Skip site navigation (1) Skip section navigation (2)

Re: Add socket dir to pg_config..?

From: Cédric Villemain <cedric(dot)villemain(dot)debian(at)gmail(dot)com>
To: Martijn van Oosterhout <kleptog(at)svana(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Add socket dir to pg_config..?
Date: 2011-10-31 07:34:04
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
2011/10/30 Martijn van Oosterhout <kleptog(at)svana(dot)org>:
> On Sat, Oct 29, 2011 at 08:28:57PM +0000, Mr. Aaron W. Swenson wrote:
>> > If /tmp is the only decent place where to put the socket file on Unix
>> > when security and other concerns are considered, then sure, making
>> > distro life difficult is a good thing to do. But then let's take it to
>> > the FHS that debian and ubuntu are implementing, AFAIUI.
>> In Gentoo, we change the socket directory to /var/run/postgresql via
>> pg_config_manual.h. However, I'm not too terribly interested in pg_config
>> outputting the directory location.
> Frankly, I'm not seeing the difference between the socket directory and
> the "listen_addresses" option. When connecting you can specify the
> socket directory to use via the "host" option.
> It might even be more logical to be able to specify multiple
> directories. Given we support multiple listen sockets I can't imagine
> it would require much code.
> (And yes, just today I ran into the issue of hardcoded paths. If the
> directory it points to is not world writable then you've limited the
> users who can run the postgres server. Which is an unnecessary
> restriction imho).

For Debian, the reason is :

Description: Put server Unix sockets into /var/run/postgresql/ by default
Forwarded: No, Debian specific configuration with postgresql-common

Using /tmp for sockets allows everyone to spoof a PostgreSQL server. Thus use
/var/run/postgresql/ for "system" clusters which run as 'postgres' (user
clusters will still use /tmp). Since system cluster are by far the common case,
set it as default.

Cédric Villemain +33 (0)6 20 30 22 52
PostgreSQL: Support 24x7 - Développement, Expertise et Formation

In response to

pgsql-hackers by date

Next:From: Fujii MasaoDate: 2011-10-31 07:38:33
Subject: Re: unite recovery.conf and postgresql.conf
Previous:From: Jun IshidukaDate: 2011-10-31 04:11:19
Subject: Re: Online base backup from the hot-standby

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group