Thread: pg_upgrade permission check
I have added the attached patch to pg_upgrade to print a clear error message if you don't have read/write/execute permission in the current directory, which is needed for pg_upgrade to read/write temporary files. This is based on a bug report I received from EnterpriseDB usage testing. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. + diff --git a/contrib/pg_upgrade/exec.c b/contrib/pg_upgrade/exec.c new file mode 100644 index 71e8439..a66aeb0 *** a/contrib/pg_upgrade/exec.c --- b/contrib/pg_upgrade/exec.c *************** is_server_running(const char *datadir) *** 93,98 **** --- 93,103 ---- void verify_directories(void) { + + if (access(".", R_OK | W_OK | X_OK) != 0) + pg_log(PG_FATAL, + "You must have full access permissions in the current directory.\n"); + prep_status("Checking old data directory (%s)", old_cluster.pgdata); check_data_dir(old_cluster.pgdata); check_ok();
Bruce Momjian <bruce@momjian.us> writes: > I have added the attached patch to pg_upgrade to print a clear error > message if you don't have read/write/execute permission in the current > directory, which is needed for pg_upgrade to read/write temporary files. "full access permissions" seems unhelpfully vague. Why not say "you must have both read and write access to the current directory"? regards, tom lane
Tom Lane wrote: > Bruce Momjian <bruce@momjian.us> writes: > > I have added the attached patch to pg_upgrade to print a clear error > > message if you don't have read/write/execute permission in the current > > directory, which is needed for pg_upgrade to read/write temporary files. > > "full access permissions" seems unhelpfully vague. Why not say > "you must have both read and write access to the current directory"? OK, I can do that, but they need execute permission in that directory too to look up file names in there. Should I say execute too? -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. +
Bruce Momjian <bruce@momjian.us> writes: > Tom Lane wrote: >> "full access permissions" seems unhelpfully vague. Why not say >> "you must have both read and write access to the current directory"? > OK, I can do that, but they need execute permission in that directory > too to look up file names in there. Should I say execute too? I doubt it's worth worrying about. man chdir saith In order for a directory to become the current directory, a process must have execute (search) access to the directory. I'm not entirely certain what happens if you chdir into a directory and then someone revokes the bit afterwards, but I do not feel a need to complicate the error message to cover such a case. regards, tom lane
Tom Lane wrote: > Bruce Momjian <bruce@momjian.us> writes: > > Tom Lane wrote: > >> "full access permissions" seems unhelpfully vague. Why not say > >> "you must have both read and write access to the current directory"? > > > OK, I can do that, but they need execute permission in that directory > > too to look up file names in there. Should I say execute too? > > I doubt it's worth worrying about. man chdir saith > > In order for a directory to become the current directory, a process must > have execute (search) access to the directory. > > I'm not entirely certain what happens if you chdir into a directory and > then someone revokes the bit afterwards, but I do not feel a need to > complicate the error message to cover such a case. OK, fixed the the attached applied patch. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. + diff --git a/contrib/pg_upgrade/exec.c b/contrib/pg_upgrade/exec.c index a66aeb0..6f1c6ef 100644 --- a/contrib/pg_upgrade/exec.c +++ b/contrib/pg_upgrade/exec.c @@ -96,7 +96,7 @@ verify_directories(void) if (access(".", R_OK | W_OK | X_OK) != 0) pg_log(PG_FATAL, - "You must have full access permissions in the current directory.\n"); + "You must have read and write access in the current directory.\n"); prep_status("Checking old data directory (%s)", old_cluster.pgdata); check_data_dir(old_cluster.pgdata);