Thread: BUG #15596: Folders created with wrong permissions when installing anextension with a non-default umask
BUG #15596: Folders created with wrong permissions when installing anextension with a non-default umask
From
PG Bug reporting form
Date:
The following bug has been logged on the website: Bug reference: 15596 Logged by: Antoine Amarilli Email address: a3nm.postgresql@a3nm.net PostgreSQL version: 11.1 Operating system: Debian testing Description: Hi, I was trying to install a PostgreSQL extension (namely, https://github.com/PierreSenellart/provsql). This extension uses the macros in the file /usr/lib/postgresql/11/lib/pgxs/src/makefiles/pgxs.mk to install itself, so running "make install" does the following: /bin/mkdir -p '/usr/lib/postgresql/11/lib' /bin/mkdir -p '/usr/share/postgresql/11/extension' /bin/mkdir -p '/usr/share/postgresql/11/extension' /bin/mkdir -p '/usr/share/doc/postgresql-doc-11/extension' /usr/bin/install -c -m 755 provsql.so '/usr/lib/postgresql/11/lib/provsql.so' /usr/bin/install -c -m 644 .//provsql.control '/usr/share/postgresql/11/extension/' /usr/bin/install -c -m 644 .//sql/provsql--1.0.0-dev.sql '/usr/share/postgresql/11/extension/' /usr/bin/install -c -m 644 .//doc/provsql.md '/usr/share/doc/postgresql-doc-11/extension/' /bin/mkdir -p '/usr/lib/postgresql/11/lib/bitcode/provsql' /bin/mkdir -p '/usr/lib/postgresql/11/lib/bitcode'/provsql/src/ ... However, the umask of my user is 077, so these "mkdir -p" invocations are creating folders that can only be read by root, which is not the intended behavior. Would it be possible to fix this by redefining MKDIR_P="mkdir -m 0755 -p" in pgxs.mk so that the mkdir invocations create the folders with the right permissions, in line with the "install" invocations? Thanks!
Re: BUG #15596: Folders created with wrong permissions when installing an extension with a non-default umask
From
Tom Lane
Date:
=?utf-8?q?PG_Bug_reporting_form?= <noreply@postgresql.org> writes: > However, the umask of my user is 077, so these "mkdir -p" invocations are > creating folders that can only be read by root, which is not the intended > behavior. So ... don't do that. > Would it be possible to fix this by redefining MKDIR_P="mkdir -m 0755 -p" in > pgxs.mk so that the mkdir invocations create the folders with the right > permissions, in line with the "install" invocations? Thanks! I think that would be a pretty bad idea, because it would break things for packagers who have their own ideas about what the directory permissions ought to be. You can, of course, enforce your own ideas on the make run with something like (untested) make MKDIR_P="mkdir -m 0755 -p" install regards, tom lane
Re: BUG #15596: Folders created with wrong permissions wheninstalling an extension with a non-default umask
From
Antoine Amarilli
Date:
Hi Tom, On Wed, Jan 16, 2019 at 09:33:41PM -0500, Tom Lane wrote: > =?utf-8?q?PG_Bug_reporting_form?= <noreply@postgresql.org> writes: > > However, the umask of my user is 077, so these "mkdir -p" invocations are > > creating folders that can only be read by root, which is not the intended > > behavior. > > So ... don't do that. Sure, when you've noticed the problem it's easy to work around it. But when you haven't noticed it, doing "make install" appears to work fine and then later things break in a confusing way because the files have been installed and only root can read them. This makes the install process quite counter-intuitive. > > Would it be possible to fix this by redefining MKDIR_P="mkdir -m 0755 -p" in > > pgxs.mk so that the mkdir invocations create the folders with the right > > permissions, in line with the "install" invocations? Thanks! > > I think that would be a pretty bad idea, because it would break things > for packagers who have their own ideas about what the directory > permissions ought to be. I see, but on the other hand all files are installed with "/usr/bin/install -c -m 755" or "/usr/bin/install -c -m 644". If you're deciding to make the files world-readable when installing them, why not decide the same thing for the new directories that you create? > You can, of course, enforce your own ideas on the make run with something > like (untested) > > make MKDIR_P="mkdir -m 0755 -p" install Sure, thanks! I'll suggest this to the extension maintainer in case it can't be fixed in Postgres. Best, -- Antoine Amarilli