-04-30 at 18:09 +0200, Andres Freund wrote:
> > On 2014-04-04 16:44:46 +0200, Andres Freund wrote:
> > > On 2014-02-27 21:44:48 -0500, Peter Eisentraut wrote:
> > > > +open HBA, ">>$tempdir/pgdata/pg_hba.conf";
> > > > +print HBA "local replication all trust\n";
> > > > +print HBA "host replication all 127.0.0.1/32 trust\n";
> > > > +print HBA "host replication all ::1/128 trust\n";
> > > > +close HBA;
> > >
> > > Given the recent make check security discussions, this doesn't seem like
> > > a good idea...
> 
> The socket file for the test server instance is in a private directory,
> so that should be safe enough.

Well, you're explicitly configuring host connections... That's why I was
wondering.

> > > > diff --git a/src/test/perl/TestLib.pm b/src/test/perl/TestLib.pm
> > > > +if (!$ENV{PGPORT}) {
> > > > +       $ENV{PGPORT} = 65432;
> > > > +}
> > > > +
> > > > +$ENV{PGPORT} = int($ENV{PGPORT}) % 65536;
> > >
> > > Hm. I think this should use logical similar to what pg_regress is using,
> > > namely test a few ports.
> 
> That could be improved in the future.

Oddly enough you're overwriting it in Magefile.global.in's prove_check anyway.

> > > Should stuff like --fsync-off, -k, really be on by default?
> 
> -k is to set the socket directory.  You might be thinking of initdb -k?

Yes, sorry. Confused the line with initdb with the pg_ctl one.

> > > I think the code to massage pg_hba.conf should also be here, there'll be
> > > a fair number of tests that need it.
> 
> More refactoring is always possible as needs arise.

I was thinking of

+command_ok(['pg_ctl', 'initdb', '-D', "$tempdir/data"], 'pg_ctl initdb');
+open CONF, ">>$tempdir/data/postgresql.conf";
+print CONF "listen_addresses = ''\n";
+print CONF "unix_socket_directories = '$tempdir'\n";
+close CONF;

Sorry, accidentally wrote hba.conf instead of postgresql.conf because I
was thinking about listen_addresses/authentication.

Greetings,

Andres Freund


-- 
 Andres Freund                     http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to