required rights for PGDATA

From: Holger Klawitter <lists(at)klawitter(dot)de>
To: "Postgres-Mailing-List" <pgsql-general(at)postgresql(dot)org>
Subject: required rights for PGDATA
Date: 2003-01-27 11:44:17
Message-ID: 200301271244.17748.lists@klawitter.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Hi there,

I have the problem that I need to have a group of users (namely postgres and
the dbadmin) with access to pg_hba.conf.

As postgres (the user under with the process is actually running) cannot
obtain a shell, I need group access to the data directory in order to
configure postgres.

drwxrwx--- 6 postgres postgres 4096 Jan 27 10:14 data/

However postgres refuses to start with 0770 permission.

In my case this additional security measure bites itself as now I need to
grant su to dbadmin and moreover grant a shell access to postgres.

Some Suggestions:

1.) the check can be made configurable (with the strict one as default)

2.) groups below 100 are okay.

3.) default group of the postgres user is okay.

4.) the group 'postgres' is okay.

That do you all think?

With kind regards / mit freundlichem Gruß
Holger Klawitter
--
Holger Klawitter http://www.klawitter.de
lists(at)klawitter(dot)de

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Nigel J. Andrews 2003-01-27 12:26:47 Re: required rights for PGDATA
Previous Message jerome 2003-01-27 08:52:50 getting weekly total based on daily...