From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
---|---|
To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Satoshi Nagayasu <snaga(at)uptime(dot)jp>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Michael Paquier <mpaquier(at)vmware(dot)com> |
Subject: | Re: pg_rewind in contrib |
Date: | 2015-03-09 14:02:46 |
Message-ID: | 54FDA806.6080906@iki.fi |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 01/19/2015 07:38 AM, Michael Paquier wrote:
> Looking at the set of TAP tests, I think that those lines open again
> the door of CVE-2014-0067 (vulnerability with make check) on Windows:
> # Initialize master, data checksums are mandatory
> remove_tree($test_master_datadir);
> system_or_bail("initdb -N -A trust -D $test_master_datadir
>>> $log_path");
> IMO we should use standard_initdb in TestLib.pm instead as pg_regress
> --config-auth would be used for SSPI. standard_initdb should be
> extended a bit as well to be able to pass a path to logs with
> /dev/null as default. TAP tests do not run on Windows, still I think
> that it would be better to cover any eventuality in this area before
> we forget. Already mentioned by Peter, but I think as well that the
> new additions to TAP should be a separate patch.
Agreed, fixed to use standard_initdb. .
> Random thought (not related to this patch), have a new option in
> initdb doing this legwork:
> + # Accept replication connections on master
> + append_to_file("$test_master_datadir/pg_hba.conf", qq(
> +local replication all trust
> +host replication all 127.0.0.1/32 trust
> +host replication all ::1/128 trust
> +));
Yeah, that would be good. Perhaps as part of the pg_regress
--config-auth. If it's an initdb, then it might make sense to have the
same option to set wal_level=hot_standby, and max_wal_senders, so that
the cluster is immediately ready for replication. But that's a different
topic, I'm going to just leave it as it is in this pg_rewind patch.
Attached is a new patch version, fixing all the little things you
listed. I believe this is pretty much ready for commit. I'm going to
read it through myself one more time before committing, but I don't have
anything mind now that needs fixing anymore. I just pushed the change to
split dbcommands.h into dbcommands.h and dbcommands_xlog.h, as that
seems like a nice-to-have anyway.
- Heikki
Attachment | Content-Type | Size |
---|---|---|
pg_rewind-bin-7.patch.gz | application/gzip | 29.9 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Heikki Linnakangas | 2015-03-09 14:09:00 | Re: pg_trgm Memory Allocation logic |
Previous Message | Alvaro Herrera | 2015-03-09 13:47:00 | Re: Enforce creation of destination folders for source files in pg_regress (Was: pg_regress writes into source tree) |