On Mon, Mar 18, 2019 at 11:45:05AM -0400, Robert Haas wrote:
> So you want to default to no group access regardless of the directory
> permissions, with an option to enable group access that must be
> explicitly specified? That seems like a reasonable option to me; note
> that initdb does seem to chdir() an existing directory.
Hm. We have been assuming that the contents of a base backup inherit
the permission of the source when using pg_basebackup because this
allows users to keep a nodes in a consistent state without deciding
which option to use. Do you mean that you would like to enforce the
permissions of only the root directory if it exists? Or the root
directory with all its contents? The former may be fine. The latter
is definitely not.
As per my understanding going through the discussion, the option is for
root directory with all its contents also.
How about the following change?
pg_basebackup --> copies the contents of the src directory (with group access)
and even the root directory permissions.
pg_basebackup --no-group-access --> copies the contents of the src directory
(with no group access) even for the root directory.
So the default behavior works for many people, others that needs restrict behavior
can use the new option.
Regards,
Haribabu Kommi
Fujitsu Australia
