| From: | Phillip Smith <phillip(dot)smith(at)weatherbeeta(dot)com(dot)au> | 
|---|---|
| To: | Albretch Mueller <lbrtchx(at)gmail(dot)com> | 
| Cc: | pgsql-admin(at)postgresql(dot)org | 
| Subject: | Re: separating PG binaries into a ro mounted partition | 
| Date: | 2007-12-30 05:41:57 | 
| Message-ID: | 1198993317.5591.19.camel@cassandra-desktop | 
| Views: | Whole Thread | Raw Message | Download mbox | Resend email | 
| Thread: | |
| Lists: | pgsql-admin | 
What are you trying to acheive by making the binaries read-only?
All the config files reside in the data directory so there shoudl be a
problem making /usr/local/postgres/bin (or whatever you choose to
install the binaries) to be a read-only mounted partition. The other
option (which is far easier) would be to set the binaries immutable. As
root, run this:
    chattr +i /use/local/postgres/bin/*
That way only root can remove the immutable flag so they can be changed
- if it's a security issue behind your desire to do this then it doesn't
matter that root can do that versus your suggestion as root would be
able to just remount the partition rw:
    mount -o remount,rw /usr/local/postgres
If you can advise why you want them to be read-only then we can make
better suggestions.
Cheers,
~p
THINK BEFORE YOU PRINT - Save paper if you don't really need to print this
*******************Confidentiality and Privilege Notice*******************
The material contained in this message is privileged and confidential to
the addressee.  If you are not the addressee indicated in this message or
responsible for delivery of the message to such person, you may not copy
or deliver this message to anyone, and you should destroy it and kindly
notify the sender by reply email.
Information in this message that does not relate to the official business
of Weatherbeeta must be treated as neither given nor endorsed by Weatherbeeta.
Weatherbeeta, its employees, contractors or associates shall not be liable
for direct, indirect or consequential loss arising from transmission of this
message or any attachments
e-mail.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albretch Mueller | 2007-12-30 11:23:35 | Re: separating PG binaries into a ro mounted partition | 
| Previous Message | Albretch Mueller | 2007-12-30 02:40:04 | separating PG binaries into a ro mounted partition |