Re: fsync bug faq for publication? - Mailing list pgsql-hackers

From Tom Lane
Subject Re: fsync bug faq for publication?
Date
Msg-id 31528.1432618283@sss.pgh.pa.us
Whole thread Raw
In response to fsync bug faq for publication?  (Josh Berkus <josh@agliodbs.com>)
Responses Re: fsync bug faq for publication?
List pgsql-hackers
Josh Berkus <josh@agliodbs.com> writes:
> We need to get a notice out to our users who might update their servers
> and get stuck behind the fsync bug.  As such, I've prepared a FAQ.
> Please read, correct and improve this FAQ so that it's fit for us to
> announce to users as soon as possible:

> https://wiki.postgresql.org/wiki/May_2015_Fsync_Permissions_Bug

Judging by Ross Boylan's report at
http://www.postgresql.org/message-id/F1F13E14A610474196571953929C02096D0E97@ex08.net.ucsf.edu
it's not sufficient to just recommend "changing permissions" on the
problematic files.  It's not entirely clear from here whether there is a
solution that both allows fsync on referenced files and keeps OpenSSL
happy; but if there is, it probably requires making the cert files be
owned by the postgres user, as well as adjusting their permissions to
be 0640 or thereabouts.  I'm worried about whether that breaks other
services using the same cert files.
        regards, tom lane



pgsql-hackers by date:

Previous
From: Abhijit Menon-Sen
Date:
Subject: Re: fsync-pgdata-on-recovery tries to write to more files than previously
Next
From: Magnus Hagander
Date:
Subject: Re: fsync bug faq for publication?