Thread: ownership of /etc/pgbouncer
In 16e435b586c6f27abc9ab9676a9448b897e582aa, the ownership of /etc/pgbouncer was changed from root:root to pgbouncer:pgbouncer. That seems like a mistake to me. What was the reason for this change?
Hi Peter, On Mon, 2015-03-30 at 11:30 -0400, Peter Eisentraut wrote: > In 16e435b586c6f27abc9ab9676a9448b897e582aa, the ownership of > /etc/pgbouncer was changed from root:root to pgbouncer:pgbouncer. > That seems like a mistake to me. What was the reason for this change? Jess' idea was being able to edit the config file with pgbouncer user. Why do you think that is a bad idea? Regards, -- Devrim GÜNDÜZ Principal Systems Engineer @ EnterpriseDB: http://www.enterprisedb.com PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer Twitter: @DevrimGunduz , @DevrimGunduzTR
Attachment
On 4/2/15 3:26 PM, Devrim Gündüz wrote: > On Mon, 2015-03-30 at 11:30 -0400, Peter Eisentraut wrote: >> In 16e435b586c6f27abc9ab9676a9448b897e582aa, the ownership of >> /etc/pgbouncer was changed from root:root to pgbouncer:pgbouncer. >> That seems like a mistake to me. What was the reason for this change? > > Jess' idea was being able to edit the config file with pgbouncer user. > Why do you think that is a bad idea? Because when a daemon runs as a separate user, I want it to have as little access as possible. The reason you give (or were given) is an arbitrary local decision and should not be global policy. (sudo is a better tool for that anyway.)
Peter, On Thu, 2015-04-02 at 16:08 -0400, Peter Eisentraut wrote: > > Because when a daemon runs as a separate user, I want it to have as > little access as possible. > > The reason you give (or were given) is an arbitrary local decision and > should not be global policy. (sudo is a better tool for that anyway.) Fixed in 1.5.5-1, which I pushed repos on Sunday night. Regards, -- Devrim GÜNDÜZ Principal Systems Engineer @ EnterpriseDB: http://www.enterprisedb.com PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer Twitter: @DevrimGunduz , @DevrimGunduzTR