Hey, On Sat, Mar 08, 2014 at 17:53:07 +0100, Martin Pitt wrote: [...] > > Note that pg_ctlcluster creates the stats_temp_directory > > and sets the owner of that directory to the cluster owner. > > So for clusters that root/postgres created but hands over > > to other people, this should actually work. (Not tested!) > > Yes, as long as the init scripts (which run as root) do that, the init > script could pre-create the stats dir (the patch doesn't currently do > that, though).
It's not in the patch, as pg_ctlcluster learned all this in version 146. There is some "install -d" in pg_ctlcluster. > It would still not work to run pg_ctlcluster start as > the cluster owner, though. Fully right! > > /tmp is possibly still better than the data directory. > > Yes, indeed. [...] > > SECURITY consideration: I have not reviewed pg_ctlcluster > > for creating the stat_tmp directory in a safe way. The name > > of the directory is very predictable, so this might be an > > issue. > > pg_ctlcluster wouldn't do that, that's postgres itself. But creating > directories is generally safe, as mkdir() fails if the file already > exists (even as a dangling symlink); it's creating temporary files > which needs special attention (O_EXCL). > > > I'm suggesting to use my patch for now/starters. > > > > It shouldn't break anything for admin-created clusters that > > wasn't broken before. (For those, the tmp-dir should be > > created correctly by pg_ctlcluster). > > As I wrote, it will break admin-created clusters which are not owned > by "postgres". They currently work just fine now. See above, they should just work (not tested though). [...] Cheers Christian -- www.mad-protection.de _______________________________________________ Pkg-postgresql-public mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public
