Re: PATCH: Configurable file mode mask

Greetings,

* Simon Riggs (simon(at)2ndquadrant(dot)com) wrote:
> On 1 March 2017 at 01:58, David Steele <david(at)pgmasters(dot)net> wrote:
> > PostgreSQL currently requires the file mode mask (umask) to be 0077.
> > However, this precludes the possibility of a user in the postgres group
> > performing a backup (or whatever). Now that
> > pg_start_backup()/pg_stop_backup() privileges can be delegated to an
> > unprivileged user, it makes sense to also allow a (relatively)
> > unprivileged user to perform the backup at the file system level as well.
>
> +1
>
> > This patch introduces a new initdb param, -u/-file-mode-mask, and a new
> > GUC, file_mode_mask,
>
> Why both initdb and at server start? Seems like initdb is OK, or in pg_control.

One could imagine someone wishing to change their mind regarding the
permissions after initdb, and for existing systems who may wish to move
to allowing group-read in an environment where that can be safely done
but don't wish to re-initdb.

> > to allow the default mode of files and directories
> > in the $PGDATA directory to be modified.
>
> Are you saying if this is changed all files/directories will be
> changed to the new mode?

No, new files will be created with the new mode and existing files will
be allowed to have the mode set. Changing all of the existing files
didn't seem like something we should be trying to do at server start.

> It seems like it would be annoying to have some files in one mode,
> some in another.

It's not intended for that to happen, but it is possible for it to. The
alternative is to try and forcibly change all files at server start time
to match what is configured but that didn't seem like a great idea.

Thanks!

Stephen