Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   ArchLinux Development (http://www.linux-archive.org/archlinux-development/)
-   -   Changes to postgresql (http://www.linux-archive.org/archlinux-development/711442-changes-postgresql.html)

Thomas Bächler 10-11-2012 11:26 AM

Changes to postgresql
 
I discovered some weirdness when using Arch's postgres build. The first
one is a bug, the second is annoying:

1)

postgresql expects its configuration files in /usr/etc/postgresql/. It
doesn't install any files there by default, so namcap doesn't notice -
however, you can copy the sample files from /usr/share/postgresql to
this location. This must be fixed by appending --sysconfdir=/etc to the
configure options.

2)

postgresql puts its socket into /tmp/. This makes it impossible to use
postgres from any daemon that uses systemd's PrivateTmp=true. Sadly,
this is the default in some of our units. On a machine I maintain, I had
to remove PrivateTmp=true from php-fpm.service, on gudrun I had to
remove it from httpd.service.

This is easily fixed by either changing the location in postgresql.conf
(for this, see 1) above), or by putting a sane default into our package
(like Debian has been doing for ages).

IMO, we should to the following:
1) Change the default location from /tmp to /run/postgres.
2) Make sure that /run/postgres exists and is owned by the postgres
user, using tmpfiles.d.

This will affect the server and the client library, so everything should
just keep working without any further intervention by the user.

As Dan is the maintainer, he obviously gets the final word on this.

Marti Raudsepp 10-11-2012 12:43 PM

Changes to postgresql
 
On Thu, Oct 11, 2012 at 2:26 PM, Thomas Bächler <thomas@archlinux.org> wrote:
> 1)
> postgresql expects its configuration files in /usr/etc/postgresql/. It
> doesn't install any files there by default, so namcap doesn't notice -
> however, you can copy the sample files from /usr/share/postgresql to
> this location. This must be fixed by appending --sysconfdir=/etc to the
> configure options.

I think you're wrong about this. PostgreSQL, by default, does not
store config files in /etc (or sysconfdir) at all. Configuration files
are stored along with everything else in PGDATA
(/var/lib/postgres/data)...

% sudo -u postgres strace -eopen postgres -D /var/lib/postgres/data
2>/tmp/strace.out
[...]
^C
% egrep '(etc|conf)' /tmp/strace.out

open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/var/lib/postgres/data/postgresql.conf", O_RDONLY) = 3
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 8
open("/var/lib/postgres/data/pg_hba.conf", O_RDONLY) = 9
open("/var/lib/postgres/data/pg_ident.conf", O_RDONLY) = 9

No attempted accesses to /usr/etc.

Regards,
Marti

Thomas Bächler 10-11-2012 01:04 PM

Changes to postgresql
 
Am 11.10.2012 14:41, schrieb Marti Raudsepp:
> On Thu, Oct 11, 2012 at 2:26 PM, Thomas Bächler <thomas@archlinux.org> wrote:
>> 1)
>> postgresql expects its configuration files in /usr/etc/postgresql/. It
>> doesn't install any files there by default, so namcap doesn't notice -
>> however, you can copy the sample files from /usr/share/postgresql to
>> this location. This must be fixed by appending --sysconfdir=/etc to the
>> configure options.
>
> I think you're wrong about this. PostgreSQL, by default, does not
> store config files in /etc (or sysconfdir) at all. Configuration files
> are stored along with everything else in PGDATA
> (/var/lib/postgres/data)...
>
> % sudo -u postgres strace -eopen postgres -D /var/lib/postgres/data
> 2>/tmp/strace.out
> [...]
> ^C
> % egrep '(etc|conf)' /tmp/strace.out
>
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> open("/var/lib/postgres/data/postgresql.conf", O_RDONLY) = 3
> open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 8
> open("/var/lib/postgres/data/pg_hba.conf", O_RDONLY) = 9
> open("/var/lib/postgres/data/pg_ident.conf", O_RDONLY) = 9
>
> No attempted accesses to /usr/etc.
>
> Regards,
> Marti

You may be correct, but SYSCONFDIR (defaulting to /usr/etc) is used in
some places at least in the client. This doesn't seem to affect
postgresql.conf apparently, as I originally assumed.

In general, strace -e open is insufficient for such tests, as virtually
all programs will stat() a file before trying to open() it. When proving
a file is not being checked, add the stat system call, too.

Dave Reisner 10-11-2012 01:40 PM

Changes to postgresql
 
On Thu, Oct 11, 2012 at 03:43:20PM +0300, Marti Raudsepp wrote:
> On Thu, Oct 11, 2012 at 2:26 PM, Thomas Bächler <thomas@archlinux.org> wrote:
> > 1)
> > postgresql expects its configuration files in /usr/etc/postgresql/. It
> > doesn't install any files there by default, so namcap doesn't notice -
> > however, you can copy the sample files from /usr/share/postgresql to
> > this location. This must be fixed by appending --sysconfdir=/etc to the
> > configure options.
>
> I think you're wrong about this. PostgreSQL, by default, does not
> store config files in /etc (or sysconfdir) at all. Configuration files
> are stored along with everything else in PGDATA
> (/var/lib/postgres/data)...
>
> % sudo -u postgres strace -eopen postgres -D /var/lib/postgres/data
> 2>/tmp/strace.out
> [...]
> ^C
> % egrep '(etc|conf)' /tmp/strace.out
>
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> open("/var/lib/postgres/data/postgresql.conf", O_RDONLY) = 3
> open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
> open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 8
> open("/var/lib/postgres/data/pg_hba.conf", O_RDONLY) = 9
> open("/var/lib/postgres/data/pg_ident.conf", O_RDONLY) = 9
>
> No attempted accesses to /usr/etc.
>
> Regards,
> Marti

lack of evidence in an strace doesn't absolve the wrong config flag.

$ strings /usr/sbin/postgres | grep -F /usr/etc
FILE:/usr/etc/postgresql/krb5.keytab
/usr/etc/postgresql

Feel free to scan any other binary shipped with postgres. Pretty much
all of them refer to /usr/etc/postgresql.

d


All times are GMT. The time now is 04:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.