Quick Links

Re: pgsql: Support "postgres -C" with runtime-computed GUCs

From:	Andres Freund <andres(at)anarazel(dot)de>
To:	Michael Paquier <michael(at)paquier(dot)xyz>
Cc:	pgsql-committers(at)lists(dot)postgresql(dot)org
Subject:	Re: pgsql: Support "postgres -C" with runtime-computed GUCs
Date:	2021-09-21 03:20:40
Message-ID:	20210921032040.lyl4lcax37aedx2x@alap3.anarazel.de
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-committers

Hi,

On 2021-09-16 02:05:02 +0000, Michael Paquier wrote:
> Some TAP tests are added to provide some coverage here, using
> data_checksums in the tests of pg_checksums.

I just rebased my AIO branch ontop of this, and promptly got a CI
failure. Which appears to be unrelated to AIO. The CI system that we use
runs the scripts in a privileged account. Which normally is fine, because
pg_ctl drops permissions. However, the new test here doesn't.

See e.g. here https://cirrus-ci.com/task/6455395922214912?logs=bincheck#L27

# Running: postgres -D c:/cirrus/src/bin/pg_checksums/tmp_check/t_002_actions_node_checksum_data/pgdata -C data_checksums
not ok 22 - data_checksums=on is reported on an offline cluster status (got 1 vs expected 0)

# Failed test 'data_checksums=on is reported on an offline cluster status (got 1 vs expected 0)'
# at t/002_actions.pl line 189.
not ok 23 - data_checksums=on is reported on an offline cluster stdout /(?^:^on$)/

# Failed test 'data_checksums=on is reported on an offline cluster stdout /(?^:^on$)/'
# at t/002_actions.pl line 189.
# ''
# doesn't match '(?^:^on$)'
not ok 24 - data_checksums=on is reported on an offline cluster stderr /(?^:database system is shut down)/

# Failed test 'data_checksums=on is reported on an offline cluster stderr /(?^:database system is shut down)/'
# at t/002_actions.pl line 189.
# 'Execution of PostgreSQL by a user with administrative permissions is not
# permitted.
# The server must be started under an unprivileged user ID to prevent
# possible system security compromises. See the documentation for
# more information on how to properly start the server.
# '
# doesn't match '(?^:database system is shut down)'
### Starting node "node_checksum"

So the problem is that -C data_checksums requires permissions to be dropped,
but the way it's invoked here that's not guaranteed... And I don't think we
should remove that requirement, given that we're actually doing stuff to the
lock file...

Greetings,

Andres Freund

In response to

pgsql: Support "postgres -C" with runtime-computed GUCs at 2021-09-16 02:05:02 from Michael Paquier

Responses

Re: pgsql: Support "postgres -C" with runtime-computed GUCs at 2021-09-21 03:47:24 from Michael Paquier

Browse pgsql-committers by date

	From	Date	Subject
Next Message	Michael Paquier	2021-09-21 03:47:24	Re: pgsql: Support "postgres -C" with runtime-computed GUCs
Previous Message	Michael Paquier	2021-09-21 01:35:00	pgsql: Introduce GUC shared_memory_size_in_huge_pages