2011/10/30 Martijn van Oosterhout <kleptog(at)svana(dot)org>:
> On Sat, Oct 29, 2011 at 08:28:57PM +0000, Mr. Aaron W. Swenson wrote:
>> > If /tmp is the only decent place where to put the socket file on Unix
>> > when security and other concerns are considered, then sure, making
>> > distro life difficult is a good thing to do. But then let's take it to
>> > the FHS that debian and ubuntu are implementing, AFAIUI.
>> In Gentoo, we change the socket directory to /var/run/postgresql via
>> pg_config_manual.h. However, I'm not too terribly interested in pg_config
>> outputting the directory location.
> Frankly, I'm not seeing the difference between the socket directory and
> the "listen_addresses" option. When connecting you can specify the
> socket directory to use via the "host" option.
> It might even be more logical to be able to specify multiple
> directories. Given we support multiple listen sockets I can't imagine
> it would require much code.
> (And yes, just today I ran into the issue of hardcoded paths. If the
> directory it points to is not world writable then you've limited the
> users who can run the postgres server. Which is an unnecessary
> restriction imho).
For Debian, the reason is :
Description: Put server Unix sockets into /var/run/postgresql/ by default
Forwarded: No, Debian specific configuration with postgresql-common
Using /tmp for sockets allows everyone to spoof a PostgreSQL server. Thus use
/var/run/postgresql/ for "system" clusters which run as 'postgres' (user
clusters will still use /tmp). Since system cluster are by far the common case,
set it as default.
Cédric Villemain +33 (0)6 20 30 22 52
PostgreSQL: Support 24x7 - Développement, Expertise et Formation
In response to
pgsql-hackers by date
|Next:||From: Fujii Masao||Date: 2011-10-31 07:38:33|
|Subject: Re: unite recovery.conf and postgresql.conf|
|Previous:||From: Jun Ishiduka||Date: 2011-10-31 04:11:19|
|Subject: Re: Online base backup from the hot-standby|