Re: How to change the pgsql source code and build it??

On Thu, Jun 12, 2014 at 10:59 PM, Kyotaro HORIGUCHI <
horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp> wrote:

> Hi,
>
> > I need to port pgsql onto a controller which doesn't have a framework of
> > creating multiple users for administrative purposes. The entire
> controller
> > is managed by a single root user and that is the reason I am trying to
> > change the pgsql initdb behavior. Do you think of any other better
> > alternative?
>
> The reason you didn't see initdb completed is that it execs
> postgres on the way.
>
> As you know, it is strongly discourged on ordinary environment,
> but that framework sounds to be a single-user environment like
> what MS-DOS was, where any security risk comes from the
> characterisc is acceptable.
>
> I could see initdb and postgres operating as root for the moment
> (which means any possible side-effect is not checked) by making
> changes at four point in the whole postgresql source
> tree. Perhaps only two of them are needed for your wish.
>
> postgresql $ find . -type f -print | xargs grep -nH 'geteuid() == 0'
> ./src/backend/main/main.c:377: if (geteuid() == 0)
> ./src/bin/pg_ctl/pg_ctl.c:2121: if (geteuid() == 0)
> ./src/bin/initdb/initdb.c:778: if (geteuid() == 0)
> /* 0 is root's uid */
> ./src/bin/pg_resetxlog/pg_resetxlog.c:250: if (geteuid() == 0)
>
> Try replacing these conditions with "(0 && geteuid() == 0)" and
> you would see it run as root.
>
>
Maybe a compile option like '--enable-run-as-root' could be added to allow
it without the need of change the source code.

Regards,

--
Fabrízio de Royes Mello
Consultoria/Coaching PostgreSQL
>> Timbira: http://www.timbira.com.br
>> Blog sobre TI: http://fabriziomello.blogspot.com
>> Perfil Linkedin: http://br.linkedin.com/in/fabriziomello
>> Twitter: http://twitter.com/fabriziomello