| From: | Luca Ferrari <fluca1978(at)infinito(dot)it> |
|---|---|
| To: | "Birchall, Austen" <austen(dot)birchall(at)metoffice(dot)gov(dot)uk> |
| Cc: | "pgsql-novice(at)postgresql(dot)org" <pgsql-novice(at)postgresql(dot)org> |
| Subject: | Re: sudo/access to the postres OS user |
| Date: | 2013-08-19 08:43:38 |
| Message-ID: | CAKoxK+5N4mrRRvLmd_=hv=T=b906Cf1V=1YZ7eQJwE-brX=JBQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
On Fri, Aug 16, 2013 at 5:01 PM, Birchall, Austen
<austen(dot)birchall(at)metoffice(dot)gov(dot)uk> wrote:
> However for a 24/7 WAL mode database would I need access to the contents of
> the pg_xlog directory?
>
>
>
> Also it I need to do a PITR wouldn’t I need rw access to just about
> everything?
>
Well, the recovery is performed by PostgreSQL itself, so the short
answer is no. You need access to the recovery.conf file and, to some
extent, to the wal archiving space for cleanup and maintenance.
Now it should be interesting to know what you are allowed to do,
because if you have access only to "psql" executable via sudo then
you'll not be able to do a pitr (you need to control the cluster). If
you have the capability to launch a text editor (e.g., Emacs) you
could be able to run a shell (or a shell command) from within that.
If protection is the aim then the cluster has to be carefully set up
(with directory and permissions splitted) so that you can have access
to the objects you need.
Luca
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Athanasios Kostopoulos | 2013-08-19 08:46:18 | Re: sudo/access to the postres OS user |
| Previous Message | Athanasios Kostopoulos | 2013-08-18 19:18:40 | Re: parsing pg_dump -l output |