Thread: Starting postmaster in rc.local/during bootup
On the following page http://www.postgresql.org/idocs/index.php?installation.html It says that I need to su to the user postgres to start postmaster. In fact, when I try to start it as user root, it won't let me and that is somewhat understandable. But ideally, I'd like it so that user postgres does not have a shell (which is what I've done for the mysql user I had to set up). When I tried to set up the command to start up postgres in the rc.local to run as user postgres, I'm having problems. I know there has got to be a way for me to be able to do this but I'm still too new to *nix to know how. I've looked throughout the PgSQL docs, mimiced the line I have for mysql (but making the relevant changes), did some searches on the web but have come up blank. Could someone point me to where I need to look to discover how to do what I want? thnx, Chris
On 3 Dec 2002 at 7:10, Chris Boget wrote: > On the following page > > http://www.postgresql.org/idocs/index.php?installation.html > > It says that I need to su to the user postgres to start postmaster. > In fact, when I try to start it as user root, it won't let me and that > is somewhat understandable. But ideally, I'd like it so that user > postgres does not have a shell (which is what I've done for the > mysql user I had to set up). I assume you are doing this in a shell script which gets called from rc.local #!/bin/bash su pgctl -D <blah> start And it is not working.. How about su -c "pgctl -D <blah> start" HTH Bye Shridhar -- pediddel: A car with only one working headlight. -- "Sniglets", Rich Hall & Friends
... > > su -c "pgctl -D <blah> start" > > HTH > > Bye > Shridhar su postgres -c "pgctl -D <blah> start" Tommi -- Dr. Eckhardt + Partner GmbH http://www.epgmbh.de
Chris Boget <chris@wild.net> wrote: > On the following page > > http://www.postgresql.org/idocs/index.php?installation.html > > It says that I need to su to the user postgres to start postmaster. > In fact, when I try to start it as user root, it won't let me and that > is somewhat understandable. But ideally, I'd like it so that user > postgres does not have a shell (which is what I've done for the > mysql user I had to set up). > When I tried to set up the command to start up postgres in the > rc.local to run as user postgres, I'm having problems. I know there > has got to be a way for me to be able to do this but I'm still too > new to *nix to know how. I've looked throughout the PgSQL docs, > mimiced the line I have for mysql (but making the relevant changes), > did some searches on the web but have come up blank. > Could someone point me to where I need to look to discover how > to do what I want? > > thnx, > Chris > If youre running Linux you could probably specify shell on su commandline: su postgresql -s /bin/sh -c "/path/command" Magnus
> su postgres -c "pgctl -D <blah> start" Yes, but this requires user postgres to have a shell. Which is what I'm trying to avoid, as I mentioned in my original post. I've got mysql running as the mysql user (who doesn't have a shell) by doing this: /bin/sh -c 'cd /usr/local/mysql; ./bin/safe_mysqld --user=mysql &' > /dev/null But as far as I can tell, PG doesn't have the --user option. Is there some way like the above that I can start PG w/o giving user postgres a shell? thnx, Chris
On 3 Dec 2002 at 7:45, Chris Boget wrote: > But as far as I can tell, PG doesn't have the --user option. Is > there some way like the above that I can start PG w/o giving > user postgres a shell? I don't know exactly but what happens if you specify something like /bin/true as shell? Does that work? If it does, it might be enough from security POV. Bye Shridhar -- Military secrets are the most fleeting of all. -- Spock, "The Enterprise Incident", stardate 5027.4
> > But as far as I can tell, PG doesn't have the --user option. Is > > there some way like the above that I can start PG w/o giving > > user postgres a shell? > I don't know exactly but what happens if you specify something like /bin/true > as shell? Does that work? I've not heard of /bin/true as a shell. But again, I'm still a linux newbie. What I've set up for all the users on the system who I don't to give shell access to is /sbin/nologin thnx, Chris
On 3 Dec 2002 at 7:55, Chris Boget wrote: > > > But as far as I can tell, PG doesn't have the --user option. Is > > > there some way like the above that I can start PG w/o giving > > > user postgres a shell? > > I don't know exactly but what happens if you specify something like /bin/true > > as shell? Does that work? > > I've not heard of /bin/true as a shell. But again, I'm still a linux newbie. What > I've set up for all the users on the system who I don't to give shell access to is > /sbin/nologin While I was thinking on that, I would say keeping shell for postgres user is a good idea from maintenance POV. Afterall job is not over after database is started and giving postgres user a shell is better than giving root access to somebody unless you are the sysdba.. Bye Shridhar -- Rudin's Law: If there is a wrong way to do something, most people will do it every time.Rudin's Second Law: In a crisis that forces a choice to be made among alternative courses of action, people tend to choose the worst possible course.
> > I've not heard of /bin/true as a shell. But again, I'm still a linux newbie. What > > I've set up for all the users on the system who I don't to give shell access to is > > /sbin/nologin > While I was thinking on that, I would say keeping shell for postgres user is a > good idea from maintenance POV. Afterall job is not over after database is > started and giving postgres user a shell is better than giving root access to > somebody unless you are the sysdba.. Perfectly valid point. However, when I need to do maintenence, I can simply go in and change the shell then change it back. That's very different from giving user postgres a permanent shell. And as I'd be rebooting (only because I'm still learning and not because there might be problems with the system) more often than I'd be doing maintenence on PG, I need to be able to get PG to start up during boot. Perhaps I'm being overly paranoid but I've already been hacked once due to lax security. I'm just trying to cover all of my bases. thnx, Chris
On 3 Dec 2002 at 8:09, Chris Boget wrote: > Perfectly valid point. > However, when I need to do maintenence, I can simply go in and change the > shell then change it back. That's very different from giving user postgres a > permanent shell. And as I'd be rebooting (only because I'm still learning and not > because there might be problems with the system) more often than I'd be doing > maintenence on PG, I need to be able to get PG to start up during boot. > Perhaps I'm being overly paranoid but I've already been hacked once due to lax > security. I'm just trying to cover all of my bases. To me it looks like, 1) You are the sole console user 2) Your machine is on internet. In that case a shell for postgresql user is not much a threat since you alone will be having it's password. May be do not enable postgresql on network etc.. I don't think a simple way of doing it as postgresql is explicitly designed not to run as root. So you need postgres user and a shell for it. Bye Shridhar -- Fidelity, n.: A virtue peculiar to those who are about to be betrayed.
On Tue, 3 Dec 2002, Shridhar Daithankar wrote: > On 3 Dec 2002 at 8:09, Chris Boget wrote: > > Perfectly valid point. > > However, when I need to do maintenence, I can simply go in and change the > > shell then change it back. That's very different from giving user postgres a > > permanent shell. And as I'd be rebooting (only because I'm still learning and not > > because there might be problems with the system) more often than I'd be doing > > maintenence on PG, I need to be able to get PG to start up during boot. > > Perhaps I'm being overly paranoid but I've already been hacked once due to lax > > security. I'm just trying to cover all of my bases. > > To me it looks like, > > 1) You are the sole console user > 2) Your machine is on internet. Looks like that to me also. However, the simple first step to securing the system is disable all services. Then start selectively enabling them. If it is a remote system then obviously you'll need a way to log in, may be you need a mail server also and presumably a way to get at the data in the DB (otherwise what's the point of the system?). I find using xinetd in conjunction with firewalling is a pretty good start and narrowing the service requests honoured. The firewall is pretty essential if you're running services not run from (x)inetd, like postgresql. As you are a newbie to *nix I'd suggest the first thing to do after installation is to scrap what gets configured by default and start from scratch. At least for Linux distributions (I don't know how *BSD, Solaris etc. come configured). As an example, one of my servers has 9 services exported, and 3 of those are internal network only, at least another two only work from specific clients. This system provides all the functionality anyone from outside could need from the system. Any other service requests are obviously probes and I've even gone through a stage of just blocking entire network blocks from _all_ services when seeing such things. I don't worry about postgres user having a valid log in shell on this system. > In that case a shell for postgresql user is not much a threat since you alone > will be having it's password. May be do not enable postgresql on network etc.. Besides, it doesn't need a password. One can always go through root to get to the user. Although of course one could also view that transition through root to be a problem. > I don't think a simple way of doing it as postgresql is explicitly designed not > to run as root. So you need postgres user and a shell for it. The 'standard' way other daemons use is to have something like the --user=<name> switch. Although these are also probably able to run as root and the user change is seen as a security enhancment rather than a built in, is it not reasonable for this sort of switch to be added to the postmaster or postgres.conf? -- Nigel J. Andrews
On Tue, Dec 03, 2002 at 07:57:01PM +0530, Shridhar Daithankar wrote: > On 3 Dec 2002 at 8:09, Chris Boget wrote: > > Perfectly valid point. > > However, when I need to do maintenence, I can simply go in and change the > > shell then change it back. That's very different from giving user postgres a > > permanent shell. And as I'd be rebooting (only because I'm still learning and not > > because there might be problems with the system) more often than I'd be doing > > maintenence on PG, I need to be able to get PG to start up during boot. > > Perhaps I'm being overly paranoid but I've already been hacked once due to lax > > security. I'm just trying to cover all of my bases. > > To me it looks like, > > 1) You are the sole console user > 2) Your machine is on internet. > > In that case a shell for postgresql user is not much a threat since you alone > will be having it's password. May be do not enable postgresql on network etc.. Umm, the postgres user having a shell is orthoganal to being able to login as postgres. Most of my setups have a shell for the postgres user but the password is disabled. Hence, you can su from root but no other way. Anyway, you can always use the -s option of su to override the shell for a one off. -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > Support bacteria! They're the only culture some people have.