Re: [HACKERS] Re: [SQL] createdb -D xxxx not working - Mailing list pgsql-hackers
| From | Peter Eisentraut |
|---|---|
| Subject | Re: [HACKERS] Re: [SQL] createdb -D xxxx not working |
| Date | |
| Msg-id | Pine.LNX.4.21.0001120312180.3735-100000@localhost.localdomain Whole thread Raw |
| In response to | Re: [HACKERS] Re: [SQL] createdb -D xxxx not working (Thomas Lockhart <lockhart@alumni.caltech.edu>) |
| List | pgsql-hackers |
On 2000-01-11, Thomas Lockhart mentioned: > > >> Surely you want $PGDATA2 in the latter two lines? > > > You might recall me mentioning that the whole alternative location > > > business doesn't work in the first place. > > I'm not recalling the details here; what is the problem? It works for > me (but then I wrote it ;) > Darn, now I already rewrote the thing to where I considered it working. We had several on-and-off discussions (mostly Tom and I) about it during the last two months at least, including users complaining. The sort of scheme I came up with scraps the environment variable stuff (since it's not quite safe either and has several bugs in the code that create a bunch of problems along the way) and lets the following happen (example paths): CREATE DATABASE foo; --> /usr/local/pgsql/data/base/foo/pg_class CREATE DATABASE foo WITH LOCATION 'bar'; --> /usr/local/pgsql/data/base/bar/pg_class CREATE DATABASE foo WITH LOCATION '/some/where'; --> /some/where/pg_class CREATE DATABASE foo WITH LOCATION 'foo/bar'; is disabled. I suppose I could stick the environment variable deal back in so that users don't have to remember any complicated paths, but this is the dbadmin's job anyway, so he should be able to remember it. Anyway, in order for a path to be allowed it has to be listed in PG_ALTLOC, which is a colon-delimited, marginally wildcard enabled list of allowed locations. In some future life this could be included in a configuration file. > initlocation is used to create the directory structure *with correct > permissions* for an alternate location. It takes an environment I think one of the problems was actually that the path initlocation assumed and the one createdb worked with were different. > variable because usually the backend should have that same environment > variable defined to ensure consistancy and as a security measure. The > environment variable can be expanded or not; initlocation does the > right thing in either case. It's false security though, since for complete security the dbadmin would have to delete all other environment variables altogether. > > I'd vote for taking > > out the auto-expansion, so that the correct invocation becomes > > initlocation $PGDATA2 > > which is what an average user would expect. > > But the average user does not necessarily have access to the PGDATA2 > environment variable! This is usually a sysadmin function. The average user doesn't even have access to the machine the database is running on, so he can't do any initlocation either way. Then again the average user doesn't create databases either. But there is no real point for initlocation since a mere mkdir() call in createdb() will do the job. Now I just got done with that coding 10 minutes ago but now that someone actually spoke up in defence of this mechanism I'm going to wait and see what you think about the revised (or any) scheme. -- Peter Eisentraut Sernanders väg 10:115 peter_e@gmx.net 75262 Uppsala http://yi.org/peter-e/ Sweden
pgsql-hackers by date: