Summary of new configuration file and data directory locations - Mailing list pgsql-hackers

Here's a concrete summary of the various proposals about the location of
configuration files and other things that have been discussed a while ago.
I think we pretty much came to agree -- if not, the rest could perhaps
better be discussed based on the following.  There are also a couple of
open items that need resolution.


* postgresql.conf configuration file

Default location: ${sysconfdir}/postgresql.conf (where ${sysconfdir}
defaults to /usr/local/pgsql/etc).  For those who don't know, --sysconfdir
is actually a configure option, so for "base-system" installs you can set
it to /etc if you prefer.

Overridable by:

- postmaster option -C FILENAME (not directory)


* pg_hba.conf, pg_ident.conf, secondary "password" files,  SSL certificates, all other configuration things formerly in
$PGDATA

Default location: ${sysconfdir}

Overridable by postgresql.conf/GUC options (thus also
postmaster command-line options).  Proposed names:

hba_conf_file
ident_conf_file
password_file_dir
ssl_key_file
ssl_certificate_file

QUESTION:  Do we want to have the -C command-line option affect these
parameters in some way?  It would seem quite sensible.  But if -C denotes
a file name, as was requested, the location of say pg_hba.conf would be
"${directory part of -C}/pg_hba.conf" (base-name fixed), which might not
be the most elegant way.


* Permission of configuration files

By default, I like postgresql.conf, pg_hba.conf, and pg_ident.conf as
root-owned (or whatever the installer was) 0644 for ease of installation
and use.  Password files containing actual passwords and the SSL files
need to be postgres-owned 0600 (or less), which will require a chmod or
chown call or two in most installations, but setting up secondary
"password" files or SSL will take a few key strokes anyway.  We should
have run-time security checks that we don't use world-readable files that
contain secrets.


* Central database cluster storage area

Default location for postmaster and initdb: ${localstatedir}/data (which
defaults to /usr/local/pgsql/var/data).

Overridable by, in order of decreasing priority:
- -D option
- $PGDATA environment variable (perhaps obsolescent, but no reason to
remove it outright)
- postgresql.conf parameter


* Possible transitional aid

We could have an environment variable $PGCONF that overrides the location
of the postgresql.conf file (in some to be specified way), so those who
don't like the new setup can set PGCONF=$PGDATA or something like that.
However, since this would require the user to actually copy over all the
new configurations files from .../etc/ to $PGDATA, I don't know how many
would actually go for that.


Comments?  Better ideas?

-- 
Peter Eisentraut   peter_e@gmx.net