On 20 January 2016 at 16:22, Huong Dangminh <huo-dangminh@ys.jp.nec.com>
wrote:
>
> initdb was executed with "Administrator" privileges, but
> then initdb do popen() with none "Administrator" privileges
> (by child process).
>
That makes sense. It intentionally drops privileges.
You probably have to set the ACLs up so that it can still see and write to
the directory even after it has dropped privileges. That will include
setting ACLs on the parent directories so that it can see inside them.
Explicitly granting rights to the admin user you're running as is probably
sufficient but I'm not sure.
The best thing to do is probably to run initdb with non-administrator
rights and grant permissions directly.
This is the same kind of problem you get on linux systems if you 'cd' to
some root-only directory then 'sudo -u somenormaluser ls'. You get an error
saying the current directory isn't readable or similar.
--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services