On 5/19/21 6:43 AM, Paul Guo wrote:
> Several weeks ago I saw this issue in a production environment. The
> read only file looks like a credential file. Michael told me that
> usually such kinds of files should be better kept in non-pgdata
> directories in production environments. Thought further it seems that
> pg_rewind should be more user friendly to tolerate such scenarios.
>
> The failure error is "Permission denied" after open(). The reason is
> open() fais with the below mode in open_target_file()
>
> mode = O_WRONLY | O_CREAT | PG_BINARY;
> if (trunc)
> mode |= O_TRUNC;
> dstfd = open(dstpath, mode, pg_file_create_mode);
>
> The fix should be quite simple, if open fails with "Permission denied"
> then we try to call chmod to add a S_IWUSR just before open() and call
> chmod to reset the flags soon after open(). A stat() call to get
> previous st_mode flags is needed.
>
Presumably the user has a reason for adding the file read-only to the
data directory, and we shouldn't lightly ignore that.
Michael's advice is reasonable. This seems like a case of:
Patient: Doctor, it hurts when I do this.
Doctor: Stop doing that.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com