Re: [HACKERS] More initdb follies - Mailing list pgsql-hackers

From Peter Eisentraut
Subject Re: [HACKERS] More initdb follies
Date
Msg-id Pine.LNX.4.20.9912100303100.760-100000@localhost.localdomain
Whole thread Raw
In response to Re: [HACKERS] More initdb follies  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
On 1999-12-08, Tom Lane mentioned:

> Makes sense to me --- I was saying more or less the same thing, I think,
> when I said that initdb should pay attention to the effective UID it's
> run under *and nothing else* to determine the postgres user name/ID.
> In particular, if you want to be able to run it via "su", it mustn't
> assume that environment variables like LOGNAME or USER are set correctly
> for the postgres user.  If it needs the user name it should look it up
> from the EUID.

(The odd thing is, that our installation instructions suggest to su as
postgres and do the install that way, yet this seems to work anyway. On my
system (GNU sh-utils), USER is only set if you 'su -', but it seems
relying on the user doing this right is way too much to ask.)

Hmm, portability issues. Can you be sure EUID is implemented everywhere?
(I guess so.) How do you determine the user name from a UID? That would be
the inverse of what pg_id does now.

An idea I just had would be to use
* First resort: `id -n -u`
* Second resort: `whoami`
* Third resort: --username option

The first two don't distinguish between su and su -, at least here. Not
sure if #3 is necessary though. One of those you should have.

On the other hand, one more thing to think about is that the only place
the superuser's UID and name are actually used, is to initialize the
catalogs. All the files will happily be created under which ever user you
run this as (as they should). Using the above three step approach, you can
choose to name your _database_ superuser whatever you want, independent of
the Unix filesystem concerns. Of course this is nothing to encourage, but
it's possible. I could install the system in my home directory in some
computing lab under my own user name, yet still name the superuser
postgres to have a standard environment within the database. I guess the
--username option does kind of work, just not as expected.

(The next thing would be the ability to choose the database superuser's
usesysid as well, which might not be so far-fetched either, because if
1) you already have 40000 users on your system when you install PostgreSQL
2) you assign the Unix user postgres the uid 400001
3) you add your 40000 users to the database
you end up with usesysid's 40000-80000 (+/- 1). Not the end of the world
but kind of dumb. The you could simply assign 0 (or 1 if zero is not
allowed) to the superuser at initdb time.)

There seem to be a lot of misconceptions (possibly caused by restrictions
in the past) about all the user names and ids of the installation files,
the data directory, the server process, the database users, the database
super user, etc. In fact, most of these can be chosen freely, the only
requirement is that the server process can access the data directory.

-- 
Peter Eisentraut                  Sernanders väg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden




pgsql-hackers by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: [HACKERS] More initdb follies
Next
From: Bruce Momjian
Date:
Subject: Re: [HACKERS] Error in new psql