Re: abort()/segfault when starting postgres in inaccessible CWD

On 2013-10-03 19:07:37 +0200, Tom Lane wrote:
> Andres Freund <andres(at)2ndquadrant(dot)com> writes:
> > Starting postgres with a CWD that's not readable will trigger an Assert
> > and if those are disabled it presumably will segfault.
>
> Yeah, we've discussed that before. I'm not sure it's worth fixing,
> or that it could be counted on to stay fixed even if we removed the
> current source(s) of trouble.
>
> There's a bigger problem with the scenario you show, which is that the
> postmaster is started with root's environment variables not postgres'.
> That's likely to lead to assorted surprises that we can't really do
> anything about, even if we fixed the CWD issue. So I'm inclined to think
> this scenario is a "don't do that".

I have no problem not supporting the scenario of an inaccessible CWD -
I'd just like to have a better error message than a segfault...

> Having said that, though, it seems like a bad idea to be calling
> set_pglocale_pgservice() before palloc is functional. It's not at all
> obvious that that function can't be allowed to use palloc.

Yes, and it seems hard to control - as proven here - that it doesn't
make any calls to functions using palloc() in some edge cases.

Greetings,

Andres Freund

--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services