On 3/10/17 8:12 AM, Stephen Frost wrote: > Peter, > > * Peter Eisentraut (peter.eisentr...@2ndquadrant.com) wrote: >> On 2/28/17 20:58, David Steele wrote: >>> This patch introduces a new initdb param, -u/-file-mode-mask, and a new >>> GUC, file_mode_mask, to allow the default mode of files and directories >>> in the $PGDATA directory to be modified. >> >> The postmaster.pid file appears not to observe the configured mask. > > Good point, it should.
Leaving the mask on this file as-is was intentional. At miscinit.c:829: /* Think not to make the file protection weaker than 0600. See comments below. */ At miscinit.c:893: /* We can treat the EPERM-error case as okay because that error implies that the existing process has a different userid than we do, which means it cannot be a competing postmaster. A postmaster cannot successfully attach to a data directory owned by a userid other than its own. (This is now checked directly in checkDataDir(), but has been true for a long time because of the restriction that the data directory isn't group- or world-accessible.) Also, since we create the lockfiles mode 600, we'd have failed above if the lockfile belonged to another userid --- which means that whatever process kill() is reporting about isn't the one that made the lockfile. (NOTE: this last consideration is the only one that keeps us from blowing away a Unix socket file belonging to an instance of Postgres being run by someone else, at least on machines where /tmp hasn't got a stickybit.) */ I can't see why this explanation does not continue to hold even if permissions for other files are changed. For the use cases I envision, I don't think being able to read/manipulate postmaster.pid is important, only to detect that it is present. >> There ought to be a test, perhaps under src/bin/initdb/, to check for >> that kind of thing. > > Good idea. Agreed, will add to next patch. > >> There is no documentation update for initdb. The --file-mode-mask option was added to the option list, but you are probably referring to a paragraph under description. Will add to the next patch. -- -David da...@pgmasters.net
Description: OpenPGP digital signature